last executing test programs: 5m17.457914457s ago: executing program 2 (id=1070): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x4, 0x5}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc) 5m17.457765227s ago: executing program 2 (id=1071): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) 5m17.207708389s ago: executing program 2 (id=1074): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000200)=0x1, 0x12) 5m17.207454442s ago: executing program 2 (id=1075): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000280)='./file0\x00', 0x0, 0x97801, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x112) 5m17.127461325s ago: executing program 2 (id=1077): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x560}]}) 5m16.605806681s ago: executing program 2 (id=1097): io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1a1}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x3) close(0x3) 5m16.565086614s ago: executing program 32 (id=1097): io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1a1}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x3) close(0x3) 5m10.664318282s ago: executing program 3 (id=1256): r0 = mq_open(&(0x7f0000000000)='e_1\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000040000000, 0x4, 0x4, 0x9}) r1 = epoll_create(0x1e) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x10000000}) mq_timedsend(r0, 0x0, 0x0, 0x5, 0x0) 5m10.607382976s ago: executing program 3 (id=1258): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000002000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x4001}, 0x8014) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}, 0x1, 0x0, 0x0, 0xf5}, 0x0) 5m10.557585312s ago: executing program 3 (id=1261): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}, 0xfffffffc}, [@mark={0xc, 0x15, {0x35075a, 0x81}}]}, 0xc4}}, 0x2c000010) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}}}, 0xb8}}, 0x0) 5m10.505937541s ago: executing program 3 (id=1262): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 5m10.50491019s ago: executing program 3 (id=1263): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 5m10.191257594s ago: executing program 3 (id=1271): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000000c0)={@hyper}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000040)={&(0x7f0000000340)={{@hyper, 0x80}, {@any, 0x1}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f303000000a640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411da80e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e6579c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418}) 5m10.132074067s ago: executing program 33 (id=1271): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000000c0)={@hyper}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000040)={&(0x7f0000000340)={{@hyper, 0x80}, {@any, 0x1}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f303000000a640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411da80e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e6579c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418}) 5m5.509888849s ago: executing program 5 (id=1374): io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xb, 0x3d3}) r0 = io_uring_setup(0x4dc2, &(0x7f0000000400)={0x0, 0x34cd, 0x100, 0x0, 0x1}) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f00000003c0)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x18, &(0x7f0000000000), 0x1) 5m5.446072793s ago: executing program 5 (id=1375): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000340)={r0, r0, 0x8, 0x0, 0x0, 0x82, 0xb7, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'}) 5m5.445695287s ago: executing program 5 (id=1377): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x20083, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)={0x1, 0x0, [{0x40000000}]}) 5m5.345049985s ago: executing program 5 (id=1379): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 5m5.26763581s ago: executing program 5 (id=1380): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000001540)=[{{&(0x7f0000000280)={0x2, 0x4e22, @private=0xa010101}, 0x10, &(0x7f0000001140)=[{&(0x7f0000000200)="9c", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000300)="99", 0x1}], 0x1}}], 0x2, 0x48000) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f0000000000)=0x8) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000500)={r1, 0x3ff}, 0x8) 5m3.876141373s ago: executing program 5 (id=1400): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000180)={0x1, 0x0, [{0x40000022, 0x0, 0x8}]}) 5m3.80559357s ago: executing program 34 (id=1400): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000180)={0x1, 0x0, [{0x40000022, 0x0, 0x8}]}) 4m19.886655903s ago: executing program 6 (id=2188): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000280)="38c8114fa3db529ed03bcef701000010008e04927d241dea6eff7487527450271f02000000f4f33ddcdcbb7fd642d78b34841e80399d5c524968034f8fd54002e9d7258c175a7811b9fa524816b32da66a1df27b6d42ab468dd238c0743f5ab4d15d229f69bf6286cd52e4a00061b588ef48c23921b33ca5a516812b0cd0e2ea3f5f0deaaba8bf8e9531430d7821e95fa9106c46753fd2e4688cee3ab101a1", 0x9f}, {&(0x7f00000001c0)="87", 0x1}], 0x2) 4m19.79322978s ago: executing program 6 (id=2189): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x3, 0x0, 0x0, 0x0, 0x14}, @ipv4=@generic={{0x6, 0x4, 0x1, 0x2b, 0xfc0, 0x68, 0x0, 0x60, 0x6c, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@timestamp={0x44, 0x4, 0xf0, 0x0, 0x1}]}}, "11f3305280f125e6e11a9314b296b53b5d25867c0a8c27b6478984da4eb57d56be4ee0efb45c215a64d718cb6f639e60026f3fcd218590d2fd47a1803f67d8c3c5ebe25ed9991203e04d3bdc1e70ef759d8f6ca8744bd9d672c1c9368faa9f538c1e6d3f741c022ddc02e6d3e1881c4ebf6d62df9fc11edf041909cea12539f7b05232c1cd9a748ff7e4a6b7ce7420bab33b3ce6da2742316d128730875e8c1d068a59aef9030e56546effdf83fe2b6fcadf2a73552e77d9cfdb452639cae6aa8f5c7aba74516be0a290f60c30c51e8de293376c07b999d87ac564e47f21f28fda4d277beb21a78ab228bfa2b84461fc73b9a82c9ac29bf066fa44f3f676ef64edab4c6dcaa57c48c0065817b0cbf3263361e93334a400fd74ae663ccc959da070390c833a3dc9381a771d719ae9417cd07b43c30e6a10ae8a59c4fd0a9004cc3f9cb772a64d240d7a0d0dac57f4d7978a304adf48f94ce0b7d6a2dff5d3ff8738a81daad9df5b8d6f361e7032c0d2cc84c73a7a2f07a35b1b26966bb08fe07ecb2438006de2d9ff9b9ca0b94bc44c858e785a261bbfbf5f6cfa78b017d671ee8180312522c8031744591711d0517fb8b120e27fb7752f0a0e85bbf1e7059aa2711bf2355fe98e3df0d7cece9741623e2fa492af8287e0fa75daea5725e0519e70aba398c00ae69c572e327755ba2fa81dc47bdcd4e5b722e0ecc8f92f4cd821d575f5f8421dc2e2994621d17da042fd59a2c3ee0ba998a771e066fcf3646007ef3c731edb9472baaa6a5722b09aa6a4da93d855fee7bc2a4db816880160449c576ed46b4ca1e299595f0116946b841308bbd9c2d8e82ce9bcd9173476523bfa8abb82cbd16ddf2efb4aeb5476ab0f5dadbe2528360195a317f3106d25b016901b65b6eed65062083234f205cf4fefe2ee0af15a86feb5d7473d1cdf202387127171d633c02dc39faca7d69721074c0e7eee28a671fb9e75d80d8fa6bc70a50bd71f60569cb9a30b0cf5599c790353590fd3fb91f77ec89257faa66ff3d13913906166604af616d8de1b92b9cc459a05daad927ebf023c53afdf5ebad5e1d73632777374dfe33b0b90e0cc4cf85bbba301ffe94b26b9f792bdde6d5a9c644bd15ad45c373f768a3a3868ed96c112f2429a27a97bd7756cec800e4ed644a22a81f1010ec376a5726e530d5bcecc635db756ff9a6e2ee89248949d52f88c84cf71be5428a4675430ecef15f1c8ff6a786e5b74eeb76fd26b53dd6287b8e9134b8096b9425f650039af1b3465ab57662ce70c5e29c559e6ffed62f731fd95d31c2f7fa57d98a8aa0b30e454ea73d4f8ba1242bb511e2d0d0e7a764f87cc6b208f85b79b980285cd890dacf77dc2668e3c2ad211998f5e3f15be32a3600a2c59821e7e48d46974d17d642ff7b3f1334057c88bea888120095582d257ccaa903d341c850bd2b446c31980acc6f02f0c559a895614f62aea0eee4a904bd1b35193fd2cbff4354834b5f7e8698bad049cfea27a76ec83dfbe2071ff1523bf127713b062ee3ebf6986bd12c31ab386a490734a47466cdde3a82dc7535b1b068a1aa585322c4bf8dd8cf0ca2b8eb56fcf98cf8129148142344d00fca2cd5611e42c607168abcf92c94be28c15be3485375290b825136e0f4047212a866831bc670b9b038355e0c976673b80584c640ec6681ae724ea58685581d493c809fc8861c60ff245cdc486228b0c3c0ac562a3fd777b7d3d43dcc4cf031b70a101bc64a3727d1f5890890070dfc14847f225a82f5a1b3c702970a25a672aa8c4a24bd7d414bb52c839611e48afe3a9022aa9eeedb2dc4cb20aaeb244b0e438f28d3c6cac9fb16171a8b66b93e48d1afb3feae84bb6a4ed0d00ba862dc6fd474fe210faa0d6d51132dcdc4dcdd5d4f94f1ba7dc8b5712188b0f80bd7f6cc211c1a2796d5c8568a97dbfb9e1bcc6e43858342767ffe5d648873215971e968382870afb0f0b33e3a0dbfe70b982abd73b340abaedd3f71ea30c90544b6a3fb8ce0c240d0bc9da7c12a927223185e5ba907d93c30089ca68525983f04ff85ef98314f69e5c9b4a388ca67813fcd0a9b2c083defac488cb3f7e4ebabc7bf6f4f7601a6c4c1a8d10c2fb13f6863c29cf3dcb8bd56768bb0a9e642bb6b94e5957deaeab3e24223e03764bbb16a7084a05735a8d188cbfabcccfce95848a804b56bd5e2051b1755a0e4262044ea2b037113af2e4e90bfed33bdcdc33824245cad3f94c4c9ea0f414a539c36b55d423fbfe4461774696012ee12e9d9c1d645d6dd72b57cca7e8526cc98b2f9e97e23503428642bd8793a87ab120f20092b6e4cbcbb52ec9a406dbb893e303077b675ecbd48e6bec13b700ab09d55e17c8815077a31cd75057c9cd65e7a881924a50bed228517be9c0abb19c3d24c458160405dab3ad0deb989a4e1b2e509b7fa57bcddbe8292512c9656df46acc62a028bb484ad0a6548ed9efdff0e83ca82a1d4c86c7d8810d1e4ff1846d1dc8e80f8206c6834bf9c433bc92ce73560d22ba0c8030b694d737fa0f4deb8b59ea9a35147efc891e993b6489a1ed86bbbf159c590bad0b5892c72383f5afedd58b7fa5e11271b35381dbf4a14daf70505b346cbd83b3258b1b413f7247d04e30e1a9eddbf82e8a25a70903c21e6a16ea34f6d7fe3cad0d51812e827596d50549153e394c4926e5e87b78d0faf440472c12929bb7fd49c959e5b06eb48c51915d80f003c2019525c91bdd4efc0e58d7811b083af3164f254c9c6cf3f8345525770033901308d02a9439131e632d073705e7a28312f8c1ccbeec064113009a34f177d7cd953c9a635f6bb12f0ed871a1d80ba86011e13df3220bda5e49c7c3d70f8c49397f69b7c57fa78d312c5abb5eea30720f31b38cac3ddc7758f7bd1c99dca967a5aa5c788faf18eb2d996be835c3e5901349104ea63bdf1c195f4d29b8c63a0dcf58d501a102b8ac34709e82c0b0d19f762b1d3c40f01e0cb05b0909b90fb587ea260cdc0a043ac67f649486d3c57b9dbf94e44334fd8034218f82c937e6b8c97b627e8803cab0a27f33ebf0e447ab198cdbfc81371fdb6061dcf8c87c24084614ddfdc71cc2a5324e0ea9a1f7cb21ec46d7e5fd936a2a9224e5fe3c39051eb7269f51832751a36814db4aa01eb1a79eca73480c12b1d7f79bb20ba7b957f7e8343af7c38c81edb6aa48eeb82e17f47f5335f4086ef2cb57c4e70e847a77362271e16158e010f95c3227162caa7f911e94893d3bdf17fb914dddddf7f982ae898914378e3f5a4bc810f246d84ae977290d20773761b8d52bb493076052022586b8ce915b1f4c8f6ef6093e3e12f56e642b1cde9dda220fd7fb26f40ba08899e0217cf2a0883ab552c9432a7d60c6316f936b57c271e13b35d5cc4f20dfbe5fb1b13e916e62cd39e5bec37d0885f6fb5523860f8ae09592d32574e3d9c570c651fa9f4db0d4b9fbd002af8b6919d7587504989123533804e4a496def7d1d9740ec83e0670233a732d55425014276efcf6b6634c5ed5a97f25deaab14fe934efe0eb13992ef48e29a7f190f253d3cce9929f3183c01c72315b6a36998016af08f84155ca1ad18acf1a54d23fe605957f7016873187a47d7ded54667d3ba4aab222319c5968d0192a1af47be415fce025329b81d5034d2c608ddb108d7acac2c145bf4abadb97cc6a05398c04a8385dab86979a0c857d2b27eeb7bdcd154e9f3ea7e394d3a41d81b0410356e252f5d0fba812d5099ede64b20d4a865fc359092ed619f0e3e6728acc69ce41b585e3c54f73fac28c38aa41ea53440cec35cebf03caaef987b18d9942c644c3f6a389970f3d7d18db8ea1f2c5ab2c0bb84478ce5e439c10749b278dfe8348391cb2bd4c7634a3ac813a6ea36f95bdd80c87fae037775834eb5029854cfe59c99a9597944e7cbce895d14ed0ee8b84ea586e77dc12fe709cf9a083c2a4806913d8914b379b4ecf27525e84fc1df3ff520f79ec244da60f680b59d848e591c89f069cec4b497d9579a86c19a710c5cc00239d6cf3c8596c924561843ae20ad5cac9bc92bf42157ab35329cd62242fec48117f1f6f801c68f9f3ec9677875916ceea7795dfbdd23121cfb3bb1813fe1ee14ddbd5a45985bc496449f82a2cc200905eaaadd1333bf79128459f47b580fdd5a10787094b08418c1dac843ab0e15d824aff2b3d242fe78d9762d39c713ded38cf972c227831ba6fb963c956458eef5689180baa3ef2aef3d3e57c63c2d4509759fb711dfe2772341ae308a7892e583be0917ef5355bfe68becce5bc5971733ca260055ee6481c0998698a49a1f03a0f537145d051179601c04cd887a64917480ba96ac046638dd6977599f72a7235506737e7e81a03095cc7e102586ec33b79eff0d1dc2b34912fa89dfb434f0256be53f6695685688af05361d3b6954d416f4be06b9ab7846a44ce25b39c7c79012b2f16159fdf96a3998098691364dbbf930a8e224701ee6f8b899fcde632077a03f649bcfad6f506924db17558b708d38d0b286d6f16f286b26cbf11094def0d017eda65328fe2a24d129bd7ac28679f2a98999e6ae508c3bb31b4e384de7593cf8ac46727cb8a07c30d97c87b638f154e1ae2223a8158e292d9467049cd9115051d3dc0c090f9e9ff6cc425f2fbcd3a4471af5182c0e45485194b6627839d356adf2cf7159b6360f7983a5c50f5cdfcf253cc40a413ed280b9ce7d9d70bef8233fbc8f6e0f5e9100f110519088ce84b41d861171f607338f5acf0664f56c88dd50e86851f59e81c2601f66ee9ced3ecae2dcbd37c55f6058390d6237837ff601900971806e987abbca25221d08f7ccb11a41b3a6246efffaff359e04fa52d7ac630f7d96bc5976817f8a347ddacfe079da0633d855343884bf4d2eb58638cd29d499de7af8490a6d9db3922363839371e819e49e54ef7dc953aa8125e053e3689a22d785c3c1729936eedccf682fd56e0aa6069c1ac88d46b0c06c1f43e631f74f9c8b4557678e90ad7788d25caca67b70da4470cc8d28606acf1fed5d4585085449ced76b1a871ebe8ede8d86570d505010c4f6f4656d2195b6190a1dfe423860b5f767f96c1e0fbf1194b9cab5c87dc2f6ce5f408681e2af319ada237e4232cd356574d7a5edbf7c292acc0c0ca04303614e46b6875f2b58f8b400fda08e24020739c2493ecf7c5d0695ecac14e486bc36a575e6a765d43313c4a4c43c5cc32488c045466504cc690f6b14f12e0a669b701d305a056c610b5f3e696e002bd5b940abac2edde34dbadc88881a5a5fc1d7db4389f33eed574ff8ed69eaf3a656635963e297cf2915c2da4bc7739c5d24017c4757a4aaca2b3323bd4fefefc004d2a675a40b7b31a221d825f79fc12f12b9d6637ca48fc2b55c9e982db14d8cce59172d7d7ee6a1f98a2839d263d7382e81ee306d27e7463a3a0cc71c74df84060ca69331afa4e19e0b124ddf430f4323e682d99f7d77854ba416162182dc161a41af02c75eef1688bef190ca86f712994db24d81831cfe4f54229ba2f5df634e45c2d2980cec96d8aefecdb35dcd7fb360c6117af12bcf894ada94069ba44814334ba4b4d487a866e484b45d7348e07a49460ab64c89f45f8b6f74507179fb6b5f03c202dedbc7cc70723ddb56accb1"}}, 0xfce) 4m19.643110091s ago: executing program 6 (id=2190): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1000, 0x1}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x2, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death={0x400c630e}], 0x0, 0x0, 0x0}) 4m19.546785338s ago: executing program 6 (id=2191): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x110) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240), 0x50, 0x0) 4m19.522050675s ago: executing program 6 (id=2193): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=5']) r0 = open(&(0x7f0000000240)='./file0\x00', 0x606701, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000280)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000)={'#! ', './file0'}, 0xfffffd9d) 4m19.326455232s ago: executing program 6 (id=2194): r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x300000f, 0x12, r0, 0x0) mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x0) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) 4m19.252882821s ago: executing program 35 (id=2194): r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x300000f, 0x12, r0, 0x0) mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x0) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) 1m52.834673482s ago: executing program 0 (id=5397): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00001700000000001c0037800b0001006970768a616e08000c0002"], 0x44}, 0x1, 0x0, 0x0, 0x4008010}, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0) 1m52.834375531s ago: executing program 0 (id=5398): r0 = syz_io_uring_setup(0x2b06, &(0x7f0000000040), &(0x7f0000ffd000), &(0x7f0000ffe000)) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000000380)={0x90, 0x0, 0x0, {0x1, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, {0x0, 0x0, 0x3, 0xffffffff, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x90) io_uring_register$IORING_REGISTER_FILES(r0, 0x14, &(0x7f00000003c0), 0x2) r1 = syz_io_uring_setup(0x1ec5, &(0x7f0000000080)={0x0, 0x6a5f, 0x0, 0x1, 0x368}, &(0x7f0000000540), &(0x7f0000000440)) io_uring_register$IORING_UNREGISTER_RING_FDS(r1, 0x15, &(0x7f00000034c0)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1) 1m52.754315974s ago: executing program 0 (id=5399): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000280)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0xee01, &(0x7f00000000c0)={0x9c1, 0x1, 0x2000200000a95c, 0x9, 0x4000000201, 0x24c, 0x0, 0xfffffffffffffffc, 0x1}) 1m52.74877187s ago: executing program 0 (id=5401): r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x88) r2 = openat$cgroup_int(r1, &(0x7f00000002c0)='cgroup.max.depth\x00', 0x2, 0x0) sendfile(r2, r2, 0x0, 0x10000a006) 1m52.679093019s ago: executing program 0 (id=5404): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0xfffd, 0x0, @mcast1, 0x2}, 0x1c) r1 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000280)={@ipv4={'\x00', '\xff\xff', @broadcast}, r2}, 0x14) 1m52.615699002s ago: executing program 0 (id=5406): r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x84200) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) ioctl$NBD_DO_IT(r0, 0xab03) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) 1m37.569935434s ago: executing program 36 (id=5406): r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x84200) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) ioctl$NBD_DO_IT(r0, 0xab03) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) 2.757373153s ago: executing program 1 (id=7667): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x8, 0x0, &(0x7f0000000140)=[@acquire], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000002c0)={0x8, 0x0, &(0x7f0000000180)=[@decrefs], 0x0, 0x0, 0x0}) 2.668838717s ago: executing program 1 (id=7670): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='mpol=interleave,mpol=local']) open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x101042, 0x1) 2.666261964s ago: executing program 1 (id=7671): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)="98ac3c6741a40ce1997f49fba70d946a07f2178b8bc77dc9339505c7", 0x1c}, {&(0x7f0000000140)="f3e41672c645e11018dc0400000000000000a4c47b311e714b5aab5a85ab5f", 0x1f}, {&(0x7f00000002c0)="390ea240d45db5fcbed46fe54ba61b38faa36d565c3ed3685df9f01173ce90c93393750e9e37617c255ddb6d56", 0x2d}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2, 0x0, 0x0, 0xf5000000}, 0x0) 2.595807583s ago: executing program 1 (id=7674): r0 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r1}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0) 2.402569485s ago: executing program 1 (id=7684): mremap(&(0x7f0000041000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00004c3000/0x2000)=nil) r0 = socket$kcm(0x29, 0x2, 0x0) write$cgroup_pressure(r0, &(0x7f0000000140)={'full'}, 0xfffffdef) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x20000818) sendmmsg$inet(r0, &(0x7f0000003600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000001) setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000340), 0x4) 2.233288409s ago: executing program 1 (id=7688): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000780)={0x34, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x20, 0x1, 0x1, 0x1}, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x44, &(0x7f0000000300)={0x20, 0x10, 0x2, "57d2"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x4001000000) ioctl$EVIOCGMASK(r1, 0x5b03, 0x0) 1.29470669s ago: executing program 8 (id=7711): prctl$PR_SET_SECUREBITS(0x1c, 0x25) setresuid(0xee01, 0xee00, 0x0) r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2) fcntl$setlease(r0, 0x400, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) fcntl$setlease(r0, 0x400, 0x2) 1.202164676s ago: executing program 8 (id=7714): r0 = io_uring_setup(0x33cd, &(0x7f0000000180)={0x0, 0x0, 0x10, 0x8000001}) r1 = socket(0x2b, 0x1, 0x1) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c) setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000080)=0x1, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00'}) close_range(r0, r1, 0x0) 1.198940509s ago: executing program 4 (id=7716): r0 = socket$inet_udp(0x2, 0x2, 0x0) close(0x3) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000005c0)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58) accept4(r1, 0x0, 0x0, 0x0) setsockopt$inet_int(r0, 0x0, 0x32, 0x0, 0x0) 1.134373779s ago: executing program 4 (id=7718): r0 = syz_io_uring_setup(0x3a65, &(0x7f0000000700)={0x0, 0xa011, 0x10100, 0x0, 0xffffffff}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB=';'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x2a, 0x0, r3, 0x0, 0x0, 0x0, 0x12001, 0x1}) io_uring_enter(r0, 0x5d62, 0x0, 0x0, 0x0, 0x0) 1.124547725s ago: executing program 4 (id=7719): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000300)=0x100001, 0x4) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000000)={0x2, 0x2, 0xcb, 0x800}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000000)=0xa) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x5, @rand_addr=' \x01\x00', 0x4001}, 0x1c) 1.05306643s ago: executing program 4 (id=7720): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000e40)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="210f00000000000000002000000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x44000) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r0) 1.051240649s ago: executing program 7 (id=7722): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @rand_addr, 0xfffffffd}, 0x1c) listen(r0, 0x3) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b4560a067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a09000000ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1) 1.050927907s ago: executing program 4 (id=7723): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) close(0x3) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) syz_usb_disconnect(r0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') 1.000485721s ago: executing program 7 (id=7724): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff1e, 0xffffffff, 0x4, 0x16, "001bf100eeff0000a2c2000100000000002000"}) pselect6(0x40, &(0x7f0000000040)={0xc}, 0x0, 0x0, 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0x8) r1 = syz_open_pts(r0, 0x101) ioctl$TCXONC(r1, 0x540a, 0x0) 934.010183ms ago: executing program 8 (id=7725): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) shutdown(r0, 0x1) sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4008094}, 0x0) 933.842602ms ago: executing program 7 (id=7726): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000000209000200737997310000000008000a40fffffffc14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000020000000000000000000100000a3c000000090a010400000000000000000a0000040900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 933.520219ms ago: executing program 8 (id=7727): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99bfa0018", 0x5) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f00000012c0)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000001300)="fcec65c848b5948f82dee49c7765d567ec657d710d018b973a4d924419a355cb194a8002bd4198786f6e4207699fe5f7cdad1b9facbbad2b075671884d24001b5c0ba1fefc6c01dcf03ecefbd5c2c8f6407fbddd4263bc5323cde368c55557f1e823886b6abadb7c6b7942245b2a5697865220b61fbbd8", 0x77}, {&(0x7f0000001080)="e2007624a465836435a7b1db43480bedc1c8100bb2fe7bb0b2ef2444500c8cc28ababf4fadfdc6", 0x27}, {&(0x7f00000010c0)="16bbc226c97348e21dd1b0a4ac544dedab3aeae21a462142db910fe6e14621b5bb44a9d074c9bba6dcb23ff1a22dce0f8199c65288e6d6ba90492f7019dba69c683898f4bc78d28e4fdd31db98068c60fcf5521574661a8d83fcc84f6ae87fe4b875ae503e4cc7f416f1ac8b0ca7a0a6adf6f8a58e232e", 0x77}, {&(0x7f0000001140)="7e905c9d4324c42d794a49c3fff8fe828c24ba11471d0d6c9cbac36b66b6527ce83f187e8ac3a2259ab220ff0a65a21e358e551fd393c162b9e928b3ac2d567a1796b22a6f2fcaa3f10648d01d8af4b1c885876f4067d978932659b5e7eea8ba2687599322e4cc20c8bc52cf0d46cab4d4ff6aefdd4d5b2942f97b8100c70152b188d1145d5042b2bdd58d6f1a434cf66605fbd1b1a7006032ee3aecad7c4ef976c8fdb7e527e1b124921ec742c3248a1a587e5f2102b4c5ed10d5a4b181f094115f4e2b87ad8adf7d5e59ef13900ea7790b", 0xd2}, {&(0x7f0000001380)="522eafc06ce91feb6c8d034f3a40ea3ddfc71f0535c613aed4a411770b52c6592175faa664f71fb91f67af6cb3cdaf08279ade2bbc613996a9cda9eafe2195317abae81b4956f13bc80c4f23932be204fb2f9c7c31553b2b54db15372d4a7de1cf0872fea872f102949bbc508e8eb1f4357432cea07a4bd012c4575a6acad0300b0bedd9b95d0632384a7dd589ca49f2078ff2a0b4ff05e1a370d8e099a3e84f29843d1c61dbdd9d677d1109a7a491fd1a1d6e05e3b9c4b8ba00c8b9e8c9ef9dbcb406d2def70df9fd966dc18ca2928d0f001babf1dbeb0a21e4a9d2e0bba43f3275d436bac113fb0f2b2df7b403e8091fd53311bea948b7602ed0c31b01f0ba0cb8bdb0518196567490131867715f09e1203d305a333ca8d1434793996ab104188663873dcdbacf26a63360543c2e5f5fadd5f69cb70c931f39f532697b1c19f0a77f97a16bb277e370c2bfdbabaca1d91a61951241fb805ff7b907f511bc3fa23e5361a9aaa084ee54d314bab96f37f31726806b452cb46dfb520fcd76cdca73bf37d4f43a2d6bd01c29fa78a058254fde9eaf3c73472ee5e477d34fa160fb1d76bebc43a5054eb2c1fbcd91612870bf6aeb1795f40236524f6bb9c3ce2cea903c023b25ac761788c747936ebcc8598d9a0162fc20f1897bfe5e6e143d2b64a16d515d5dafb078793c27f5c946c0a011e41cd496ecb04de8bda87bf12bcce5c104fd14c3e23c667fa3f2f44d35596e192dbb71763e926bfb251104ad79d1ad3568cec80fd7919597e5d3563b1275ba60398463746f689e1a008a86a4b207b6a4c530955d39d11a2107c3e63c4241b322e5b3565c831586e41f25f42d425fffd088dbcd7f312c670d6347f348e04f9b06c1438827bc587428ffccdf66811390acedbd8a778afe4c1c1d6805dc7c7ff56451eaf4362dd0d6397907281c0ed2d3e037fae8052daf0f3b35070aff31a65c2ab9f3ef127ed15a2ac7f928170e43f8783168938986f696d10f9ffa4874c2615fc20ba2b5707c88dbdf22b25e3fedd3657a73bbbf025229d3f8d4e7395d3032f4940d065c639154e9521cc198b195ea244e017eaf738a18caf9c64f1f8329e602300ae0ce889bf667475ddbbd3dd3162320009a6983388f0268e69da73f06e1ae5013c0a3fbe1b37a40b7b311df52a83035703f24876b78c947f83f8a8cbb268cd7d7ee3fa5f13149f1cadee72cfc4d6cdf9605d7f2da8a17f8388d668c4c40200eb93500bbd9feaa55f6e15ef9e468226a498155e28b7e1b5b60211b95e0723e82e45a41841e1e851150d181f8956f9ce3e88b5fe8a5b447fc39e3d3c9afabee41cd0c2900ad0e07f43cfd1cbb71489b7e1b9c9ab203c0affedbb3e28646360f9eb1d4d8b63b6492241e6c70163e35219797ffdde3db4ca505da9b52b7643db2032aaf2e0731380d4bcb23899a594da9b35051ab62b24415e41fad22c12254540f659773b1aadc6736b3891e4c6eba22046b2f8d449f23beaedbcb98869660b02483fcbb5a0cb38e60d7fadbd2a4a84e00ae716f54745befa23681fad27f638d4c09072cd4d5533572c3e96b56717c2b8aec9bd17b0c70d53be61814419b167a28510c446a5ed5af28fce507373981a8eed6c90d925170e37eab31f3d3b445a1a6cdbef0be80a67fa5e105d3234c85386f184194139e3f2549f88c13c2acb755503a450e756e8ad46cf0662533c87f33c90f4c3d5668bb714fe884de6c57770adf064359f2262bc07bdd4234f517f323cd29295ed7025882fa2afae9f00ba3870c8ccd2daeb914c5ac2ef6a9258a4574acec2fddde176c6d1556ca552ff684079ca362d07cbddc0b0e0d36bb65ba9a86bda3ef1e6a487beb0630fbfee0aecd7d2ea7219f09cd7b03e0603a0b865afbdb24e043ff0e84e0ab624811580b05993c5c060ad401a85dad0b63ce3390bca4b18fcbb97ab6eca04dfcc2e36d943d74ac356bba236c7174b83317a455e757be367ac2ba907cfa603e95c5a3250d18e8d1bcae7ac4ef45cbb19b32bd11467ce47a11e6f1455c364aee77e56c918e4ad95c0f5d57e78545e731f028dfb910101897ec561237e9ff86820cfa56f27273e88decff0f07175412116830477ec2d479e154605c25e4714287209cf9d71567557508286aae7cf5886ad2ccabf37e5fa8877097ebb5d3620110fe9001bf59d1798642b815308bec1e61a9127286c678910222393d14d43c6cdae7c2efbd029bca3838917ca55acedb9f0a73a1113d16cf65142e84047b567280de7cb3f16fc30cff05d40f4a3046912c7786d1abb159af4c8daeb16d8645be42cdb8869055e410b417263e6b249253d60085e02fdb4e60791864f8fec38f2f2293ffb02bec4808e3b9777e159d3088c11690a175cab667e8802d1ece384b356ee71c2c8f90a90a31841812c61ab06cbcb16150c3030b756348aa2fd3f3f51a2318093c2154268b41e8f89a7c95beaeae7ff2018e2cf31cd764b50ca258873891bd9a241a32087620af12511aa68bf0e769256f1c249a9fc48e49bc7e4dbc1bd1625fe06ea036b5f9c1b5a661245d366d0165b53588d80442958ef66c98475e6d4a2ef1dedd3e8370086592303bfffce7b829f7e5d5f5bf986161ef53a8b251d6c9045c921de09ddbf1e15b32be901b1faed525d97cb438b8eb34b2ed619db3a78242db01a235604befef7f2e2a6351cd500374eb4bef6bcd570745a9b4a07e5a07fc84c0dda9cc8e203a0402cb3e931083cd0a3685e8232cc3fc778c9a7ddcea0928e9ac7a63f3c4ee8a02207796f940d1b64fbc4b355b99fc3d93c8b3bafd687e94cee40078b8aace03ce9b4567ad4d3bbd5e2478135c0604a3881776f6fd447422170fa615c5d986de7afbe82439d3c37aab6a9716838806a158ad51f17967cdd5b7fe66fdf7af22e53141c335ed0cf94219f07eb8cea14fd4ed8f61aae04368585828a87166f141a5950dc1ab58c79e91acb3b3561fd7d0648b77a17d861d84b1010c4c2a6bc8c1cc0f6c49301c24a275f8dbf1c5680d73dd972e94bfa11aafb0947eaaf53b7a7101643dda80ff5dbaf4c8a279333883852d04536b963e388f3fc176871628a35ed4ac9f788f4088cea90dc1d7ad0ee0bca43f7f583ebf718c37bf79f991e82901d346a7d22ca95371dbd49b0629af8072a0f8896535d9c6f95747a5a15be973c03ba9b85b0791fdee5fc3a93360f1d10fc702912b758a414debe84b6d81f7167d82b92547ffb714d51598e1c50efd4506a4adb2461d9220f0f0093c13a14707a11867735ebead2ac91d98bb09dc60405a51b92537dd58061536636e160afab79ae951834e10595f3569e7851bc548caa74d48ed95f93c1661c2acdfbc2976cfea217f31029165ef43f3ce25a7eceff9117d4a5c2865027e8382e39812a7bf2ac31a3ebc8ccb2da27f65e51d57af37d108676efd8538ed4a8cabd3a5e0fca440e9175d3f53687ef7628624966c47ae89044e285551c9650a8d2b3b2ba27488ffc218d7fd10735d6e46b2103b2e314ad45db3c0a84586d32b964cdc76d066759f6ff2cf22ecb60229c96e4392950c29407a05e45d59d96199fa731fa152ffee110b14c9cdd0be850e0f57216d3490adba12f40e53a324eac13dbfc21344b9d2ecd008c424483f5e64d740ad54716f3a444435e11b2e5b262cbf98019833c1872f4329edfe8de52b94c3745bdb817310fe5a2201c7794c55cd824c788d9ae19ecea821493012cecd00900c2c44f53fb17c7042cfd0227cf932c5fbf234229e9c12de43bf0d921672fcc19d726251e1490efeb0a99f666c0e95fbd88d8e8ebda079779d7530a8deff8cdb395f87fb00d474a5748ffebcda8503a8639371c1d70f6f5614ba72856eed077f85072df10a82fbdd59466cbdb18e0c1fdb31bb316aabbbd6c2f19a2845e38d205eef55a908eafbcc74463ab92bef92698be4caa8bdaf881527a45cec996130430834f64e61e0abb64a94210c902f1246ced11bfe1cbaaf8e599ce07f4d775b9c115ac83df439458dc8912a59220658bc1ee54fb05ae2fa7feded3c22c059158b824135f9249296f645ba18731726787fabbfc95d78898d80144849c731612ae31b2e3e9c9826a57355d4904ea4efbdf09a4940e53d465395d7b62d8ed0a7c34f5db7fb1183def6639868f7ebea1c8833240b896c4b98e3f84f33f8afbfcc44ffe25da854d78748c7bf8b0a2ae5f4614e88181bb172cfbe9624a6929022cac9f776893a5eb0d021eda171e2d788ed718a631e1ad5b03445151b15d337ea540e7105f8896a693bb42344c076d3168f6f39f403d0524d49d3132ab399a2382251188e2151115747b4d63d7cf62552a4ee5b7e33d66bd660a2c38d48a49569fe75c5560a004c49f017624e01e26653790ea879872b2fb394a9375ceb7ee15c4bcfc6ffb17a5bd99b5d00644b471584595388ab249435e8369eaac0138bd6f92636d0a119f4590a339c828e68eb6db1f39eeaa52f73f76e85f7ad387a1cd0ad09c6fd9eefbbaf20828b8876f2e489b5fd665b51f6eabd98b321205196f5dc177fe0fc8e008dfd7c49f305f917ac45048d4f907870f78af2a6306911f09dd8f7e5846e7acc0e5a62ee3f0166f5c90e8a548fc5e9abacd8fac3af64adae03f94a84ae0efcc56ffb1ebf33f5bfbb7c40468050e6fe9387460be2b35198746854d3a26aa8987cffd126c2ef47a2297073283bcbb5ac00e22820c79dc990af0264135a237463ac25e0eed23dfc0af9055624751e50f7123c6af805c6da53e929274ae1996c97cf313419ae601d7d97a4aad0eeb55babca5a370b62b085a4c038e077b49c5bbda272f51593ece83fe21f1b050b6c05a1bc181014bac1f61e6ee839e50c90af446e6c6731b313c03f62d33ed605c5e5e2ed9f15921b017976b314a4e2cb89e99d87ef0f502eaa67da690a0d028ffe8cbc575d06870ac9074e42dedea62f706abfb60c90b09719863da13e42c7b5d51eb7bbb14ca0b68417b793839ab54da3ed7ce4bc30b7f12747cca49aee15d2b7d21a8632bb9301b78329b86b3c0c8a7f3244a7e75ece53aa72dda29f4d4834f0f3c1b32d71", 0xe0e}], 0x5, &(0x7f0000001280)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10, 0x4000000}], 0x1, 0x0) recvfrom$inet(r1, &(0x7f0000000000)=""/4084, 0xff4, 0x2102, 0x0, 0x0) 884.704315ms ago: executing program 8 (id=7728): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xfffffffffffffeea) r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000140)) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0684113, &(0x7f0000000380)={0x1, 0x5, 0x0, 0x1003, 0x8000, 0x0, 0xff, 0x5, 0x0, 0x6, 0x800001, 0x2}) 884.582436ms ago: executing program 7 (id=7729): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSMRU1(r1, 0x40047452, &(0x7f0000000300)=0x5) 814.013031ms ago: executing program 7 (id=7730): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1, 0xf, &(0x7f0000000140)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x18}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000900)=r1, 0x4) r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c0", 0x1}], 0x1}, 0x0) 813.300293ms ago: executing program 7 (id=7731): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0) syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') 284.573236ms ago: executing program 4 (id=7732): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) close(r0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x20086}], 0x1}}], 0x1, 0x0) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x600, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 0s ago: executing program 8 (id=7733): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) close(0x3) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x3fe, @ipv4={'\x00', '\xff\xff', @empty}}], 0x1c) sendto$inet6(r1, &(0x7f00000000c0)="b0", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x4e23, 0x7, @loopback, 0x4}, 0x1c) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000880), &(0x7f00000008c0)=0x8) kernel console output (not intermixed with test programs): 1][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.955773][ T54] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 300.045738][ T29] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 300.049085][ T29] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 300.052221][ T29] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 300.056360][ T29] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 300.059559][ T29] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.063363][ T29] usb 12-1: config 0 descriptor?? [ 300.355198][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 300.476514][ T29] plantronics 0003:047F:FFFF.0033: unknown main item tag 0x0 [ 300.478947][ T29] plantronics 0003:047F:FFFF.0033: unknown main item tag 0x0 [ 300.487245][ T29] plantronics 0003:047F:FFFF.0033: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 300.504784][ T10] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 300.664254][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 300.669423][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 300.673014][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 300.676343][ T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 300.680365][ T10] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 300.683408][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.690507][ T10] usb 5-1: config 0 descriptor?? [ 301.104251][ T10] shield 0003:0955:7214.0034: unknown main item tag 0x0 [ 301.106356][ T10] shield 0003:0955:7214.0034: unknown main item tag 0x0 [ 301.108486][ T10] shield 0003:0955:7214.0034: unknown main item tag 0x0 [ 301.110598][ T10] shield 0003:0955:7214.0034: unknown main item tag 0x0 [ 301.112752][ T10] shield 0003:0955:7214.0034: unknown main item tag 0x0 [ 301.118107][ T10] input: HID 0955:7214 Haptics as /devices/virtual/input/input59 [ 301.129273][ T10] shield 0003:0955:7214.0034: Registered Thunderstrike controller [ 301.131842][ T10] shield 0003:0955:7214.0034: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0 [ 301.307051][ T6011] shield 0003:0955:7214.0034: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 301.307127][ T825] usb 5-1: USB disconnect, device number 29 [ 301.310816][ T6011] shield 0003:0955:7214.0034: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 301.317680][ T6011] shield 0003:0955:7214.0034: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 301.321315][ T6011] shield 0003:0955:7214.0034: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 301.804527][ T5961] usb 9-1: new full-speed USB device number 29 using dummy_hcd [ 301.967112][ T5961] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 301.971131][ T5961] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 301.974944][ T5961] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 301.979186][ T5961] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 301.982823][ T5961] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.988752][T18205] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 301.994778][ T5961] hub 9-1:1.0: bad descriptor, ignoring hub [ 301.997195][ T5961] hub 9-1:1.0: probe with driver hub failed with error -5 [ 302.000337][ T5961] cdc_wdm 9-1:1.0: skipping garbage [ 302.002349][ T5961] cdc_wdm 9-1:1.0: skipping garbage [ 302.005786][ T5961] cdc_wdm 9-1:1.0: cdc-wdm1: USB WDM device [ 302.008040][ T5961] cdc_wdm 9-1:1.0: Unknown control protocol [ 302.304436][ T29] usb 9-1: USB disconnect, device number 29 [ 302.547246][ T53] usb 12-1: USB disconnect, device number 20 [ 302.664795][ T6011] net_ratelimit: 2 callbacks suppressed [ 302.664812][ T6011] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 302.861784][T18258] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5314'. [ 302.987914][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 303.067452][T18277] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.5323'. [ 303.354573][T18304] kvm: apic: phys broadcast and lowest prio [ 303.356479][T18304] kvm: apic: phys broadcast and lowest prio [ 303.376914][ T1199] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 303.379465][ T1199] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 303.505097][T18312] /dev/loop0: Can't lookup blockdev [ 303.704469][ T6011] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.130133][T18354] netlink: 64 bytes leftover after parsing attributes in process `syz.4.5359'. [ 304.188772][T18356] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.5360'. [ 304.414759][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.419517][ T1199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.422365][ T1199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.425267][ T1199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.427896][ T1199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.431626][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.435068][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 305.464602][T18436] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5397'. [ 305.468644][T18436] netlink: 'syz.0.5397': attribute type 1 has an invalid length. [ 305.471862][T18436] netlink: 'syz.0.5397': attribute type 2 has an invalid length. [ 305.825974][T18467] input: syz0 as /devices/virtual/input/input60 [ 306.030931][T18486] netlink: 'syz.1.5420': attribute type 1 has an invalid length. [ 306.066487][T18488] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 306.528893][T18507] /dev/loop0: Can't lookup blockdev [ 307.005003][T18537] 9pnet: p9_errstr2errno: server reported unknown error ÿÿÿÿ [ 307.049114][T18540] input: syz0 as /devices/virtual/input/input61 [ 307.134618][ T5961] usb 9-1: new high-speed USB device number 30 using dummy_hcd [ 307.294378][ T5961] usb 9-1: Using ep0 maxpacket: 8 [ 307.297786][ T5961] usb 9-1: config 0 interface 0 has no altsetting 0 [ 307.299893][ T5961] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 307.302734][ T5961] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.306781][ T5961] usb 9-1: config 0 descriptor?? [ 307.526286][T18559] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 307.537773][T18559] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 307.715762][ T5961] mcp2221 0003:04D8:00DD.0035: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0 [ 307.858131][ T6031] net_ratelimit: 11 callbacks suppressed [ 307.858144][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.915967][ T6031] usb 9-1: USB disconnect, device number 30 [ 308.084553][T18587] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 308.132935][T18594] binder: 18593:18594 ioctl c0306201 800003c0 returned -22 [ 308.291766][T18607] macvtap0: refused to change device tx_queue_len [ 308.634265][ T53] usb 12-1: new high-speed USB device number 21 using dummy_hcd [ 308.744273][ T825] usb 9-1: new high-speed USB device number 31 using dummy_hcd [ 308.785405][ T53] usb 12-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 308.790300][ T53] usb 12-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 308.793171][ T53] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 308.796186][ T53] usb 12-1: SerialNumber: syz [ 308.894348][ T825] usb 9-1: Using ep0 maxpacket: 16 [ 308.894711][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 308.898686][ T825] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 308.903313][ T825] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 308.907184][ T825] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 308.912234][ T825] usb 9-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 308.915960][ T825] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.921737][ T825] usb 9-1: config 0 descriptor?? [ 309.054412][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 309.333808][ T825] shield 0003:0955:7214.0036: unknown main item tag 0x0 [ 309.336378][ T825] shield 0003:0955:7214.0036: unknown main item tag 0x0 [ 309.338628][ T825] shield 0003:0955:7214.0036: unknown main item tag 0x0 [ 309.340818][ T825] shield 0003:0955:7214.0036: unknown main item tag 0x0 [ 309.343088][ T825] shield 0003:0955:7214.0036: unknown main item tag 0x0 [ 309.348935][ T825] input: HID 0955:7214 Haptics as /devices/virtual/input/input62 [ 309.358637][ T825] shield 0003:0955:7214.0036: Registered Thunderstrike controller [ 309.361220][ T825] shield 0003:0955:7214.0036: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.4-1/input0 [ 309.426555][ T53] cdc_ether 12-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.7-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 309.536284][ T53] shield 0003:0955:7214.0036: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 309.536585][ T6031] usb 9-1: USB disconnect, device number 31 [ 309.539948][ T53] shield 0003:0955:7214.0036: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 309.546675][ T53] shield 0003:0955:7214.0036: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 309.551309][ T53] shield 0003:0955:7214.0036: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 309.813970][ T5961] usb 12-1: USB disconnect, device number 21 [ 309.817196][ T5961] cdc_ether 12-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.7-1, CDC Ethernet Device [ 309.944373][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.155800][T18633] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5489'. [ 310.858409][T18659] syz.4.5502: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1 [ 310.863436][T18659] CPU: 1 UID: 0 PID: 18659 Comm: syz.4.5502 Tainted: G L syzkaller #0 PREEMPT(full) [ 310.863457][T18659] Tainted: [L]=SOFTLOCKUP [ 310.863461][T18659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 310.863468][T18659] Call Trace: [ 310.863473][T18659] [ 310.863478][T18659] dump_stack_lvl+0x16c/0x1f0 [ 310.863505][T18659] warn_alloc+0x248/0x3a0 [ 310.863520][T18659] ? __pfx_warn_alloc+0x10/0x10 [ 310.863540][T18659] ? kasan_save_stack+0x42/0x60 [ 310.863555][T18659] ? kasan_save_stack+0x33/0x60 [ 310.863568][T18659] ? kasan_save_track+0x14/0x30 [ 310.863583][T18659] ? xskq_create+0xfb/0x1d0 [ 310.863595][T18659] __vmalloc_node_range_noprof+0x12c2/0x16b0 [ 310.863612][T18659] ? xskq_create+0xfb/0x1d0 [ 310.863625][T18659] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 310.863643][T18659] ? xskq_create+0xfb/0x1d0 [ 310.863654][T18659] vmalloc_user_noprof+0x9e/0xe0 [ 310.863665][T18659] ? xskq_create+0xfb/0x1d0 [ 310.863675][T18659] xskq_create+0xfb/0x1d0 [ 310.863686][T18659] xsk_setsockopt+0x8d2/0xc00 [ 310.863704][T18659] ? __pfx_xsk_setsockopt+0x10/0x10 [ 310.863729][T18659] ? aa_sock_opt_perm+0xfd/0x1b0 [ 310.863758][T18659] ? __pfx_xsk_setsockopt+0x10/0x10 [ 310.863777][T18659] do_sock_setsockopt+0xf3/0x1d0 [ 310.863796][T18659] __sys_setsockopt+0x120/0x1a0 [ 310.863809][T18659] __ia32_sys_setsockopt+0xbc/0x160 [ 310.863820][T18659] ? __do_fast_syscall_32+0x9a/0x680 [ 310.863834][T18659] ? lockdep_hardirqs_on+0x7c/0x110 [ 310.863848][T18659] __do_fast_syscall_32+0xe8/0x680 [ 310.863864][T18659] do_fast_syscall_32+0x32/0x80 [ 310.863878][T18659] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 310.863892][T18659] RIP: 0023:0xf708d579 [ 310.863901][T18659] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 310.863912][T18659] RSP: 002b:00000000f547d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 310.863923][T18659] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b [ 310.863929][T18659] RDX: 0000000000000002 RSI: 0000000080000900 RDI: 0000000000000004 [ 310.863936][T18659] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 310.863942][T18659] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 310.863948][T18659] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 310.863962][T18659] [ 310.864023][T18659] Mem-Info: [ 310.867475][T18659] active_anon:6284 inactive_anon:69 isolated_anon:0 [ 310.867475][T18659] active_file:8532 inactive_file:28051 isolated_file:0 [ 310.867475][T18659] unevictable:1768 dirty:397 writeback:0 [ 310.867475][T18659] slab_reclaimable:8109 slab_unreclaimable:61716 [ 310.867475][T18659] mapped:23748 shmem:2413 pagetables:1343 [ 310.867475][T18659] sec_pagetables:315 bounce:0 [ 310.867475][T18659] kernel_misc_reclaimable:0 [ 310.867475][T18659] free:46354 free_pcp:14578 free_cma:0 [ 310.925994][T18659] Node 0 active_anon:56kB inactive_anon:44kB active_file:136kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:32kB dirty:0kB writeback:0kB shmem:4548kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9268kB pagetables:1268kB sec_pagetables:1148kB all_unreclaimable? yes Balloon:0kB [ 310.965562][T18659] Node 1 active_anon:25080kB inactive_anon:232kB active_file:33992kB inactive_file:112204kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:94744kB dirty:1588kB writeback:0kB shmem:5104kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4828kB pagetables:4284kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB [ 310.976465][T18659] Node 0 DMA free:1972kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:632kB local_pcp:116kB free_cma:0kB [ 310.978586][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.987350][T18659] lowmem_reserve[]: 0 289 289 289 289 [ 310.991790][T18659] Node 0 DMA32 free:15588kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:40kB inactive_anon:44kB active_file:136kB inactive_file:0kB unevictable:3536kB writepending:0kB zspages:20kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:8640kB local_pcp:2736kB free_cma:0kB [ 311.003852][T18659] lowmem_reserve[]: 0 0 0 0 0 [ 311.006794][T18659] Node 1 DMA32 free:164992kB boost:24576kB min:71720kB low:83504kB high:95288kB reserved_highatomic:0KB free_highatomic:0KB active_anon:25080kB inactive_anon:232kB active_file:33992kB inactive_file:112204kB unevictable:3536kB writepending:1588kB zspages:1748kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:49596kB local_pcp:29252kB free_cma:0kB [ 311.017741][T18659] lowmem_reserve[]: 0 0 0 0 0 [ 311.019249][T18659] Node 0 DMA: 1*4kB (U) 4*8kB (U) 9*16kB (U) 8*32kB (U) 2*64kB (UM) 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 1972kB [ 311.023794][T18659] Node 0 DMA32: 375*4kB (UME) 417*8kB (UME) 136*16kB (UE) 42*32kB (UME) 21*64kB (UME) 16*128kB (UME) 5*256kB (UME) 5*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 15588kB [ 311.028988][T18659] Node 1 DMA32: 1356*4kB (UE) 2766*8kB (UE) 2300*16kB (UME) 433*32kB (UME) 202*64kB (UME) 81*128kB (UME) 38*256kB (UME) 14*512kB (ME) 16*1024kB (UM) 7*2048kB (U) 4*4096kB (UM) = 165504kB [ 311.034976][T18659] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 311.038093][T18659] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 311.041059][T18659] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 311.044025][T18659] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 311.046984][T18659] 39098 total pagecache pages [ 311.048647][T18659] 106 pages in swap cache [ 311.050217][T18659] Free swap = 123224kB [ 311.051782][T18659] Total swap = 124996kB [ 311.053255][T18659] 524155 pages RAM [ 311.054606][T18659] 0 pages HighMem/MovableOnly [ 311.056159][T18659] 209047 pages reserved [ 311.057491][T18659] 0 pages cma reserved [ 311.152204][T18671] binder_alloc: binder_alloc_mmap_handler: 18670 80ffd000-80ffe000 already mapped failed -16 [ 311.200746][T18673] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5508'. [ 311.240730][T18677] input: syz1 as /devices/virtual/input/input63 [ 311.334205][ T29] usb 12-1: new high-speed USB device number 22 using dummy_hcd [ 311.458869][ T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 311.461758][ T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 311.506265][ T29] usb 12-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 311.510624][ T29] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 311.511747][T18705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5522'. [ 311.514653][ T29] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 311.514668][ T29] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 311.514693][ T29] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 311.514705][ T29] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 311.515747][ T29] usb 12-1: config 0 descriptor?? [ 311.541869][T18705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5522'. [ 311.547294][T18705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5522'. [ 311.550725][T18705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5522'. [ 311.554023][T18705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5522'. [ 311.565877][T18709] input: syz0 as /devices/virtual/input/input64 [ 311.640184][T18715] binder_alloc: binder_alloc_mmap_handler: 18714 80ffd000-80ffe000 already mapped failed -16 [ 311.952934][ T29] plantronics 0003:047F:FFFF.0037: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 312.014986][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 312.094312][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 312.415425][T18737] netlink: 'syz.1.5536': attribute type 1 has an invalid length. [ 312.438512][T18737] 8021q: adding VLAN 0 to HW filter on device bond1 [ 312.469234][T18737] bond1: (slave geneve2): making interface the new active one [ 312.473026][T18737] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 312.813136][T18751] CIFS: VFS: Malformed UNC in devname [ 312.865020][T18753] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5543'. [ 313.054966][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 313.144263][ T29] usb 9-1: new high-speed USB device number 32 using dummy_hcd [ 313.295906][ T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 313.300357][ T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 313.304408][ T29] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 313.309538][ T29] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 313.313123][ T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 313.318175][ T29] usb 9-1: config 0 descriptor?? [ 313.736444][ T29] plantronics 0003:047F:FFFF.0038: reserved main item tag 0xe [ 313.739830][ T29] plantronics 0003:047F:FFFF.0038: unknown main item tag 0x0 [ 313.746825][ T29] plantronics 0003:047F:FFFF.0038: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 313.794462][T18768] input: syz1 as /devices/virtual/input/input66 [ 313.811572][ T40] audit: type=1326 audit(1765652625.136:3945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18764 comm="syz.1.5547" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706d579 code=0x0 [ 313.924724][ T6012] usb 12-1: USB disconnect, device number 22 [ 313.945584][ T5961] usb 9-1: USB disconnect, device number 32 [ 314.096250][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 314.544563][ T5961] usb 12-1: new high-speed USB device number 23 using dummy_hcd [ 314.582199][T18797] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5562'. [ 314.714276][ T5961] usb 12-1: Using ep0 maxpacket: 16 [ 314.718528][ T5961] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 314.723053][ T5961] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 314.727465][ T5961] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 314.732665][ T5961] usb 12-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 314.736776][ T5961] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.741033][ T5961] usb 12-1: config 0 descriptor?? [ 314.910172][T18809] pimreg: left allmulticast mode [ 314.911835][T18809] dvmrp8: left allmulticast mode [ 315.134471][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.144675][ T6032] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.151552][ T5961] shield 0003:0955:7214.0039: unknown main item tag 0x0 [ 315.153960][ T5961] shield 0003:0955:7214.0039: unknown main item tag 0x0 [ 315.156282][ T5961] shield 0003:0955:7214.0039: unknown main item tag 0x0 [ 315.158598][ T5961] shield 0003:0955:7214.0039: unknown main item tag 0x0 [ 315.160042][T18815] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 315.160790][ T5961] shield 0003:0955:7214.0039: unknown main item tag 0x0 [ 315.162767][T18815] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 315.166387][ T5961] input: HID 0955:7214 Haptics as /devices/virtual/input/input67 [ 315.183018][ T5961] shield 0003:0955:7214.0039: Registered Thunderstrike controller [ 315.186205][ T5961] shield 0003:0955:7214.0039: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.7-1/input0 [ 315.189174][T18815] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 315.191790][T18815] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 315.209691][T18815] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 315.212139][T18815] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 315.354426][T18791] netlink: 'syz.7.5559': attribute type 2 has an invalid length. [ 315.358600][T18791] netlink: 244 bytes leftover after parsing attributes in process `syz.7.5559'. [ 315.370716][ T6121] shield 0003:0955:7214.0039: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 315.377601][ T6096] usb 12-1: USB disconnect, device number 23 [ 315.387528][ T6121] shield 0003:0955:7214.0039: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 315.391587][ T6121] shield 0003:0955:7214.0039: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 315.406477][ T6121] shield 0003:0955:7214.0039: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 315.515384][T18848] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5577'. [ 316.174529][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 316.402468][T18908] netlink: 'syz.4.5595': attribute type 4 has an invalid length. [ 316.411739][T18908] netlink: 'syz.4.5595': attribute type 4 has an invalid length. [ 316.685137][T18932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5603'. [ 316.706236][T18932] vxlan2: entered promiscuous mode [ 316.954439][T18938] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5609'. [ 317.027325][T18942] input: syz0 as /devices/virtual/input/input68 [ 317.212663][ T40] audit: type=1326 audit(1765652628.536:3946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18949 comm="syz.7.5615" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 317.214620][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 317.219802][ T40] audit: type=1326 audit(1765652628.546:3947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18949 comm="syz.7.5615" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 317.229768][ T40] audit: type=1326 audit(1765652628.546:3948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18949 comm="syz.7.5615" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 317.239023][ T40] audit: type=1326 audit(1765652628.546:3949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18949 comm="syz.7.5615" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 317.247146][ T40] audit: type=1326 audit(1765652628.546:3950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18949 comm="syz.7.5615" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 317.253887][ T40] audit: type=1326 audit(1765652628.546:3951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18949 comm="syz.7.5615" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 317.260801][ T40] audit: type=1326 audit(1765652628.546:3952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18949 comm="syz.7.5615" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 317.268390][ T40] audit: type=1326 audit(1765652628.546:3953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18949 comm="syz.7.5615" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 317.277237][ T40] audit: type=1326 audit(1765652628.546:3954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18949 comm="syz.7.5615" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 317.500520][T18959] tls_set_device_offload: netdev not found [ 317.651702][T18967] input: syz0 as /devices/virtual/input/input69 [ 318.174407][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.255683][ T6011] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.264780][T18983] syzkaller1: entered promiscuous mode [ 318.266503][T18983] syzkaller1: entered allmulticast mode [ 318.680822][T18952] Set syz1 is full, maxelem 65536 reached [ 319.298175][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.614557][ T6096] usb 12-1: new high-speed USB device number 24 using dummy_hcd [ 319.731217][T19051] loop2: detected capacity change from 0 to 7 [ 319.736351][T19051] Dev loop2: unable to read RDB block 7 [ 319.738731][T19051] loop2: unable to read partition table [ 319.740610][T19051] loop2: partition table beyond EOD, truncated [ 319.742565][T19051] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 319.766055][ T6096] usb 12-1: config 0 has no interfaces? [ 319.768384][ T6096] usb 12-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00 [ 319.772269][ T6096] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 319.777071][ T6096] usb 12-1: config 0 descriptor?? [ 319.784724][ T1198] block nbd0: Possible stuck request ffff8880261a8000: control (read@0,1024B). Runtime 240 seconds [ 319.788138][ T1198] block nbd0: Possible stuck request ffff8880261a8200: control (read@1024,1024B). Runtime 240 seconds [ 319.791636][ T1198] block nbd0: Possible stuck request ffff8880261a8400: control (read@2048,1024B). Runtime 240 seconds [ 319.795990][ T1198] block nbd0: Possible stuck request ffff8880261a8600: control (read@3072,1024B). Runtime 240 seconds [ 319.987304][T19036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 319.991526][T19036] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 319.996178][ T6096] usb 12-1: USB disconnect, device number 24 [ 320.114266][T19071] binder: 19069:19071 ioctl c0306201 80000480 returned -14 [ 320.344544][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.846990][ T5951] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 320.851206][ T5951] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 320.854414][ T5951] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 320.857167][ T5951] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 320.860160][ T5951] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 320.872070][ T5942] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 320.875495][ T5942] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 320.878791][ T5942] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 320.883370][ T5942] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 320.886399][ T5942] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 321.055954][ T6011] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 321.192480][T19085] chnl_net:caif_netlink_parms(): no params data found [ 321.224427][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 321.267126][T19085] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.270274][T19085] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.273366][T19085] bridge_slave_0: entered allmulticast mode [ 321.277754][T19085] bridge_slave_0: entered promiscuous mode [ 321.281446][T19085] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.283799][T19085] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.286735][T19085] bridge_slave_1: entered allmulticast mode [ 321.289475][T19085] bridge_slave_1: entered promiscuous mode [ 321.306484][T19085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 321.311427][T19085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 321.328243][T19085] team0: Port device team_slave_0 added [ 321.333125][T19085] team0: Port device team_slave_1 added [ 321.351473][T19085] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 321.353805][T19085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 321.363806][T19085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 321.369454][T19085] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 321.371708][T19085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 321.374539][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 321.380209][T19085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 321.394237][ T6032] usb 12-1: new high-speed USB device number 25 using dummy_hcd [ 321.419463][T19085] hsr_slave_0: entered promiscuous mode [ 321.422200][T19085] hsr_slave_1: entered promiscuous mode [ 321.424919][T19085] debugfs: 'hsr0' already exists in 'hsr' [ 321.427146][T19085] Cannot create hsr debugfs directory [ 321.532703][T19085] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 321.541190][T19085] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 321.547649][T19085] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 321.556430][T19085] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 321.564240][ T29] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 321.572789][ T6032] usb 12-1: Using ep0 maxpacket: 8 [ 321.577014][ T6032] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 321.580512][ T6032] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 321.585676][ T6032] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.590589][ T6032] usb 12-1: config 0 descriptor?? [ 321.599425][T19085] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.601996][T19085] bridge0: port 2(bridge_slave_1) entered forwarding state [ 321.605240][T19085] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.607773][T19085] bridge0: port 1(bridge_slave_0) entered forwarding state [ 321.648430][T19085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 321.658302][ T4578] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.661617][ T4578] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.675065][T19085] 8021q: adding VLAN 0 to HW filter on device team0 [ 321.682557][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.685244][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 321.693050][ T4578] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.695507][ T4578] bridge0: port 2(bridge_slave_1) entered forwarding state [ 321.747327][ T29] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 321.751004][ T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 321.754458][ T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 321.757547][ T29] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 321.762873][ T29] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 321.766637][ T29] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 321.769217][ T29] usb 6-1: Manufacturer: syz [ 321.772244][ T29] usb 6-1: config 0 descriptor?? [ 321.816032][ T6032] iowarrior 12-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 321.875858][T19085] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 322.008299][ T6012] usb 12-1: USB disconnect, device number 25 [ 322.028278][T19085] veth0_vlan: entered promiscuous mode [ 322.033135][T19085] veth1_vlan: entered promiscuous mode [ 322.053033][T19085] veth0_macvtap: entered promiscuous mode [ 322.058657][T19085] veth1_macvtap: entered promiscuous mode [ 322.060728][T19156] netfs: Couldn't get user pages (rc=-14) [ 322.063862][T19156] netfs: Zero-sized read [R=15] [ 322.070157][T19085] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 322.076924][T19085] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 322.087641][ T75] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.094287][ T75] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.097345][ T75] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.100461][ T75] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.147353][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.154250][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 322.174887][ T1199] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.178090][ T1199] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 322.187117][ T29] appleir 0003:05AC:8243.003A: unknown main item tag 0x0 [ 322.191911][ T29] appleir 0003:05AC:8243.003A: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 322.424746][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 322.645286][T19183] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.5704'. [ 322.714808][ T29] usb 6-1: USB disconnect, device number 30 [ 322.819425][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 322.884813][T19204] netlink: 32 bytes leftover after parsing attributes in process `syz.7.5713'. [ 322.919819][T19209] lo: Caught tx_queue_len zero misconfig [ 322.974860][ T5951] Bluetooth: hci4: command tx timeout [ 324.059185][T19237] 8021q: adding VLAN 0 to HW filter on device bond5 [ 324.061686][T19237] bridge0: port 3(bond5) entered blocking state [ 324.063772][T19237] bridge0: port 3(bond5) entered disabled state [ 324.066461][T19237] bond5: entered allmulticast mode [ 324.069189][T19237] bond5: entered promiscuous mode [ 324.071272][T19237] bridge0: port 3(bond5) entered blocking state [ 324.073308][T19237] bridge0: port 3(bond5) entered forwarding state [ 324.083145][ T1199] bridge0: port 3(bond5) entered disabled state [ 324.171662][ T40] kauditd_printk_skb: 274 callbacks suppressed [ 324.171674][ T40] audit: type=1326 audit(1765652635.496:4229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.1.5726" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7fc00000 [ 324.241669][T19254] pim6reg1: entered promiscuous mode [ 324.243635][T19254] pim6reg1: entered allmulticast mode [ 324.303114][T19258] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5736'. [ 325.002351][T19290] bond0: (slave syz_tun): Releasing backup interface [ 325.054349][ T5951] Bluetooth: hci4: command tx timeout [ 325.327404][T19304] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 326.677059][T19359] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 327.145170][ T5951] Bluetooth: hci4: command tx timeout [ 327.283906][T19390] netlink: 'syz.8.5790': attribute type 12 has an invalid length. [ 327.286500][T19390] netlink: 'syz.8.5790': attribute type 29 has an invalid length. [ 327.288986][T19390] netlink: 148 bytes leftover after parsing attributes in process `syz.8.5790'. [ 327.291894][T19390] netlink: 'syz.8.5790': attribute type 2 has an invalid length. [ 327.295964][T19390] netlink: 23 bytes leftover after parsing attributes in process `syz.8.5790'. [ 327.785744][T19418] input: syz0 as /devices/virtual/input/input70 [ 327.924184][ T40] audit: type=1326 audit(1765652639.246:4230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19419 comm="syz.1.5804" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7fc00000 [ 328.654533][ T40] audit: type=1326 audit(1765652639.976:4231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19419 comm="syz.1.5804" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf706d579 code=0x7fc00000 [ 329.215118][ T5951] Bluetooth: hci4: command tx timeout [ 329.415495][T19451] 9pnet: p9_errstr2errno: server reported unknown error ./file0 [ 329.604285][ T6121] usb 12-1: new high-speed USB device number 26 using dummy_hcd [ 329.754228][ T6121] usb 12-1: Using ep0 maxpacket: 16 [ 329.757100][ T6121] usb 12-1: config 0 has no interfaces? [ 329.760525][ T6121] usb 12-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 329.763567][ T6121] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 329.766742][ T6121] usb 12-1: Product: syz [ 329.768123][ T6121] usb 12-1: Manufacturer: syz [ 329.769698][ T6121] usb 12-1: SerialNumber: syz [ 329.772575][ T6121] usb 12-1: config 0 descriptor?? [ 329.982543][ T6032] usb 12-1: USB disconnect, device number 26 [ 330.660159][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.719328][T19528] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5851'. [ 330.722531][T19528] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5851'. [ 331.174210][ T6032] usb 13-1: new high-speed USB device number 2 using dummy_hcd [ 331.326159][ T6032] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 331.330904][ T6032] usb 13-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 331.335762][ T6032] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.340018][ T6032] usb 13-1: config 0 descriptor?? [ 331.546512][ T6032] usbhid 13-1:0.0: can't add hid device: -71 [ 331.551508][ T6032] usbhid 13-1:0.0: probe with driver usbhid failed with error -71 [ 331.566437][ T6032] usb 13-1: USB disconnect, device number 2 [ 331.755210][T19601] 9pnet: p9_errstr2errno: server reported unknown error 0x0000 [ 331.906245][T19612] input: syz0 as /devices/virtual/input/input71 [ 331.936802][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.940276][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.994267][ T6032] usb 13-1: new high-speed USB device number 3 using dummy_hcd [ 332.007952][T19618] input: syz0 as /devices/virtual/input/input72 [ 332.078775][T19621] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5889'. [ 332.144207][ T6032] usb 13-1: Using ep0 maxpacket: 32 [ 332.147381][ T6032] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 332.150866][ T6032] usb 13-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 332.153685][ T6032] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.157582][ T6032] usb 13-1: config 0 descriptor?? [ 332.160676][ T6032] ldusb 13-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 332.164303][ T6032] ldusb 13-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 332.566615][ T10] usb 13-1: USB disconnect, device number 3 [ 332.571509][ T10] ldusb 13-1:0.0: LD USB Device #0 now disconnected [ 332.694251][ T53] usb 9-1: new high-speed USB device number 33 using dummy_hcd [ 332.819310][T19637] overlayfs: overlapping lowerdir path [ 332.827023][T19637] overlayfs: failed to verify upper root origin [ 332.854208][ T53] usb 9-1: Using ep0 maxpacket: 8 [ 332.857154][ T53] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 332.860409][ T53] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 332.863168][ T53] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 332.867704][ T53] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 332.871161][ T53] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 332.873987][ T53] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.887526][ T53] hub 9-1:1.0: bad descriptor, ignoring hub [ 332.889439][ T53] hub 9-1:1.0: probe with driver hub failed with error -5 [ 332.891939][ T53] cdc_wdm 9-1:1.0: skipping garbage [ 332.893589][ T53] cdc_wdm 9-1:1.0: skipping garbage [ 332.895969][ T53] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device [ 332.897883][ T53] cdc_wdm 9-1:1.0: Unknown control protocol [ 333.164445][ T6096] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 333.334249][ T6096] usb 6-1: Using ep0 maxpacket: 32 [ 333.337201][ T6096] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10 [ 333.340793][ T6096] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024 [ 333.344651][ T6096] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 333.350581][ T6096] usb 6-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 333.353560][ T6096] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 333.356574][ T6096] usb 6-1: Product: syz [ 333.357947][ T6096] usb 6-1: Manufacturer: syz [ 333.359487][ T6096] usb 6-1: SerialNumber: syz [ 333.364976][ T6096] input: appletouch as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/input/input73 [ 333.404581][ T10] usb 9-1: USB disconnect, device number 33 [ 333.576326][ T29] usb 6-1: USB disconnect, device number 31 [ 333.609896][ T29] appletouch 6-1:1.0: input: appletouch disconnected [ 333.859400][T19692] netlink: 96 bytes leftover after parsing attributes in process `syz.8.5917'. [ 333.927310][T19698] input: syz1 as /devices/virtual/input/input74 [ 335.194197][ T6032] usb 9-1: new high-speed USB device number 34 using dummy_hcd [ 335.355634][ T6032] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 335.360206][ T6032] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 335.363731][ T6032] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 335.367206][ T6032] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 335.371565][ T6032] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 335.374435][ T6032] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.378202][ T6032] usb 9-1: config 0 descriptor?? [ 335.380334][T19743] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 335.796395][ T6032] plantronics 0003:047F:FFFF.003B: reserved main item tag 0xd [ 335.802433][ T6032] plantronics 0003:047F:FFFF.003B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 336.056112][ T53] usb 9-1: USB disconnect, device number 34 [ 336.221850][T19783] input: syz1 as /devices/virtual/input/input76 [ 337.920655][T19832] netlink: 'syz.8.5974': attribute type 1 has an invalid length. [ 337.924222][T19832] netlink: 224 bytes leftover after parsing attributes in process `syz.8.5974'. [ 338.314225][T19855] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5983'. [ 338.372137][T19862] netlink: 96 bytes leftover after parsing attributes in process `syz.7.5986'. [ 338.774542][ T6121] usb 13-1: new high-speed USB device number 4 using dummy_hcd [ 338.874211][ T53] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 338.925845][ T6121] usb 13-1: config 4 has an invalid interface number: 28 but max is 0 [ 338.928649][ T6121] usb 13-1: config 4 has no interface number 0 [ 338.932737][ T6121] usb 13-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= a.3a [ 338.936189][ T6121] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 338.939031][ T6121] usb 13-1: Product: syz [ 338.940476][ T6121] usb 13-1: Manufacturer: syz [ 338.942189][ T6121] usb 13-1: SerialNumber: syz [ 338.947691][ T6121] input: bcm5974 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:4.28/input/input77 [ 339.036598][ T53] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 339.040111][ T53] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.043156][ T53] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 339.048051][ T53] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 339.050936][ T53] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.054976][ T53] usb 6-1: config 0 descriptor?? [ 339.106161][T19912] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 339.109814][T19912] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 339.207080][ T5338] bcm5974 13-1:4.28: could not read from device [ 339.211768][T19884] bcm5974 13-1:4.28: could not read from device [ 339.217103][ T5338] bcm5974 13-1:4.28: could not read from device [ 339.224664][ T6121] usb 13-1: USB disconnect, device number 4 [ 339.470092][ T53] plantronics 0003:047F:FFFF.003C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 339.674293][ T6032] usb 9-1: new high-speed USB device number 35 using dummy_hcd [ 339.835578][ T6032] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 339.839748][ T6032] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.843453][ T6032] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 339.847796][ T6032] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 339.850970][ T6032] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.855825][ T6032] usb 9-1: config 0 descriptor?? [ 339.923159][T19934] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 339.927776][T19934] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 339.940488][T19934] overlayfs: d_ino too big (., ino=4611686018427387905, xinobits=3) [ 339.943887][T19934] overlayfs: d_ino too big (.., ino=4611686018427387905, xinobits=3) [ 339.948567][T19934] overlayfs: d_ino too big (936, ino=9223372036854780671, xinobits=3) [ 339.951278][T19934] overlayfs: d_ino too big (syzcgroup, ino=9223372036854775816, xinobits=3) [ 339.954245][T19934] overlayfs: d_ino too big (syz-inputs, ino=9223372036854775815, xinobits=3) [ 339.957116][T19934] overlayfs: d_ino too big (sys, ino=9223372036854775814, xinobits=3) [ 339.959929][T19934] overlayfs: d_ino too big (selinux, ino=9223372036854775813, xinobits=3) [ 339.962793][T19934] overlayfs: d_ino too big (proc, ino=9223372036854775812, xinobits=3) [ 339.965576][T19934] overlayfs: d_ino too big (dev, ino=9223372036854775811, xinobits=3) [ 339.969931][T19934] overlayfs: d_ino too big (instances, ino=4611686018427391112, xinobits=3) [ 340.080166][T19941] netlink: 'syz.7.6019': attribute type 12 has an invalid length. [ 340.083544][T19941] netlink: 'syz.7.6019': attribute type 29 has an invalid length. [ 340.085747][ T53] usb 6-1: USB disconnect, device number 32 [ 340.086990][T19941] netlink: 148 bytes leftover after parsing attributes in process `syz.7.6019'. [ 340.091739][T19941] netlink: 'syz.7.6019': attribute type 2 has an invalid length. [ 340.094643][T19941] netlink: 'syz.7.6019': attribute type 3 has an invalid length. [ 340.097194][T19941] netlink: 15 bytes leftover after parsing attributes in process `syz.7.6019'. [ 340.201469][T19949] netlink: 'syz.7.6023': attribute type 12 has an invalid length. [ 340.204353][T19949] netlink: 'syz.7.6023': attribute type 29 has an invalid length. [ 340.207376][T19949] netlink: 148 bytes leftover after parsing attributes in process `syz.7.6023'. [ 340.211363][T19949] netlink: 'syz.7.6023': attribute type 1 has an invalid length. [ 340.214009][T19949] netlink: 'syz.7.6023': attribute type 2 has an invalid length. [ 340.267855][ T6032] plantronics 0003:047F:FFFF.003D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 340.476639][T19964] netlink: 36 bytes leftover after parsing attributes in process `syz.8.6030'. [ 340.804766][T19980] syzkaller1: entered promiscuous mode [ 340.806617][T19980] syzkaller1: entered allmulticast mode [ 341.169415][ T5942] Bluetooth: hci5: sending frame failed (-49) [ 341.171579][ T5951] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 341.535637][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 342.174781][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 342.178586][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 342.184985][ T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 342.298718][ T10] usb 9-1: USB disconnect, device number 35 [ 343.492765][T20137] futex_wake_op: syz.8.6101 tries to shift op by -1; fix this program [ 343.559262][T20142] Bluetooth: hci0: invalid len left 7, exp >= 35 [ 343.711039][T20152] IPv4: Oversized IP packet from 127.202.26.0 [ 343.794295][ T6121] usb 13-1: new high-speed USB device number 5 using dummy_hcd [ 343.954280][ T6121] usb 13-1: Using ep0 maxpacket: 16 [ 343.957196][ T6121] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 343.960770][ T6121] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 343.963900][ T6121] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 343.969450][ T6121] usb 13-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 343.972527][ T6121] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.976563][ T6121] usb 13-1: config 0 descriptor?? [ 344.044212][ T5953] usb 9-1: new high-speed USB device number 36 using dummy_hcd [ 344.205599][ T5953] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 344.208764][ T5953] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 344.211832][ T5953] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 344.218392][ T5953] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 344.221433][ T5953] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 344.224023][ T5953] usb 9-1: Product: syz [ 344.225477][ T5953] usb 9-1: Manufacturer: syz [ 344.227004][ T5953] usb 9-1: SerialNumber: syz [ 344.232122][ T5953] hub 9-1:1.0: bad descriptor, ignoring hub [ 344.234069][ T5953] hub 9-1:1.0: probe with driver hub failed with error -5 [ 344.296994][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888060c58000: rx timeout, send abort [ 344.300099][ C0] vxcan0: j1939_tp_rxtimer: 0xffff8880760f3400: rx timeout, send abort [ 344.303095][ C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff888060c58000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 344.307870][ C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff8880760f3400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 344.386270][T20141] random: crng reseeded on system resumption [ 344.400823][ T6121] input: HID 0955:7214 Haptics as /devices/virtual/input/input78 [ 344.415593][ T6121] shield 0003:0955:7214.003E: Registered Thunderstrike controller [ 344.419145][ T6121] shield 0003:0955:7214.003E: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.8-1/input0 [ 344.437144][ T5953] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 36 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 344.620396][ T5961] shield 0003:0955:7214.003E: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 344.621041][ T6032] usb 13-1: USB disconnect, device number 5 [ 344.625019][ T5961] shield 0003:0955:7214.003E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 344.632161][ T5961] shield 0003:0955:7214.003E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 344.637867][ T5961] shield 0003:0955:7214.003E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 344.744469][ T6042] usb 9-1: USB disconnect, device number 36 [ 344.748793][ T6042] usblp0: removed [ 344.788391][T20178] overlayfs: statfs failed on './file0' [ 345.074257][ T5961] usb 9-1: new high-speed USB device number 37 using dummy_hcd [ 345.235628][ T5961] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 345.241466][ T5961] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 345.244985][ T5961] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 345.250749][ T5961] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 345.253836][ T5961] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.256501][ T5961] usb 9-1: Product: syz [ 345.257974][ T5961] usb 9-1: Manufacturer: syz [ 345.259530][ T5961] usb 9-1: SerialNumber: syz [ 345.263474][ T5961] hub 9-1:1.0: bad descriptor, ignoring hub [ 345.265470][ T5961] hub 9-1:1.0: probe with driver hub failed with error -5 [ 345.368189][T20200] input: syz0 as /devices/virtual/input/input79 [ 345.466638][ T5961] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 37 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 345.495096][ T5961] usb 9-1: USB disconnect, device number 37 [ 345.498391][ T5961] usblp0: removed [ 346.454189][ T5953] usb 12-1: new high-speed USB device number 27 using dummy_hcd [ 346.614276][ T5953] usb 12-1: Using ep0 maxpacket: 8 [ 346.617457][ T5953] usb 12-1: config 0 interface 0 has no altsetting 0 [ 346.619691][ T5953] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 346.622578][ T5953] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 346.626379][ T5953] usb 12-1: config 0 descriptor?? [ 347.035692][ T5953] mcp2221 0003:04D8:00DD.003F: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0 [ 347.239200][ T5953] usb 12-1: USB disconnect, device number 27 [ 347.267759][T20277] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 347.271897][T20277] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 347.281204][T20277] ovl_remap_lower_ino: 34 callbacks suppressed [ 347.281216][T20277] overlayfs: d_ino too big (., ino=4611686018427387905, xinobits=3) [ 347.287367][T20277] overlayfs: d_ino too big (.., ino=4611686018427387905, xinobits=3) [ 347.290049][T20277] overlayfs: d_ino too big (792, ino=9223372036854779905, xinobits=3) [ 347.292753][T20277] overlayfs: d_ino too big (syzcgroup, ino=9223372036854775816, xinobits=3) [ 347.295849][T20277] overlayfs: d_ino too big (syz-inputs, ino=9223372036854775815, xinobits=3) [ 347.298691][T20277] overlayfs: d_ino too big (sys, ino=9223372036854775814, xinobits=3) [ 347.301311][T20277] overlayfs: d_ino too big (selinux, ino=9223372036854775813, xinobits=3) [ 347.304155][T20277] overlayfs: d_ino too big (proc, ino=9223372036854775812, xinobits=3) [ 347.307116][T20277] overlayfs: d_ino too big (dev, ino=9223372036854775811, xinobits=3) [ 347.309899][T20277] overlayfs: d_ino too big (instances, ino=4611686018427391112, xinobits=3) [ 347.836518][T20295] delete_channel: no stack [ 348.388222][T20362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6194'. [ 348.389170][T20363] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6195'. [ 348.398116][T20363] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6195'. [ 348.405909][T20362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6194'. [ 348.448757][ T40] audit: type=1326 audit(1765652659.776:4232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20344 comm="syz.8.6189" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7fc00000 [ 349.054748][ T40] audit: type=1326 audit(1765652660.376:4233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20344 comm="syz.8.6189" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf707d579 code=0x7fc00000 [ 349.103964][ T40] audit: type=1326 audit(1765652660.426:4234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20392 comm="syz.8.6208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 349.111411][ T40] audit: type=1326 audit(1765652660.426:4235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20392 comm="syz.8.6208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 349.119220][ T40] audit: type=1326 audit(1765652660.436:4236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20392 comm="syz.8.6208" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 349.128359][ T40] audit: type=1326 audit(1765652660.456:4237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20392 comm="syz.8.6208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 349.138007][ T40] audit: type=1326 audit(1765652660.466:4238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20395 comm="syz.8.6208" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 349.146713][ T40] audit: type=1326 audit(1765652660.466:4239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20392 comm="syz.8.6208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 349.154239][ T40] audit: type=1326 audit(1765652660.466:4240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20392 comm="syz.8.6208" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 349.161357][ T40] audit: type=1326 audit(1765652660.466:4241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20392 comm="syz.8.6208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 349.875430][ T1198] block nbd0: Possible stuck request ffff8880261a8000: control (read@0,1024B). Runtime 270 seconds [ 349.878872][ T1198] block nbd0: Possible stuck request ffff8880261a8200: control (read@1024,1024B). Runtime 270 seconds [ 349.882270][ T1198] block nbd0: Possible stuck request ffff8880261a8400: control (read@2048,1024B). Runtime 270 seconds [ 349.887249][ T1198] block nbd0: Possible stuck request ffff8880261a8600: control (read@3072,1024B). Runtime 270 seconds [ 349.994471][ T10] usb 9-1: new high-speed USB device number 38 using dummy_hcd [ 350.172473][ T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 350.176803][ T10] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 350.180204][ T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.187854][ T10] usb 9-1: config 0 descriptor?? [ 350.401916][ T10] usbhid 9-1:0.0: can't add hid device: -71 [ 350.404036][ T10] usbhid 9-1:0.0: probe with driver usbhid failed with error -71 [ 350.415419][ T10] usb 9-1: USB disconnect, device number 38 [ 350.735636][T20442] kvm: user requested TSC rate below hardware speed [ 350.741920][T20442] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 350.844270][ T825] usb 9-1: new high-speed USB device number 39 using dummy_hcd [ 350.923000][T20444] overlay: filesystem on ./bus not supported as upperdir [ 350.994298][ T825] usb 9-1: Using ep0 maxpacket: 32 [ 350.998056][ T825] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 351.002123][ T825] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 351.005786][ T825] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.012245][ T825] usb 9-1: config 0 descriptor?? [ 351.016798][ T825] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 351.021714][ T825] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 351.190398][T20451] lo: Caught tx_queue_len zero misconfig [ 351.231292][T20454] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6233'. [ 351.234454][T20454] netlink: 'syz.1.6233': attribute type 1 has an invalid length. [ 351.236991][T20454] netlink: 'syz.1.6233': attribute type 2 has an invalid length. [ 351.240065][T20454] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6233'. [ 351.243128][T20449] delete_channel: no stack [ 351.424846][ T825] usb 9-1: USB disconnect, device number 39 [ 351.429629][ T825] ldusb 9-1:0.0: LD USB Device #0 now disconnected [ 351.624458][T20477] bad cache= option: noneize : 16 [ 351.624458][T20477] min keysize : 16 [ 351.624458][T20477] max keysize : 32 [ 351.624458][T20477] ivsize : 16 [ 351.624458][T20477] chunksize : 16 [ 351.624458][T20477] walksize : 16 [ 351.624458][T20477] statesize : 0 [ 351.624458][T20477] [ 351.624458][T20477] name : rfc7539(chacha20 [ 351.624458][T20477] [ 351.637310][T20477] CIFS: VFS: bad cache= option: noneize : 16 [ 351.637310][T20477] min keysize : 16 [ 351.637310][T20477] max keysize : 32 [ 351.637310][T20477] ivsize : 16 [ 351.637310][T20477] chunksize : 16 [ 351.637310][T20477] walksize : 16 [ 351.637310][T20477] statesize : 0 [ 351.637310][T20477] [ 351.637310][T20477] name : rfc7539(chacha20 [ 351.650239][T20477] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 351.663434][T20477] CIFS mount error: No usable UNC path provided in device string! [ 351.663434][T20477] [ 351.668019][T20477] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 351.774795][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 351.968920][T20502] bridge0: port 2(bridge_slave_1) entered disabled state [ 352.027974][T20512] syzkaller1: entered promiscuous mode [ 352.030213][T20512] syzkaller1: entered allmulticast mode [ 352.248048][T20527] input: syz1 as /devices/virtual/input/input80 [ 352.300951][T20533] ip6gre1: entered promiscuous mode [ 352.302658][T20533] ip6gre1: entered allmulticast mode [ 352.696744][T20556] input: syz1 as /devices/virtual/input/input81 [ 352.852243][T20562] netlink: 'syz.4.6281': attribute type 8 has an invalid length. [ 352.855353][T20562] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6281'. [ 352.862619][T20562] bond0: entered promiscuous mode [ 352.864343][T20562] bond_slave_0: entered promiscuous mode [ 352.866800][T20562] bond_slave_1: entered promiscuous mode [ 352.870727][T20562] gretap0: entered promiscuous mode [ 352.872822][T20562] debugfs: 'hsr0' already exists in 'hsr' [ 352.875270][T20562] Cannot create hsr debugfs directory [ 352.877978][T20562] hsr0: entered promiscuous mode [ 352.915457][T20566] netlink: 96 bytes leftover after parsing attributes in process `syz.8.6283'. [ 352.998667][T20573] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6286'. [ 353.258816][T20580] ip6gre1: entered promiscuous mode [ 353.261069][T20580] ip6gre1: entered allmulticast mode [ 354.083483][T20636] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.165327][T20636] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.242374][T20636] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.320607][T20636] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.408607][ T3741] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 354.424722][ T3741] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 354.437461][ T3741] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 354.450356][ T75] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 354.469621][T20648] netlink: 'syz.1.6318': attribute type 10 has an invalid length. [ 354.476206][T20648] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 354.481169][T20648] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 354.494630][T20648] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 354.497806][T20648] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 354.509369][T20648] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 354.512689][T20648] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 354.561428][T20648] bond0: (slave batadv0): Releasing backup interface [ 355.112440][T20688] bond1: entered promiscuous mode [ 355.114791][T20688] bond1: entered allmulticast mode [ 355.117078][T20688] 8021q: adding VLAN 0 to HW filter on device bond1 [ 355.873109][T20732] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 356.035195][ T40] kauditd_printk_skb: 16 callbacks suppressed [ 356.035211][ T40] audit: type=1326 audit(1765652667.366:4258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20733 comm="syz.8.6356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7fc00000 [ 356.052702][T20750] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6363'. [ 356.480646][ T40] audit: type=1326 audit(1765652667.806:4259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20776 comm="syz.4.6375" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708d579 code=0x0 [ 356.706567][ T40] audit: type=1326 audit(1765652668.036:4260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20733 comm="syz.8.6356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7fc00000 [ 357.234239][ T6121] usb 13-1: new high-speed USB device number 6 using dummy_hcd [ 357.344711][ T40] audit: type=1326 audit(1765652668.676:4261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20799 comm="syz.4.6383" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x0 [ 357.406994][ T6121] usb 13-1: config index 0 descriptor too short (expected 45, got 36) [ 357.409813][ T6121] usb 13-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 357.418742][ T6121] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 357.422328][ T6121] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 357.426116][ T6121] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 357.430528][ T6121] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 357.433507][ T6121] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.439073][ T6121] usb 13-1: config 0 descriptor?? [ 357.442178][T20792] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 357.867791][ T6121] plantronics 0003:047F:FFFF.0040: reserved main item tag 0xd [ 357.872891][ T6121] plantronics 0003:047F:FFFF.0040: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 358.136149][ T6121] usb 13-1: USB disconnect, device number 6 [ 358.743282][T20852] netlink: 'syz.7.6405': attribute type 12 has an invalid length. [ 359.552293][T20869] input: syz0 as /devices/virtual/input/input83 [ 359.744377][T20886] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6419'. [ 359.959017][T20897] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6423'. [ 359.963726][T20897] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6423'. [ 360.111418][T20909] netlink: 'syz.8.6427': attribute type 21 has an invalid length. [ 360.114816][T20909] netlink: 128 bytes leftover after parsing attributes in process `syz.8.6427'. [ 360.118132][T20909] netlink: 'syz.8.6427': attribute type 4 has an invalid length. [ 360.120717][T20909] netlink: 'syz.8.6427': attribute type 3 has an invalid length. [ 360.123245][T20909] netlink: 3 bytes leftover after parsing attributes in process `syz.8.6427'. [ 360.256582][T20923] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6434'. [ 360.261247][T20923] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6434'. [ 360.646038][T20952] netlink: 'syz.4.6448': attribute type 2 has an invalid length. [ 360.650788][T20952] netlink: 532 bytes leftover after parsing attributes in process `syz.4.6448'. [ 360.687235][T20956] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6450'. [ 360.844860][T20968] bridge_slave_0: left allmulticast mode [ 360.846729][T20968] bridge_slave_0: left promiscuous mode [ 360.848594][T20968] bridge0: port 1(bridge_slave_0) entered disabled state [ 360.857623][T20968] bridge_slave_1: left allmulticast mode [ 360.859618][T20968] bridge_slave_1: left promiscuous mode [ 360.861958][T20968] bridge0: port 2(bridge_slave_1) entered disabled state [ 360.878408][T20968] bond0: (slave bond_slave_0): Releasing backup interface [ 360.891807][T20968] bond0: (slave bond_slave_1): Releasing backup interface [ 360.903146][T20968] team0: Port device team_slave_0 removed [ 360.926517][T20968] team0: Port device team_slave_1 removed [ 360.929840][T20968] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 360.932828][T20968] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 360.937512][T20968] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 360.940064][T20968] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 360.943496][T20968] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 360.958071][ T6042] syz0: Port: 1 Link DOWN [ 361.102887][T20983] netlink: 'syz.1.6462': attribute type 10 has an invalid length. [ 361.115024][T20983] veth0_vlan: left promiscuous mode [ 361.119118][T20983] veth0_vlan: entered promiscuous mode [ 361.125526][T20983] team0: Device veth0_vlan failed to register rx_handler [ 361.261400][T20993] input: syz1 as /devices/virtual/input/input84 [ 361.272437][T20995] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.6467'. [ 361.314327][ T40] audit: type=1326 audit(1765652672.646:4262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20936 comm="syz.8.6441" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7fc00000 [ 361.371686][T21005] netlink: 92 bytes leftover after parsing attributes in process `syz.8.6472'. [ 361.375129][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 361.473328][T21013] netlink: 'syz.8.6474': attribute type 12 has an invalid length. [ 361.728357][T21028] Bluetooth: hci0: unsupported parameter 30225 [ 361.730975][T21028] Bluetooth: hci0: unsupported parameter 31232 [ 361.733532][T21028] Bluetooth: hci0: unsupported parameter 30225 [ 361.736431][T21028] Bluetooth: hci0: unsupported parameter 31232 [ 362.014050][T21053] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6494'. [ 362.017652][T21053] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6494'. [ 362.053719][T21058] netlink: 'syz.1.6496': attribute type 3 has an invalid length. [ 362.056990][T21058] netlink: 'syz.1.6496': attribute type 3 has an invalid length. [ 362.997412][T21086] netlink: 'syz.8.6507': attribute type 4 has an invalid length. [ 363.246842][T21097] KVM: debugfs: duplicate directory 21097-4 [ 363.762764][T21125] binder: 21122:21125 ioctl c0306201 80000480 returned -14 [ 363.954057][T21149] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6528'. [ 364.350596][T21186] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6549'. [ 364.357219][T21186] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6549'. [ 364.404261][ T5961] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 364.444230][ T6032] usb 13-1: new high-speed USB device number 7 using dummy_hcd [ 364.555877][ T5961] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 364.559433][ T5961] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 364.562507][ T5961] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 364.566770][ T5961] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 364.569559][ T5961] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.573126][ T5961] usb 6-1: config 0 descriptor?? [ 364.615482][ T6032] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 364.618919][ T6032] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 364.621891][ T6032] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 364.625966][ T6032] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 364.628817][ T6032] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.632453][ T6032] usb 13-1: config 0 descriptor?? [ 364.990058][ T5961] plantronics 0003:047F:FFFF.0041: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 365.048253][ T6032] plantronics 0003:047F:FFFF.0042: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 365.390264][ T9] usb 13-1: USB disconnect, device number 7 [ 365.807272][ T5953] usb 6-1: USB disconnect, device number 33 [ 365.978756][T21228] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.6564'. [ 366.103610][ T40] audit: type=1326 audit(1765652677.426:4263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21238 comm="syz.4.6570" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708d579 code=0x0 [ 366.164413][ T5953] usb 12-1: new high-speed USB device number 28 using dummy_hcd [ 366.327278][ T5953] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 366.337835][ T5953] usb 12-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 366.344658][ T5953] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 366.347581][ T5953] usb 12-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 366.351554][ T5953] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 366.360608][ T5953] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 366.369981][ T5953] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 366.373805][ T5953] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 366.377994][ T5953] usb 12-1: Product: syz [ 366.379847][ T5953] usb 12-1: Manufacturer: syz [ 366.388056][T21226] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 366.391516][ T5953] cdc_wdm 12-1:1.0: skipping garbage [ 366.393699][ T5953] cdc_wdm 12-1:1.0: skipping garbage [ 366.406103][ T5953] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device [ 366.408632][ T5953] cdc_wdm 12-1:1.0: Unknown control protocol [ 366.603900][ T9] usb 12-1: USB disconnect, device number 28 [ 367.195719][T21294] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 367.892603][ T40] audit: type=1326 audit(1765652679.216:4264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21335 comm="syz.4.6610" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708d579 code=0x0 [ 369.644624][ T6121] usb 12-1: new high-speed USB device number 29 using dummy_hcd [ 369.653446][ T40] audit: type=1326 audit(1765652680.976:4265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21469 comm="syz.1.6670" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706d579 code=0x0 [ 369.723467][T21481] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 369.804545][ T6121] usb 12-1: Using ep0 maxpacket: 8 [ 369.807849][ T6121] usb 12-1: config 0 interface 0 has no altsetting 0 [ 369.809992][ T6121] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 369.813225][ T6121] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.817493][ T6121] usb 12-1: config 0 descriptor?? [ 370.230291][ T6121] mcp2221 0003:04D8:00DD.0043: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0 [ 370.430398][ T5953] usb 12-1: USB disconnect, device number 29 [ 370.495165][T21501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6682'. [ 370.974449][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 371.213573][T21524] binder: 21523:21524 ioctl c0306201 800001c0 returned -14 [ 371.479539][ T6121] libceph: connect (1)[c::]:6789 error -101 [ 371.482202][ T6121] libceph: mon0 (1)[c::]:6789 connect error [ 371.537095][ T29] libceph: connect (1)[b::]:6789 error -101 [ 371.539816][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 371.592926][T21567] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6709'. [ 371.599625][T21567] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6709'. [ 371.717584][T21577] input: syz1 as /devices/virtual/input/input85 [ 371.744684][ T6121] libceph: connect (1)[c::]:6789 error -101 [ 371.746710][ T6121] libceph: mon0 (1)[c::]:6789 connect error [ 371.794687][ T29] libceph: connect (1)[b::]:6789 error -101 [ 371.797380][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 372.106132][T21608] tipc: Started in network mode [ 372.107833][T21608] tipc: Node identity 4, cluster identity 4711 [ 372.109961][T21608] tipc: Node number set to 4 [ 372.124430][T21610] validate_nla: 1 callbacks suppressed [ 372.124449][T21610] netlink: 'syz.7.6727': attribute type 1 has an invalid length. [ 372.163127][T21610] 8021q: adding VLAN 0 to HW filter on device bond2 [ 372.189482][T21610] bond2: (slave geneve2): making interface the new active one [ 372.196080][T21610] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 372.265004][ T6121] libceph: connect (1)[c::]:6789 error -101 [ 372.267867][ T6121] libceph: mon0 (1)[c::]:6789 connect error [ 372.306263][T21621] netlink: 44 bytes leftover after parsing attributes in process `syz.8.6732'. [ 372.316638][ T29] libceph: connect (1)[b::]:6789 error -101 [ 372.319341][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 372.324075][T21552] ceph: No mds server is up or the cluster is laggy [ 372.334420][T21559] ceph: No mds server is up or the cluster is laggy [ 372.334706][T21621] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6732'. [ 372.534825][T21644] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6740'. [ 372.871083][ T40] audit: type=1326 audit(1765652684.196:4266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21672 comm="syz.7.6754" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707d579 code=0x0 [ 373.239115][T21692] netlink: 830 bytes leftover after parsing attributes in process `syz.1.6761'. [ 373.287596][T21694] input: syz0 as /devices/virtual/input/input86 [ 373.341925][T21698] syzkaller1: entered promiscuous mode [ 373.343863][T21698] syzkaller1: entered allmulticast mode [ 373.350725][T21698] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 324 [ 373.564183][T21706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6768'. [ 373.570049][T21706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6768'. [ 373.575863][T21706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6768'. [ 374.502481][T21769] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 374.752693][T21792] input: syz0 as /devices/virtual/input/input87 [ 375.212501][T21820] syzkaller1: entered promiscuous mode [ 375.224221][T21820] syzkaller1: entered allmulticast mode [ 375.253034][T21822] input: syz0 as /devices/virtual/input/input88 [ 375.302291][ T40] audit: type=1804 audit(1765652686.626:4267): pid=21824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.6819" name="/newroot/1000/file0/file0" dev="9p" ino=71827957 res=1 errno=0 [ 375.800250][T21873] input: syz0 as /devices/virtual/input/input89 [ 376.594560][ T6121] usb 12-1: new high-speed USB device number 30 using dummy_hcd [ 376.746264][ T6121] usb 12-1: config index 0 descriptor too short (expected 45, got 36) [ 376.749700][ T6121] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 376.753742][ T6121] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 376.759518][ T6121] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 376.763869][ T6121] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 376.766959][ T6121] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.772392][ T6121] usb 12-1: config 0 descriptor?? [ 376.792099][T21939] mac80211_hwsim hwsim12 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 376.840192][T21942] binder: 21941:21942 ioctl 40046205 0 returned -22 [ 376.918392][T21946] __nla_validate_parse: 2 callbacks suppressed [ 376.918404][T21946] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6875'. [ 377.184180][ T6121] plantronics 0003:047F:FFFF.0044: unknown main item tag 0x0 [ 377.187984][ T6121] plantronics 0003:047F:FFFF.0044: unknown main item tag 0x0 [ 377.191573][ T6121] plantronics 0003:047F:FFFF.0044: unknown main item tag 0x0 [ 377.197038][ T6121] plantronics 0003:047F:FFFF.0044: unknown main item tag 0x0 [ 377.200075][ T6121] plantronics 0003:047F:FFFF.0044: unknown main item tag 0x0 [ 377.202518][ T6121] plantronics 0003:047F:FFFF.0044: unknown main item tag 0x0 [ 377.205600][ T6121] plantronics 0003:047F:FFFF.0044: unknown main item tag 0x0 [ 377.208419][ T6121] plantronics 0003:047F:FFFF.0044: unknown main item tag 0x0 [ 377.210671][ T6121] plantronics 0003:047F:FFFF.0044: unknown main item tag 0x0 [ 377.212908][ T6121] plantronics 0003:047F:FFFF.0044: unknown main item tag 0x0 [ 377.219048][ T6121] plantronics 0003:047F:FFFF.0044: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 377.435618][ T10] usb 12-1: USB disconnect, device number 30 [ 377.598061][T21969] input: syz0 as /devices/virtual/input/input90 [ 377.631579][T21971] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6886'. [ 377.635648][T21971] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6886'. [ 377.639360][T21971] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6886'. [ 377.776226][ T40] audit: type=1804 audit(1765652689.106:4268): pid=21978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.6888" name="/newroot/241/file0/file0" dev="9p" ino=71827957 res=1 errno=0 [ 378.051235][T22002] Invalid ELF header magic: != ELF [ 378.175461][T22013] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6901'. [ 378.178694][T22013] netlink: 'syz.8.6901': attribute type 14 has an invalid length. [ 378.188270][T22013] vxlan0: entered promiscuous mode [ 378.192426][T21841] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 378.196370][T21841] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 378.199112][T21841] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 378.201671][T21841] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 378.334665][ T29] usb 6-1: new full-speed USB device number 34 using dummy_hcd [ 378.485640][ T29] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4 [ 378.489386][ T29] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023 [ 378.493960][ T29] usb 6-1: config 0 interface 0 has no altsetting 0 [ 378.500840][ T29] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 378.503946][ T29] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 378.506717][ T29] usb 6-1: Product: syz [ 378.508193][ T29] usb 6-1: Manufacturer: syz [ 378.509832][ T29] usb 6-1: SerialNumber: syz [ 378.512876][ T29] usb 6-1: config 0 descriptor?? [ 378.517302][ T29] usb 6-1: selecting invalid altsetting 0 [ 378.526494][T22046] loop3: detected capacity change from 0 to 7 [ 378.532880][T22046] Dev loop3: unable to read RDB block 7 [ 378.535704][T22046] loop3: unable to read partition table [ 378.538200][T22046] loop3: partition table beyond EOD, truncated [ 378.540776][T22046] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 378.546546][T22048] netlink: 'syz.4.6920': attribute type 12 has an invalid length. [ 378.546565][T22048] netlink: 'syz.4.6920': attribute type 29 has an invalid length. [ 378.546578][T22048] netlink: 148 bytes leftover after parsing attributes in process `syz.4.6920'. [ 378.546596][T22048] netlink: 'syz.4.6920': attribute type 2 has an invalid length. [ 378.546607][T22048] netlink: 23 bytes leftover after parsing attributes in process `syz.4.6920'. [ 378.713947][T22052] ceph: No mds server is up or the cluster is laggy [ 378.725926][T22004] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 378.730989][ T29] usb 6-1: USB disconnect, device number 34 [ 379.669519][T22103] pimreg: left allmulticast mode [ 379.936166][ T1198] block nbd0: Possible stuck request ffff8880261a8000: control (read@0,1024B). Runtime 300 seconds [ 379.940341][ T1198] block nbd0: Possible stuck request ffff8880261a8200: control (read@1024,1024B). Runtime 300 seconds [ 379.944375][ T1198] block nbd0: Possible stuck request ffff8880261a8400: control (read@2048,1024B). Runtime 300 seconds [ 379.947827][ T1198] block nbd0: Possible stuck request ffff8880261a8600: control (read@3072,1024B). Runtime 300 seconds [ 380.243572][T22155] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6966'. [ 380.246524][T22155] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6966'. [ 380.252001][T22155] erspan0: entered promiscuous mode [ 380.256737][T22155] gretap0: entered promiscuous mode [ 380.299987][T22158] netlink: 'syz.7.6967': attribute type 12 has an invalid length. [ 380.574483][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 381.300303][T22205] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 381.348501][ T40] audit: type=1326 audit(1765652948.680:4269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22207 comm="syz.4.6989" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 381.362199][ T40] audit: type=1326 audit(1765652948.690:4270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22207 comm="syz.4.6989" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 381.369773][ T40] audit: type=1326 audit(1765652948.690:4271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22207 comm="syz.4.6989" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 381.651469][T22244] syzkaller1: entered promiscuous mode [ 381.654000][T22244] syzkaller1: entered allmulticast mode [ 382.174189][ T9] usb 13-1: new high-speed USB device number 8 using dummy_hcd [ 382.335460][ T9] usb 13-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 382.339084][ T9] usb 13-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 382.342270][ T9] usb 13-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 382.346426][ T9] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.351191][T22253] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 382.355023][ T9] usb 13-1: Quirk or no altset; falling back to MIDI 1.0 [ 382.568276][ T6121] usb 13-1: USB disconnect, device number 8 [ 382.651896][T22276] netlink: 'syz.4.7018': attribute type 9 has an invalid length. [ 382.655436][T22276] netlink: 'syz.4.7018': attribute type 11 has an invalid length. [ 382.658879][T22276] netlink: 'syz.4.7018': attribute type 12 has an invalid length. [ 382.662329][T22276] netlink: 210020 bytes leftover after parsing attributes in process `syz.4.7018'. [ 382.666872][T22276] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7018'. [ 382.682139][T22278] netlink: 'syz.7.7019': attribute type 6 has an invalid length. [ 382.859325][T22287] overlayfs: failed to clone upperpath [ 382.908332][T22289] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7024'. [ 383.250206][T22297] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7027'. [ 383.386636][T22306] geneve1: Caught tx_queue_len zero misconfig [ 383.872626][T22343] netlink: 24 bytes leftover after parsing attributes in process `syz.7.7048'. [ 384.099962][T22386] Invalid ELF header magic: != ELF [ 384.118070][T22387] bond2: option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 384.125595][T22387] bond2 (unregistering): Released all slaves [ 384.156065][T22391] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 384.228018][T22379] netlink: 24 bytes leftover after parsing attributes in process `syz.8.7064'. [ 384.615700][ T6096] usb 12-1: new high-speed USB device number 31 using dummy_hcd [ 384.732559][T22418] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7081'. [ 384.773351][ T6096] usb 12-1: Using ep0 maxpacket: 16 [ 384.777526][ T6096] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 384.780920][ T6096] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 384.784398][ T6096] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 384.788702][ T6096] usb 12-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 384.791523][ T6096] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.795763][ T6096] usb 12-1: config 0 descriptor?? [ 385.210450][ T6096] hid_parser_main: 5 callbacks suppressed [ 385.210463][ T6096] shield 0003:0955:7214.0045: unknown main item tag 0x0 [ 385.216218][ T6096] shield 0003:0955:7214.0045: unknown main item tag 0x0 [ 385.218518][ T6096] shield 0003:0955:7214.0045: unknown main item tag 0x0 [ 385.221272][ T6096] shield 0003:0955:7214.0045: unknown main item tag 0x0 [ 385.223992][ T6096] shield 0003:0955:7214.0045: unknown main item tag 0x0 [ 385.228169][ T6096] input: HID 0955:7214 Haptics as /devices/virtual/input/input91 [ 385.244302][ T6096] shield 0003:0955:7214.0045: Registered Thunderstrike controller [ 385.247170][ T6096] shield 0003:0955:7214.0045: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.7-1/input0 [ 385.409815][T22407] netlink: 504 bytes leftover after parsing attributes in process `syz.7.7077'. [ 385.413871][ T5961] shield 0003:0955:7214.0045: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 385.420041][ T6121] usb 12-1: USB disconnect, device number 31 [ 385.424240][ T5961] shield 0003:0955:7214.0045: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 385.427796][ T5961] shield 0003:0955:7214.0045: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 385.431249][ T5961] shield 0003:0955:7214.0045: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 385.584323][ T5953] usb 13-1: new high-speed USB device number 9 using dummy_hcd [ 385.765876][ T5953] usb 13-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 385.770167][ T5953] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 385.774785][ T5953] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 385.778645][ T5953] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 385.784649][ T5953] usb 13-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 385.787766][ T5953] usb 13-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 385.790316][ T5953] usb 13-1: Manufacturer: syz [ 385.792911][ T5953] usb 13-1: config 0 descriptor?? [ 385.805815][T22461] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7098'. [ 386.201266][ T5953] appleir 0003:05AC:8243.0046: unknown main item tag 0x0 [ 386.204241][ T6121] usb 12-1: new high-speed USB device number 32 using dummy_hcd [ 386.211373][ T5953] appleir 0003:05AC:8243.0046: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.8-1/input0 [ 386.364483][ T6121] usb 12-1: Using ep0 maxpacket: 32 [ 386.368853][ T6121] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 386.375432][ T6121] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 386.379488][ T6121] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 386.382415][ T6121] usb 12-1: Product: syz [ 386.383805][ T6121] usb 12-1: Manufacturer: syz [ 386.385390][ T6121] usb 12-1: SerialNumber: syz [ 386.388311][ T6121] usb 12-1: config 0 descriptor?? [ 386.391147][T22471] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 386.604838][ T29] usb 12-1: USB disconnect, device number 32 [ 386.620396][T22478] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7103'. [ 386.653648][T22478] nbd: device at index 64 is going down [ 386.707152][ T5953] usb 13-1: USB disconnect, device number 9 [ 386.924435][T22492] vcan0: tx drop: invalid da for name 0x0000000000000001 [ 387.827378][T22548] loop9: detected capacity change from 0 to 7 [ 387.829893][T22548] Dev loop9: unable to read RDB block 7 [ 387.832114][T22548] loop9: unable to read partition table [ 387.834838][T22548] loop9: partition table beyond EOD, truncated [ 387.837413][T22548] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 388.955890][T22616] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 388.975992][ T40] audit: type=1326 audit(1765652956.310:4272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22622 comm="syz.1.7168" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706d579 code=0x0 [ 389.392911][T22639] __nla_validate_parse: 1 callbacks suppressed [ 389.392923][T22639] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7174'. [ 389.404722][T22639] vxlan2: entered promiscuous mode [ 389.832828][T22656] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7182'. [ 390.184370][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 390.210008][T22670] input: syz1 as /devices/virtual/input/input92 [ 390.517692][T22682] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.591453][T22686] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7196'. [ 390.594818][T22686] bridge_slave_0: default FDB implementation only supports local addresses [ 390.599023][T22686] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7196'. [ 390.602250][T22686] bridge_slave_0: default FDB implementation only supports local addresses [ 390.964368][ T29] usb 12-1: new high-speed USB device number 33 using dummy_hcd [ 391.115542][ T29] usb 12-1: config 0 has no interfaces? [ 391.118858][ T29] usb 12-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 391.129169][ T29] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.131707][ T29] usb 12-1: Product: syz [ 391.133060][ T29] usb 12-1: Manufacturer: syz [ 391.134662][ T29] usb 12-1: SerialNumber: syz [ 391.137285][ T29] usb 12-1: config 0 descriptor?? [ 391.393014][ T29] usb 12-1: USB disconnect, device number 33 [ 391.717243][T22762] fuse: Bad value for 'fd' [ 391.760253][T22767] bridge0: port 2(bridge_slave_1) entered disabled state [ 391.762383][T22767] bridge0: port 1(bridge_slave_0) entered disabled state [ 392.863739][T22818] netlink: 'syz.1.7253': attribute type 4 has an invalid length. [ 392.871463][T22818] netlink: 'syz.1.7253': attribute type 4 has an invalid length. [ 393.434337][ T6012] usb 6-1: new high-speed USB device number 35 using dummy_hcd [ 393.584228][ T6012] usb 6-1: Using ep0 maxpacket: 8 [ 393.587466][ T6012] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 393.590952][ T6012] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 393.594044][ T6012] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 393.599484][ T6012] usb 6-1: config 0 descriptor?? [ 393.812714][ T6012] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 394.013831][ T9] usb 6-1: USB disconnect, device number 35 [ 394.601934][T22880] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 394.713928][T22890] fuse: Bad value for 'fd' [ 395.245951][T22908] netlink: 96 bytes leftover after parsing attributes in process `syz.4.7291'. [ 395.371847][T22874] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 395.373838][T22874] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 395.385853][T22874] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 395.387903][T22914] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7294'. [ 395.520179][T22928] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7302'. [ 395.533559][T22928] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7302'. [ 395.584696][T22936] netlink: 'syz.4.7301': attribute type 13 has an invalid length. [ 395.587911][T22936] netlink: 'syz.4.7301': attribute type 17 has an invalid length. [ 396.498485][T22942] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 396.502950][T22942] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 396.791992][T22985] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7324'. [ 396.794446][ T6012] usb 13-1: new high-speed USB device number 10 using dummy_hcd [ 396.947096][T23002] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7331'. [ 396.954518][ T6012] usb 13-1: Using ep0 maxpacket: 16 [ 396.958917][ T6012] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 396.963611][ T6012] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 396.967432][ T6012] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 396.972586][ T6012] usb 13-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 396.980340][ T6012] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.986164][ T6012] usb 13-1: config 0 descriptor?? [ 396.998952][T23004] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7331'. [ 397.001740][T23004] bond5: left allmulticast mode [ 397.003390][T23004] bond5: left promiscuous mode [ 397.005200][T23004] bridge0: port 3(bond5) entered disabled state [ 397.009637][T23004] bridge_slave_1: left allmulticast mode [ 397.011938][T23004] bridge_slave_1: left promiscuous mode [ 397.014836][T23004] bridge0: port 2(bridge_slave_1) entered disabled state [ 397.019544][T23004] bridge_slave_0: left allmulticast mode [ 397.021914][T23004] bridge_slave_0: left promiscuous mode [ 397.024760][T23004] bridge0: port 1(bridge_slave_0) entered disabled state [ 397.397465][ T6012] shield 0003:0955:7214.0047: unknown main item tag 0x0 [ 397.400426][ T6012] shield 0003:0955:7214.0047: unknown main item tag 0x0 [ 397.403173][ T6012] shield 0003:0955:7214.0047: unknown main item tag 0x0 [ 397.406099][ T6012] shield 0003:0955:7214.0047: unknown main item tag 0x0 [ 397.409065][ T6012] shield 0003:0955:7214.0047: unknown main item tag 0x0 [ 397.414491][ T6012] input: HID 0955:7214 Haptics as /devices/virtual/input/input93 [ 397.425356][ T6012] shield 0003:0955:7214.0047: Registered Thunderstrike controller [ 397.428652][ T6012] shield 0003:0955:7214.0047: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.8-1/input0 [ 397.493425][T23011] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7334'. [ 397.511308][T23011] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7334'. [ 397.603009][T22960] netlink: 'syz.8.7313': attribute type 2 has an invalid length. [ 397.605742][T22960] netlink: 244 bytes leftover after parsing attributes in process `syz.8.7313'. [ 397.609692][ T825] shield 0003:0955:7214.0047: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 397.610082][ T10] usb 13-1: USB disconnect, device number 10 [ 397.620379][ T825] shield 0003:0955:7214.0047: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 397.623828][ T825] shield 0003:0955:7214.0047: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 397.630300][ T825] shield 0003:0955:7214.0047: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 398.094250][ T5951] Bluetooth: hci4: command 0x0c1a tx timeout [ 398.188664][T23041] bridge0: port 2(bridge_slave_1) entered disabled state [ 398.193311][T23041] bridge_slave_0: left allmulticast mode [ 398.196989][T23041] bridge_slave_0: left promiscuous mode [ 398.198952][T23041] bridge0: port 1(bridge_slave_0) entered disabled state [ 398.539229][T23055] netlink: 'syz.7.7351': attribute type 13 has an invalid length. [ 398.542024][T23055] veth0_macvtap: left promiscuous mode [ 398.544662][T23055] macvtap0: entered promiscuous mode [ 398.546904][T23055] macvtap0: entered allmulticast mode [ 398.775898][T23078] bridge_slave_0: left allmulticast mode [ 398.778316][T23078] bridge_slave_0: left promiscuous mode [ 398.780443][T23078] bridge0: port 1(bridge_slave_0) entered disabled state [ 398.785928][T23078] bridge_slave_1: left allmulticast mode [ 398.787846][T23078] bridge_slave_1: left promiscuous mode [ 398.789928][T23078] bridge0: port 2(bridge_slave_1) entered disabled state [ 398.796020][T23078] bond0: (slave bond_slave_0): Releasing backup interface [ 398.801848][T23078] bond0: (slave bond_slave_1): Releasing backup interface [ 398.813098][T23078] team0: Port device team_slave_1 removed [ 398.818287][T23078] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 398.944258][ T6032] usb 12-1: new high-speed USB device number 34 using dummy_hcd [ 398.979744][T23092] "syz.8.7365" (23092) uses obsolete ecb(arc4) skcipher [ 399.056171][ T40] audit: type=1326 audit(1765652966.390:4273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23107 comm="syz.1.7371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 399.064041][ T40] audit: type=1326 audit(1765652966.390:4274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23107 comm="syz.1.7371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 399.072520][ T40] audit: type=1326 audit(1765652966.390:4275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23107 comm="syz.1.7371" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 399.079625][ T40] audit: type=1326 audit(1765652966.390:4276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23107 comm="syz.1.7371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 399.086606][ T40] audit: type=1326 audit(1765652966.390:4277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23107 comm="syz.1.7371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 399.093369][ T40] audit: type=1326 audit(1765652966.390:4278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23107 comm="syz.1.7371" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 399.100987][ T40] audit: type=1326 audit(1765652966.390:4279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23107 comm="syz.1.7371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 399.110445][ T40] audit: type=1326 audit(1765652966.390:4280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23107 comm="syz.1.7371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 399.119492][ T40] audit: type=1326 audit(1765652966.390:4281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23107 comm="syz.1.7371" exe="/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 399.128304][ T40] audit: type=1326 audit(1765652966.400:4282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23107 comm="syz.1.7371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 399.134794][ T6032] usb 12-1: Using ep0 maxpacket: 8 [ 399.140828][ T6032] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 399.145098][ T6032] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 399.149293][ T6032] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 399.163289][ T6032] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 399.169477][ T6032] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 399.173715][ T6032] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 399.389414][ T6032] usb 12-1: GET_CAPABILITIES returned 0 [ 399.394204][ T6032] usbtmc 12-1:16.0: can't read capabilities [ 399.592096][ T6121] usb 12-1: USB disconnect, device number 34 [ 399.774721][ T4578] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 399.778246][ T4578] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 399.781674][ T4578] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 399.785094][ T4578] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 399.789289][ T825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 399.791892][ T825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 399.794779][ T825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 399.798071][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 400.128263][T23140] netlink: 'syz.1.7384': attribute type 11 has an invalid length. [ 400.167285][T23148] loop6: detected capacity change from 0 to 524287999 [ 400.174606][ T5951] Bluetooth: hci4: command 0x0c1a tx timeout [ 400.177996][T23149] syz.8.7387 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 400.615813][T23173] loop2: detected capacity change from 0 to 7 [ 400.619094][T23173] Dev loop2: unable to read RDB block 7 [ 400.622049][T23173] loop2: AHDI p1 [ 400.626235][T23173] loop2: partition table partially beyond EOD, truncated [ 400.674250][ T825] usb 13-1: new full-speed USB device number 11 using dummy_hcd [ 400.825703][ T825] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 400.829218][ T825] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 400.834501][ T825] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 400.837822][ T825] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.056032][ T825] usb 13-1: usb_control_msg returned -32 [ 401.058402][ T825] usbtmc 13-1:16.0: can't read capabilities [ 401.687979][T23213] __nla_validate_parse: 2 callbacks suppressed [ 401.687996][T23213] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7415'. [ 401.697283][T23213] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7415'. [ 402.186469][T23232] overlayfs: failed to clone lowerpath [ 402.190540][T23232] overlayfs: failed to clone lowerpath [ 402.211600][T23233] netlink: 'syz.1.7423': attribute type 13 has an invalid length. [ 402.214382][T23233] netlink: 'syz.1.7423': attribute type 17 has an invalid length. [ 402.264797][ T5951] Bluetooth: hci4: command 0x0c1a tx timeout [ 403.184375][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 403.466722][ T9] usb 13-1: USB disconnect, device number 11 [ 403.815821][T23294] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7446'. [ 403.824200][T23294] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7446'. [ 404.039463][T23310] hsr0: entered allmulticast mode [ 404.043369][T23310] hsr_slave_0: entered allmulticast mode [ 404.045310][T23310] hsr_slave_1: entered allmulticast mode [ 404.053113][T23310] hsr_slave_0: left promiscuous mode [ 404.055456][T23310] hsr_slave_1: left promiscuous mode [ 404.071966][T23310] hsr0 (unregistering): left allmulticast mode [ 404.181900][ T40] kauditd_printk_skb: 8 callbacks suppressed [ 404.181911][ T40] audit: type=1326 audit(1765652971.510:4291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23318 comm="syz.1.7464" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 404.192175][ T40] audit: type=1326 audit(1765652971.520:4292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23318 comm="syz.1.7464" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 404.205377][ T40] audit: type=1326 audit(1765652971.530:4293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23318 comm="syz.1.7464" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 404.212779][ T40] audit: type=1326 audit(1765652971.540:4294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23318 comm="syz.1.7464" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 404.221670][ T40] audit: type=1326 audit(1765652971.540:4295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23318 comm="syz.1.7464" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 404.229825][ T40] audit: type=1326 audit(1765652971.540:4296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23318 comm="syz.1.7464" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 404.238053][ T40] audit: type=1326 audit(1765652971.540:4297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23318 comm="syz.1.7464" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 404.245749][ T40] audit: type=1326 audit(1765652971.540:4298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23318 comm="syz.1.7464" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 404.255269][ T40] audit: type=1326 audit(1765652971.540:4299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23318 comm="syz.1.7464" exe="/syz-executor" sig=0 arch=40000003 syscall=441 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 404.267578][ T40] audit: type=1326 audit(1765652971.600:4300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23318 comm="syz.1.7464" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 404.334256][ T5951] Bluetooth: hci4: command 0x0c1a tx timeout [ 404.506581][T23335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7463'. [ 404.519002][T23337] syzkaller1: entered promiscuous mode [ 404.523738][T23337] syzkaller1: entered allmulticast mode [ 404.558398][T23340] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7463'. [ 404.612401][T23342] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 404.615480][T23342] IPv6: NLM_F_CREATE should be set when creating new route [ 405.009065][T23372] netlink: 'syz.1.7479': attribute type 9 has an invalid length. [ 405.012310][T23372] netlink: 'syz.1.7479': attribute type 11 has an invalid length. [ 405.015571][T23372] netlink: 'syz.1.7479': attribute type 12 has an invalid length. [ 405.018973][T23372] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.7479'. [ 405.022819][T23372] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7479'. [ 405.038554][T23374] kvm: Disabled LAPIC found during irq injection [ 405.266793][T23385] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7486'. [ 405.269635][T23385] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7486'. [ 406.424240][ T5951] Bluetooth: hci4: command 0x0c1a tx timeout [ 407.886505][T23476] __nla_validate_parse: 4 callbacks suppressed [ 407.886518][T23476] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7524'. [ 407.900345][T23476] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7524'. [ 407.901119][T23480] netlink: 'syz.4.7525': attribute type 9 has an invalid length. [ 407.910817][T23480] netlink: 'syz.4.7525': attribute type 11 has an invalid length. [ 407.913703][T23480] netlink: 'syz.4.7525': attribute type 12 has an invalid length. [ 407.916362][T23480] netlink: 210020 bytes leftover after parsing attributes in process `syz.4.7525'. [ 407.919352][T23480] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7525'. [ 408.105079][T23488] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7528'. [ 408.112160][T23487] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 408.504228][ T5959] Bluetooth: hci4: command 0x0c1a tx timeout [ 408.708868][T23514] 9p: Bad value for 'rfdno' [ 409.304330][ T5959] Bluetooth: hci5: command 0x1003 tx timeout [ 409.304400][ T5951] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 409.374451][ T10] net_ratelimit: 1 callbacks suppressed [ 409.374467][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.524777][ T825] usb 13-1: new high-speed USB device number 12 using dummy_hcd [ 409.674236][ T825] usb 13-1: Using ep0 maxpacket: 8 [ 409.678961][ T825] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 409.683946][ T825] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 409.694211][ T825] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 409.698375][ T825] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 409.703615][ T825] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 409.714259][ T825] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.925812][T23549] netlink: 6 bytes leftover after parsing attributes in process `syz.4.7557'. [ 409.930473][ T825] usb 13-1: usb_control_msg returned -32 [ 409.933659][ T825] usbtmc 13-1:16.0: can't read capabilities [ 410.015890][ T1198] block nbd0: Possible stuck request ffff8880261a8000: control (read@0,1024B). Runtime 330 seconds [ 410.019916][ T1198] block nbd0: Possible stuck request ffff8880261a8200: control (read@1024,1024B). Runtime 330 seconds [ 410.023367][ T1198] block nbd0: Possible stuck request ffff8880261a8400: control (read@2048,1024B). Runtime 330 seconds [ 410.027539][ T1198] block nbd0: Possible stuck request ffff8880261a8600: control (read@3072,1024B). Runtime 330 seconds [ 410.240103][T23561] overlayfs: failed to clone upperpath [ 410.254240][ T5942] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 410.521531][T23571] netlink: 6 bytes leftover after parsing attributes in process `syz.7.7566'. [ 410.579729][T23573] netlink: 'syz.1.7567': attribute type 9 has an invalid length. [ 410.582745][T23573] netlink: 'syz.1.7567': attribute type 11 has an invalid length. [ 410.585776][T23573] netlink: 'syz.1.7567': attribute type 12 has an invalid length. [ 410.588867][T23573] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.7567'. [ 410.592528][T23573] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7567'. [ 410.873258][T23600] netlink: 6 bytes leftover after parsing attributes in process `syz.1.7576'. [ 411.146981][T23616] gtp3: entered promiscuous mode [ 411.149112][T23616] gtp3: entered allmulticast mode [ 411.246462][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 411.246477][ T40] audit: type=1326 audit(1765652978.580:4303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23624 comm="syz.1.7592" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706d579 code=0x0 [ 412.324528][ T6032] usb 13-1: USB disconnect, device number 12 [ 412.345824][T23655] input: syz1 as /devices/virtual/input/input94 [ 412.498927][T23662] netlink: 'syz.4.7607': attribute type 1 has an invalid length. [ 412.530302][T23662] 8021q: adding VLAN 0 to HW filter on device bond6 [ 412.575314][T23662] bond6: (slave geneve2): making interface the new active one [ 412.579074][T23662] bond6: (slave geneve2): Enslaving as an active interface with an up link [ 413.084352][ T825] usb 13-1: new full-speed USB device number 13 using dummy_hcd [ 413.265696][ T825] usb 13-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 413.270049][ T825] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 413.273750][ T825] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.758249][T23717] __nla_validate_parse: 1 callbacks suppressed [ 413.758263][T23717] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7629'. [ 413.763356][T23717] netlink: 'syz.7.7629': attribute type 15 has an invalid length. [ 413.770102][T23717] vxlan3: entered promiscuous mode [ 413.772746][ T75] netdevsim netdevsim7 eth0: set [0, 1] type 1 family 0 port 256 - 0 [ 413.776380][ T75] netdevsim netdevsim7 eth1: set [0, 1] type 1 family 0 port 256 - 0 [ 413.779825][ T75] netdevsim netdevsim7 eth2: set [0, 1] type 1 family 0 port 256 - 0 [ 413.783259][ T75] netdevsim netdevsim7 eth3: set [0, 1] type 1 family 0 port 256 - 0 [ 413.958876][T23726] overlayfs: failed to clone upperpath [ 413.962160][T23726] overlayfs: failed to clone upperpath [ 414.312212][T23744] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7641'. [ 414.316045][T23744] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7641'. [ 414.319358][T23744] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7641'. [ 415.728395][T23820] netlink: 'syz.4.7673': attribute type 9 has an invalid length. [ 415.731006][T23822] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7674'. [ 415.731465][T23820] netlink: 'syz.4.7673': attribute type 11 has an invalid length. [ 415.738306][T23820] netlink: 'syz.4.7673': attribute type 12 has an invalid length. [ 415.740798][T23820] netlink: 210020 bytes leftover after parsing attributes in process `syz.4.7673'. [ 415.743859][T23820] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7673'. [ 415.749606][T23822] 8021q: adding VLAN 0 to HW filter on device bond2 [ 415.778733][T23822] bond2: (slave batadv0): Opening slave failed [ 415.843929][ T825] usb 13-1: USB disconnect, device number 13 [ 416.252636][T23866] netlink: 67 bytes leftover after parsing attributes in process `syz.4.7693'. [ 416.284300][T23868] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.7694'. [ 416.324305][ T9] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 416.327527][T23870] netlink: 'syz.4.7695': attribute type 2 has an invalid length. [ 416.339149][T23870] !: entered promiscuous mode [ 416.347773][T23870] netlink: 'syz.4.7695': attribute type 2 has an invalid length. [ 416.350355][T23870] !: left promiscuous mode [ 416.484297][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 416.488185][ T9] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 416.491836][ T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 416.496627][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 416.500807][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 416.504716][ T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 416.508906][ T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 416.512049][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.724520][ T9] usb 6-1: usb_control_msg returned -32 [ 416.726333][ T9] usbtmc 6-1:16.0: can't read capabilities [ 416.870476][T23886] input: syz0 as /devices/virtual/input/input95 [ 417.754191][ T6032] usb 12-1: new high-speed USB device number 35 using dummy_hcd [ 417.904233][ T6032] usb 12-1: Using ep0 maxpacket: 16 [ 417.907387][ T6032] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 417.911012][ T6032] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 417.915582][ T6032] usb 12-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 417.918436][ T6032] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 417.923372][ T6032] usb 12-1: config 0 descriptor?? [ 418.335188][ T6032] HID 045e:07da: Invalid code 65791 type 1 [ 418.342279][ T6032] input: HID 045e:07da as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/0003:045E:07DA.0048/input/input96 [ 418.352402][ T6032] microsoft 0003:045E:07DA.0048: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.7-1/input0 [ 418.532769][ C0] [ 418.533645][ C0] ======================================================== [ 418.536093][ C0] WARNING: possible irq lock inversion dependency detected [ 418.538725][ C0] syzkaller #0 Tainted: G L [ 418.541462][ C0] -------------------------------------------------------- [ 418.544129][ C0] swapper/0/0 just changed the state of lock: [ 418.546087][ C0] ffff88804ea64230 (&dev->event_lock#2){..-.}-{3:3}, at: input_event+0x74/0xd0 [ 418.549332][ C0] but this lock took another, SOFTIRQ-READ-unsafe lock in the past: [ 418.551905][ C0] (tasklist_lock){.+.+}-{3:3} [ 418.551921][ C0] [ 418.551921][ C0] [ 418.551921][ C0] and interrupts could create inverse lock ordering between them. [ 418.551921][ C0] [ 418.557808][ C0] [ 418.557808][ C0] other info that might help us debug this: [ 418.560960][ C0] Chain exists of: [ 418.560960][ C0] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 418.560960][ C0] [ 418.565427][ C0] Possible interrupt unsafe locking scenario: [ 418.565427][ C0] [ 418.568469][ C0] CPU0 CPU1 [ 418.570249][ C0] ---- ---- [ 418.571865][ C0] lock(tasklist_lock); [ 418.573160][ C0] local_irq_disable(); [ 418.575205][ C0] lock(&dev->event_lock#2); [ 418.577545][ C0] lock(&client->buffer_lock); [ 418.580449][ C0] [ 418.582023][ C0] lock(&dev->event_lock#2); [ 418.584088][ C0] [ 418.584088][ C0] *** DEADLOCK *** [ 418.584088][ C0] [ 418.587403][ C0] no locks held by swapper/0/0. [ 418.589468][ C0] [ 418.589468][ C0] the shortest dependencies between 2nd lock and 1st lock: [ 418.593247][ C0] -> (tasklist_lock){.+.+}-{3:3} { [ 418.595609][ C0] HARDIRQ-ON-R at: [ 418.597357][ C0] lock_acquire+0x179/0x330 [ 418.600086][ C0] _raw_read_lock+0x5f/0x70 [ 418.602788][ C0] __do_wait+0x105/0x890 [ 418.605509][ C0] do_wait+0x21d/0x570 [ 418.608055][ C0] kernel_wait+0x9f/0x160 [ 418.610465][ C0] call_usermodehelper_exec_work+0xf1/0x170 [ 418.613750][ C0] process_one_work+0x9ba/0x1b20 [ 418.616613][ C0] worker_thread+0x6c8/0xf10 [ 418.619387][ C0] kthread+0x3c5/0x780 [ 418.621724][ C0] ret_from_fork+0x983/0xb10 [ 418.624291][ C0] ret_from_fork_asm+0x1a/0x30 [ 418.627036][ C0] SOFTIRQ-ON-R at: [ 418.628756][ C0] lock_acquire+0x179/0x330 [ 418.631019][ C0] _raw_read_lock+0x5f/0x70 [ 418.633578][ C0] __do_wait+0x105/0x890 [ 418.636271][ C0] do_wait+0x21d/0x570 [ 418.638890][ C0] kernel_wait+0x9f/0x160 [ 418.641717][ C0] call_usermodehelper_exec_work+0xf1/0x170 [ 418.645208][ C0] process_one_work+0x9ba/0x1b20 [ 418.648268][ C0] worker_thread+0x6c8/0xf10 [ 418.651082][ C0] kthread+0x3c5/0x780 [ 418.653695][ C0] ret_from_fork+0x983/0xb10 [ 418.656603][ C0] ret_from_fork_asm+0x1a/0x30 [ 418.659350][ C0] INITIAL USE at: [ 418.660701][ C0] lock_acquire+0x179/0x330 [ 418.662810][ C0] _raw_write_lock_irq+0x36/0x50 [ 418.665633][ C0] copy_process+0x4668/0x7430 [ 418.668177][ C0] kernel_clone+0xfc/0x910 [ 418.670660][ C0] user_mode_thread+0xc8/0x110 [ 418.673306][ C0] rest_init+0x23/0x2b0 [ 418.675973][ C0] start_kernel+0x3ef/0x4d0 [ 418.678804][ C0] x86_64_start_reservations+0x18/0x30 [ 418.681951][ C0] x86_64_start_kernel+0x130/0x190 [ 418.685016][ C0] common_startup_64+0x13e/0x148 [ 418.687898][ C0] INITIAL READ USE at: [ 418.689832][ C0] lock_acquire+0x179/0x330 [ 418.692827][ C0] _raw_read_lock+0x5f/0x70 [ 418.695608][ C0] __do_wait+0x105/0x890 [ 418.698385][ C0] do_wait+0x21d/0x570 [ 418.701074][ C0] kernel_wait+0x9f/0x160 [ 418.704010][ C0] call_usermodehelper_exec_work+0xf1/0x170 [ 418.707604][ C0] process_one_work+0x9ba/0x1b20 [ 418.710767][ C0] worker_thread+0x6c8/0xf10 [ 418.713802][ C0] kthread+0x3c5/0x780 [ 418.716651][ C0] ret_from_fork+0x983/0xb10 [ 418.719679][ C0] ret_from_fork_asm+0x1a/0x30 [ 418.722782][ C0] } [ 418.723997][ C0] ... key at: [] tasklist_lock+0x18/0x40 [ 418.727312][ C0] ... acquired at: [ 418.729076][ C0] _raw_read_lock+0x5f/0x70 [ 418.731039][ C0] send_sigurg+0xed/0xc80 [ 418.732968][ C0] sk_send_sigurg+0x76/0x360 [ 418.734829][ C0] unix_stream_sendmsg+0xfa3/0x1320 [ 418.737164][ C0] ____sys_sendmsg+0xa5d/0xc30 [ 418.739277][ C0] ___sys_sendmsg+0x134/0x1d0 [ 418.741288][ C0] __sys_sendmsg+0x16d/0x220 [ 418.743260][ C0] __do_fast_syscall_32+0xe8/0x680 [ 418.745448][ C0] do_fast_syscall_32+0x32/0x80 [ 418.747525][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 418.750268][ C0] [ 418.751285][ C0] -> (&f_owner->lock){....}-{3:3} { [ 418.753563][ C0] INITIAL USE at: [ 418.755327][ C0] lock_acquire+0x179/0x330 [ 418.758027][ C0] _raw_write_lock_irq+0x36/0x50 [ 418.760417][ C0] __f_setown+0x61/0x3c0 [ 418.762813][ C0] generic_setlease+0xf0f/0x1330 [ 418.765493][ C0] kernel_setlease+0x106/0x140 [ 418.768271][ C0] vfs_setlease+0x1e8/0x280 [ 418.771063][ C0] do_fcntl_add_lease+0x3c4/0x550 [ 418.773920][ C0] fcntl_setdeleg+0x153/0x1e0 [ 418.776749][ C0] do_fcntl+0x33d/0x1660 [ 418.779312][ C0] do_compat_fcntl64+0x367/0x710 [ 418.781572][ C0] __do_fast_syscall_32+0xe8/0x680 [ 418.783632][ C0] do_fast_syscall_32+0x32/0x80 [ 418.785791][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 418.789108][ C0] INITIAL READ USE at: [ 418.791087][ C0] lock_acquire+0x179/0x330 [ 418.793958][ C0] _raw_read_lock_irqsave+0x74/0x90 [ 418.797011][ C0] send_sigio+0x31/0x3e0 [ 418.799612][ C0] kill_fasync+0x214/0x510 [ 418.802386][ C0] lease_break_callback+0x23/0x30 [ 418.805424][ C0] __break_lease+0x6cd/0x1800 [ 418.808373][ C0] notify_change+0xa57/0x1290 [ 418.811477][ C0] do_truncate+0x1d7/0x230 [ 418.814249][ C0] path_openat+0x2a1a/0x3140 [ 418.816997][ C0] do_filp_open+0x20b/0x470 [ 418.819715][ C0] do_sys_openat2+0x121/0x290 [ 418.822446][ C0] __ia32_compat_sys_openat+0x16d/0x210 [ 418.825537][ C0] __do_fast_syscall_32+0xe8/0x680 [ 418.828600][ C0] do_fast_syscall_32+0x32/0x80 [ 418.831703][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 418.835295][ C0] } [ 418.836481][ C0] ... key at: [] __key.1+0x0/0x40 [ 418.839545][ C0] ... acquired at: [ 418.841027][ C0] _raw_read_lock_irqsave+0x74/0x90 [ 418.842753][ C0] send_sigio+0x31/0x3e0 [ 418.844214][ C0] kill_fasync+0x214/0x510 [ 418.845760][ C0] lease_break_callback+0x23/0x30 [ 418.847408][ C0] __break_lease+0x6cd/0x1800 [ 418.849284][ C0] notify_change+0xa57/0x1290 [ 418.851279][ C0] do_truncate+0x1d7/0x230 [ 418.853274][ C0] path_openat+0x2a1a/0x3140 [ 418.855295][ C0] do_filp_open+0x20b/0x470 [ 418.857257][ C0] do_sys_openat2+0x121/0x290 [ 418.858823][ C0] __ia32_compat_sys_openat+0x16d/0x210 [ 418.860602][ C0] __do_fast_syscall_32+0xe8/0x680 [ 418.862266][ C0] do_fast_syscall_32+0x32/0x80 [ 418.863838][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 418.866088][ C0] [ 418.866838][ C0] -> (&new->fa_lock){....}-{3:3} { [ 418.868725][ C0] INITIAL USE at: [ 418.870443][ C0] lock_acquire+0x179/0x330 [ 418.872597][ C0] _raw_write_lock_irq+0x36/0x50 [ 418.874692][ C0] fasync_remove_entry+0xb2/0x1e0 [ 418.876788][ C0] fasync_helper+0xaf/0xd0 [ 418.878984][ C0] lease_modify+0x232/0x500 [ 418.880999][ C0] locks_remove_file+0x29e/0x5c0 [ 418.883009][ C0] __fput+0x351/0xb70 [ 418.884812][ C0] task_work_run+0x150/0x240 [ 418.886762][ C0] exit_to_user_mode_loop+0xfb/0x540 [ 418.889041][ C0] __do_fast_syscall_32+0x4a4/0x680 [ 418.891205][ C0] do_fast_syscall_32+0x32/0x80 [ 418.893260][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 418.895755][ C0] INITIAL READ USE at: [ 418.897225][ C0] lock_acquire+0x179/0x330 [ 418.899840][ C0] _raw_read_lock_irqsave+0x74/0x90 [ 418.902836][ C0] kill_fasync+0x138/0x510 [ 418.904943][ C0] lease_break_callback+0x23/0x30 [ 418.907257][ C0] __break_lease+0x6cd/0x1800 [ 418.909406][ C0] notify_change+0xa57/0x1290 [ 418.911573][ C0] do_truncate+0x1d7/0x230 [ 418.913635][ C0] path_openat+0x2a1a/0x3140 [ 418.915742][ C0] do_filp_open+0x20b/0x470 [ 418.917838][ C0] do_sys_openat2+0x121/0x290 [ 418.920004][ C0] __ia32_compat_sys_openat+0x16d/0x210 [ 418.922398][ C0] __do_fast_syscall_32+0xe8/0x680 [ 418.924728][ C0] do_fast_syscall_32+0x32/0x80 [ 418.926972][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 418.929735][ C0] } [ 418.930681][ C0] ... key at: [] __key.0+0x0/0x40 [ 418.933124][ C0] ... acquired at: [ 418.934488][ C0] _raw_read_lock_irqsave+0x74/0x90 [ 418.936331][ C0] kill_fasync+0x138/0x510 [ 418.938081][ C0] evdev_pass_values+0x619/0x9b0 [ 418.939862][ C0] evdev_events+0x1bb/0x390 [ 418.941526][ C0] input_pass_values+0x74e/0x880 [ 418.943291][ C0] input_handle_event+0xf00/0x14d0 [ 418.945145][ C0] input_inject_event+0x1e8/0x3b0 [ 418.946916][ C0] evdev_write+0x2e1/0x440 [ 418.948582][ C0] vfs_write+0x2a0/0x11d0 [ 418.950220][ C0] ksys_write+0x1f8/0x250 [ 418.951651][ C0] __do_fast_syscall_32+0xe8/0x680 [ 418.953331][ C0] do_fast_syscall_32+0x32/0x80 [ 418.954913][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 418.957034][ C0] [ 418.957848][ C0] -> (&client->buffer_lock){....}-{3:3} { [ 418.959776][ C0] INITIAL USE at: [ 418.961059][ C0] lock_acquire+0x179/0x330 [ 418.963009][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 418.965132][ C0] evdev_do_ioctl+0x347/0x1b30 [ 418.967096][ C0] evdev_ioctl_compat+0x16f/0x1a0 [ 418.969209][ C0] __ia32_compat_sys_ioctl+0x242/0x370 [ 418.971504][ C0] __do_fast_syscall_32+0xe8/0x680 [ 418.973650][ C0] do_fast_syscall_32+0x32/0x80 [ 418.975728][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 418.978263][ C0] } [ 418.979129][ C0] ... key at: [] __key.88+0x0/0x40 [ 418.981412][ C0] ... acquired at: [ 418.982641][ C0] _raw_spin_lock+0x2e/0x40 [ 418.984141][ C0] evdev_pass_values+0x10e/0x9b0 [ 418.985788][ C0] evdev_events+0x1bb/0x390 [ 418.987507][ C0] input_pass_values+0x74e/0x880 [ 418.989677][ C0] input_handle_event+0xf00/0x14d0 [ 418.991899][ C0] input_inject_event+0x1e8/0x3b0 [ 418.994132][ C0] evdev_write+0x2e1/0x440 [ 418.996103][ C0] vfs_write+0x2a0/0x11d0 [ 418.997990][ C0] ksys_write+0x1f8/0x250 [ 418.999822][ C0] __do_fast_syscall_32+0xe8/0x680 [ 419.001950][ C0] do_fast_syscall_32+0x32/0x80 [ 419.003980][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 419.006126][ C0] [ 419.006939][ C0] -> (&dev->event_lock#2){..-.}-{3:3} { [ 419.008750][ C0] IN-SOFTIRQ-W at: [ 419.010082][ C0] lock_acquire+0x179/0x330 [ 419.012053][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 419.014293][ C0] input_event+0x74/0xd0 [ 419.016213][ C0] hidinput_report_event+0xb2/0x100 [ 419.018477][ C0] hid_report_raw_event+0x268/0x12c0 [ 419.020803][ C0] __hid_input_report.constprop.0+0x33f/0x470 [ 419.023221][ C0] hid_irq_in+0x35e/0x870 [ 419.025204][ C0] __usb_hcd_giveback_urb+0x38b/0x610 [ 419.027486][ C0] usb_hcd_giveback_urb+0x39b/0x450 [ 419.029717][ C0] dummy_timer+0x1809/0x3ad0 [ 419.032208][ C0] __hrtimer_run_queues+0x202/0xc40 [ 419.035048][ C0] hrtimer_run_softirq+0x17d/0x350 [ 419.037895][ C0] handle_softirqs+0x219/0x950 [ 419.040615][ C0] __irq_exit_rcu+0x109/0x170 [ 419.043278][ C0] irq_exit_rcu+0x9/0x30 [ 419.045779][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 419.048987][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 419.052112][ C0] pv_native_safe_halt+0xf/0x20 [ 419.054690][ C0] default_idle+0x13/0x20 [ 419.057015][ C0] default_idle_call+0x6c/0xb0 [ 419.059538][ C0] do_idle+0x38d/0x510 [ 419.061920][ C0] cpu_startup_entry+0x4f/0x60 [ 419.064210][ C0] rest_init+0x16b/0x2b0 [ 419.066113][ C0] start_kernel+0x3ef/0x4d0 [ 419.068074][ C0] x86_64_start_reservations+0x18/0x30 [ 419.070334][ C0] x86_64_start_kernel+0x130/0x190 [ 419.072629][ C0] common_startup_64+0x13e/0x148 [ 419.075052][ C0] INITIAL USE at: [ 419.076440][ C0] lock_acquire+0x179/0x330 [ 419.078959][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 419.081601][ C0] input_inject_event+0x9f/0x3b0 [ 419.084352][ C0] led_set_brightness+0x217/0x290 [ 419.087110][ C0] kbd_led_trigger_activate+0xcb/0x110 [ 419.090017][ C0] led_trigger_set+0x59a/0xc50 [ 419.092695][ C0] led_trigger_set_default+0x1e0/0x2e0 [ 419.095116][ C0] led_classdev_register_ext+0x71d/0xa30 [ 419.097455][ C0] input_leds_connect+0x552/0x8e0 [ 419.099524][ C0] input_attach_handler.isra.0+0x176/0x250 [ 419.101837][ C0] input_register_device+0xab9/0x11b0 [ 419.104003][ C0] atkbd_connect+0x5f8/0xa60 [ 419.105890][ C0] serio_driver_probe+0x7f/0xd0 [ 419.107808][ C0] really_probe+0x241/0xb20 [ 419.109705][ C0] __driver_probe_device+0x1de/0x470 [ 419.111826][ C0] driver_probe_device+0x4c/0x1b0 [ 419.114110][ C0] __driver_attach+0x283/0x5e0 [ 419.116092][ C0] bus_for_each_dev+0x13e/0x1d0 [ 419.118140][ C0] serio_handle_event+0x281/0xb30 [ 419.120082][ C0] process_one_work+0x9ba/0x1b20 [ 419.122053][ C0] worker_thread+0x6c8/0xf10 [ 419.124154][ C0] kthread+0x3c5/0x780 [ 419.125987][ C0] ret_from_fork+0x983/0xb10 [ 419.128093][ C0] ret_from_fork_asm+0x1a/0x30 [ 419.130729][ C0] } [ 419.131909][ C0] ... key at: [] __key.7+0x0/0x40 [ 419.134734][ C0] ... acquired at: [ 419.136336][ C0] __lock_acquire+0xc38/0x2890 [ 419.138328][ C0] lock_acquire+0x179/0x330 [ 419.140189][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 419.142316][ C0] input_event+0x74/0xd0 [ 419.144116][ C0] hidinput_report_event+0xb2/0x100 [ 419.146389][ C0] hid_report_raw_event+0x268/0x12c0 [ 419.148729][ C0] __hid_input_report.constprop.0+0x33f/0x470 [ 419.151360][ C0] hid_irq_in+0x35e/0x870 [ 419.153248][ C0] __usb_hcd_giveback_urb+0x38b/0x610 [ 419.155562][ C0] usb_hcd_giveback_urb+0x39b/0x450 [ 419.157911][ C0] dummy_timer+0x1809/0x3ad0 [ 419.159947][ C0] __hrtimer_run_queues+0x202/0xc40 [ 419.162199][ C0] hrtimer_run_softirq+0x17d/0x350 [ 419.164416][ C0] handle_softirqs+0x219/0x950 [ 419.166493][ C0] __irq_exit_rcu+0x109/0x170 [ 419.168554][ C0] irq_exit_rcu+0x9/0x30 [ 419.170450][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 419.172905][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 419.175499][ C0] pv_native_safe_halt+0xf/0x20 [ 419.177703][ C0] default_idle+0x13/0x20 [ 419.179477][ C0] default_idle_call+0x6c/0xb0 [ 419.181485][ C0] do_idle+0x38d/0x510 [ 419.183263][ C0] cpu_startup_entry+0x4f/0x60 [ 419.185290][ C0] rest_init+0x16b/0x2b0 [ 419.186988][ C0] start_kernel+0x3ef/0x4d0 [ 419.188796][ C0] x86_64_start_reservations+0x18/0x30 [ 419.190829][ C0] x86_64_start_kernel+0x130/0x190 [ 419.192842][ C0] common_startup_64+0x13e/0x148 [ 419.194608][ C0] [ 419.195386][ C0] [ 419.195386][ C0] stack backtrace: [ 419.197316][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G L syzkaller #0 PREEMPT(full) [ 419.197344][ C0] Tainted: [L]=SOFTLOCKUP [ 419.197348][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 419.197356][ C0] Call Trace: [ 419.197360][ C0] [ 419.197366][ C0] dump_stack_lvl+0x116/0x1f0 [ 419.197382][ C0] print_irq_inversion_bug.part.0+0x212/0x270 [ 419.197402][ C0] mark_lock+0x399/0x9f0 [ 419.197413][ C0] __lock_acquire+0xc38/0x2890 [ 419.197424][ C0] ? do_raw_spin_lock+0x12c/0x2b0 [ 419.197436][ C0] lock_acquire+0x179/0x330 [ 419.197445][ C0] ? input_event+0x74/0xd0 [ 419.197457][ C0] ? __asan_memcpy+0x3c/0x60 [ 419.197470][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 419.197482][ C0] ? input_event+0x74/0xd0 [ 419.197492][ C0] input_event+0x74/0xd0 [ 419.197503][ C0] hidinput_report_event+0xb2/0x100 [ 419.197519][ C0] hid_report_raw_event+0x268/0x12c0 [ 419.197532][ C0] ? _mutex_lock_killable+0x7/0x20 [ 419.197548][ C0] __hid_input_report.constprop.0+0x33f/0x470 [ 419.197563][ C0] hid_irq_in+0x35e/0x870 [ 419.197576][ C0] __usb_hcd_giveback_urb+0x38b/0x610 [ 419.197589][ C0] usb_hcd_giveback_urb+0x39b/0x450 [ 419.197600][ C0] dummy_timer+0x1809/0x3ad0 [ 419.197619][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 419.197632][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 419.197646][ C0] ? rcu_is_watching+0x12/0xc0 [ 419.197661][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 419.197673][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 419.197686][ C0] __hrtimer_run_queues+0x202/0xc40 [ 419.197702][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 419.197719][ C0] ? read_tsc+0x9/0x20 [ 419.197735][ C0] hrtimer_run_softirq+0x17d/0x350 [ 419.197749][ C0] handle_softirqs+0x219/0x950 [ 419.197764][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 419.197779][ C0] __irq_exit_rcu+0x109/0x170 [ 419.197792][ C0] irq_exit_rcu+0x9/0x30 [ 419.197806][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 419.197818][ C0] [ 419.197821][ C0] [ 419.197825][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 419.197837][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 419.197849][ C0] Code: 56 62 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 73 77 15 00 fb f4 cc 35 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 419.197860][ C0] RSP: 0018:ffffffff8e007df8 EFLAGS: 00000286 [ 419.197868][ C0] RAX: 00000000003e8157 RBX: 0000000000000000 RCX: ffffffff8b74e6d9 [ 419.197875][ C0] RDX: 0000000000000000 RSI: ffffffff8dac8375 RDI: ffffffff8bf2aa00 [ 419.197882][ C0] RBP: fffffbfff1c12f68 R08: 0000000000000001 R09: ffffed100564673d [ 419.197888][ C0] R10: ffff88802b2339eb R11: ffffffff9ae1e948 R12: 0000000000000000 [ 419.197894][ C0] R13: ffffffff8e097b40 R14: ffffffff9088b4d0 R15: 0000000000000000 [ 419.197902][ C0] ? ct_kernel_exit+0x139/0x190 [ 419.197917][ C0] default_idle+0x13/0x20 [ 419.197931][ C0] default_idle_call+0x6c/0xb0 [ 419.197945][ C0] do_idle+0x38d/0x510 [ 419.197958][ C0] ? __pfx_do_idle+0x10/0x10 [ 419.197973][ C0] cpu_startup_entry+0x4f/0x60 [ 419.197986][ C0] rest_init+0x16b/0x2b0 [ 419.198000][ C0] ? acpi_subsystem_init+0x133/0x180 [ 419.198014][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 419.198027][ C0] start_kernel+0x3ef/0x4d0 [ 419.198041][ C0] x86_64_start_reservations+0x18/0x30 [ 419.198054][ C0] x86_64_start_kernel+0x130/0x190 [ 419.198067][ C0] common_startup_64+0x13e/0x148 [ 419.198082][ C0] [ 419.317098][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 419.331169][ T825] usb 6-1: USB disconnect, device number 36 [ 419.521834][ T9] usb 12-1: USB disconnect, device number 35