last executing test programs: 4m46.439426436s ago: executing program 32 (id=1558): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="130f000000000000f6ff06"], 0x18}, 0x1, 0x0, 0x0, 0x400c0}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) 3m53.339345103s ago: executing program 4 (id=2458): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c000104000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="30c900000a000100aaaaaaaaaabb000008000b"], 0x30}, 0x1, 0x0, 0x0, 0xc000}, 0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x4, 0x3}, {}, {0x5, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x40004) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x84) 3m53.127405721s ago: executing program 4 (id=2463): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)) ioctl$SIOCSIFHWADDR(r0, 0x8b20, &(0x7f0000000000)={'virt_wifi0\x00', @random="12526a8a2573"}) 3m52.925447475s ago: executing program 4 (id=2466): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r2, r1], 0x2}) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000002c0)={0x0, 0x0, 0x0}) 3m52.837766921s ago: executing program 4 (id=2469): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x1041, 0x0) umount2(&(0x7f0000000000)='./file0/../file0\x00', 0x1) 3m52.71779611s ago: executing program 4 (id=2471): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0xffffffffffffffff) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 3m50.780665806s ago: executing program 4 (id=2498): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x3]}, 0x8) 3m50.403756302s ago: executing program 33 (id=2498): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x3]}, 0x8) 2m50.81922601s ago: executing program 5 (id=3428): sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x800}, 0x40) r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x41, 0x3f, 0x5f, 0x20, 0x61d, 0xc150, 0xce6f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x33, 0x0, 0x1, 0x18, 0x70, 0xfd, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x4}}]}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xa8, &(0x7f0000000040)=ANY=[@ANYBLOB="6b0ee0b3d41b1b"]) 2m49.063837701s ago: executing program 5 (id=3456): syz_io_uring_setup(0x4867, &(0x7f0000000140)={0x0, 0x98dc, 0x40, 0x3, 0x246}, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8, @ANYRES64=r0], 0x0) 2m47.536986998s ago: executing program 5 (id=3477): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@delsa={0x48, 0x12, 0x1, 0x0, 0x0, {@in=@dev}, [@srcaddr={0x14, 0xd, @in6=@rand_addr=' \x01\x00'}, @mark={0xc}]}, 0x48}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x3, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x190, 0xf1f80502f07a58b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_PACKETS_PER_SLAVE={0x8, 0x14, 0xff}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x240080c1) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x0) 2m47.380555756s ago: executing program 5 (id=3479): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 2m47.253662859s ago: executing program 5 (id=3480): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000001c0)={r0, 0xffffffffffffffff}, 0x1e) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000004900000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000007c0)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000680)="76389e6a65585578f830e9000000", 0x0, 0x10001, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 2m47.015246096s ago: executing program 5 (id=3481): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x34, r0, 0x1, 0x70bd2d, 0x0, {{0x6c}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}]]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 2m46.577934917s ago: executing program 34 (id=3481): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x34, r0, 0x1, 0x70bd2d, 0x0, {{0x6c}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}]]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 2m21.321618162s ago: executing program 2 (id=3857): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50) 2m21.169541524s ago: executing program 2 (id=3862): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @local}, 0xd}, 0x1c) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r1, 0x0, 0x800000008ec2, 0xf) 2m18.013682523s ago: executing program 2 (id=3904): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) rt_sigtimedwait(&(0x7f0000000000)={[0xffffffff]}, 0x0, &(0x7f0000000080), 0x8) 2m17.758027769s ago: executing program 2 (id=3909): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 2m17.554368497s ago: executing program 2 (id=3915): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) sendmsg$tipc(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000e40)=[{0x0, 0x20}, {&(0x7f0000000dc0)="8ad4", 0x2}], 0x2, 0x0, 0x0, 0x24040804}, 0x8804) 2m17.119853276s ago: executing program 2 (id=3925): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000040)=0x3, 0x4) syz_emit_ethernet(0x7e, &(0x7f0000000040)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @mcast1, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8}]}]}}}}}}}, 0x0) recvmmsg(r0, &(0x7f0000002780)=[{{0x0, 0xfffffffffffffde1, 0x0}}], 0x1, 0x2140, 0x0) 2m16.728345538s ago: executing program 35 (id=3925): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000040)=0x3, 0x4) syz_emit_ethernet(0x7e, &(0x7f0000000040)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @mcast1, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8}]}]}}}}}}}, 0x0) recvmmsg(r0, &(0x7f0000002780)=[{{0x0, 0xfffffffffffffde1, 0x0}}], 0x1, 0x2140, 0x0) 1m27.028878246s ago: executing program 3 (id=4691): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x11, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1m26.833823693s ago: executing program 3 (id=4695): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080)={0x2, &(0x7f00000000c0)=[{0x40, 0x8, 0xfe, 0xff7ffeff}, {0x6, 0xa, 0xfe, 0x8001}]}) write$ppp(r0, &(0x7f0000000440)='\x00\x00', 0x2) 1m26.619681082s ago: executing program 3 (id=4700): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) r0 = landlock_create_ruleset(&(0x7f0000000940)={0x840c}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x2) 1m26.43955401s ago: executing program 3 (id=4704): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x10000, &(0x7f0000000040)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') mount$cgroup2(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0xa00001, &(0x7f0000000300)={[], [{@smackfsdef={'smackfsdef', 0x3d, '@\xe8%*@\xfb\x8a-'}}]}) 1m26.272359953s ago: executing program 3 (id=4709): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x277, 0x0, 0x7}]}) 1m25.811463775s ago: executing program 3 (id=4713): r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/dev\x00') r1 = fanotify_init(0x0, 0x0) fanotify_mark(r1, 0x1, 0x40001019, r0, 0x0) read$FUSE(r0, &(0x7f0000001840)={0x2020}, 0x2020) 1m25.228189606s ago: executing program 36 (id=4713): r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/dev\x00') r1 = fanotify_init(0x0, 0x0) fanotify_mark(r1, 0x1, 0x40001019, r0, 0x0) read$FUSE(r0, &(0x7f0000001840)={0x2020}, 0x2020) 53.548387327s ago: executing program 9 (id=5137): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) sendto$inet6(r0, &(0x7f0000000180)="b8", 0x1, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x8000000, @loopback, 0xffffffff}, 0x1c) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f00000002c0), &(0x7f00000001c0)=0x8) 53.415719196s ago: executing program 9 (id=5139): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0a733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b842dca425ffc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5201e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd9beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821f054e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d894f3cd5640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e3fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c8580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20253f6cdba9d14a5f32a4d97a57f4603b21146fd1845ce76f863d463c224ad623c17d0b26c3bf083f03c6a4222ab51480eb6e11a8913358219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300000000000000000000000500"}) 53.062405373s ago: executing program 9 (id=5144): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000140)=0x89c, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000040)=0x92c, 0x4) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x0, 0x0) 52.698299771s ago: executing program 9 (id=5149): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') socket$nl_generic(0x10, 0x3, 0x10) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) 52.472391887s ago: executing program 9 (id=5153): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x3b, 0x0, 0xfffffffffffffffb}, {0x481, 0x0, 0x2a72f97}]}) 51.894202641s ago: executing program 9 (id=5163): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1003f, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 51.627181156s ago: executing program 37 (id=5163): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1003f, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 45.459554957s ago: executing program 7 (id=5237): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x3d, &(0x7f0000000000)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe~c\xbc\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000e40)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10) socket$inet6_sctp(0xa, 0x1, 0x84) 45.321764314s ago: executing program 7 (id=5239): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x5}, @local=@item_4={0x3, 0x2, 0x0, "45501821"}, @global=@item_012={0x1, 0x1, 0x9, "f5"}, @global=@item_012={0x1, 0x1, 0x2, "84"}, @main=@item_4={0x3, 0x0, 0xb, "ecf7a69c"}]}}, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCSREPORT(r1, 0x400c4808, &(0x7f0000000040)={0x3, 0x200}) 45.016850522s ago: executing program 7 (id=5244): r0 = socket$inet(0x2, 0x3, 0x8) setsockopt$inet_int(r0, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) r1 = socket$inet(0x2, 0x3, 0x6) r2 = dup3(r0, r1, 0x0) setsockopt$inet_int(r2, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) 35.083755772s ago: executing program 7 (id=5244): r0 = socket$inet(0x2, 0x3, 0x8) setsockopt$inet_int(r0, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) r1 = socket$inet(0x2, 0x3, 0x6) r2 = dup3(r0, r1, 0x0) setsockopt$inet_int(r2, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) 23.838868589s ago: executing program 7 (id=5244): r0 = socket$inet(0x2, 0x3, 0x8) setsockopt$inet_int(r0, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) r1 = socket$inet(0x2, 0x3, 0x6) r2 = dup3(r0, r1, 0x0) setsockopt$inet_int(r2, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) 9.871134044s ago: executing program 6 (id=5547): unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) close(0x3) r0 = socket$igmp(0x2, 0x3, 0x2) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000000)=ANY=[@ANYBLOB='filter'], &(0x7f0000000100)=0x28) 8.882183229s ago: executing program 7 (id=5244): r0 = socket$inet(0x2, 0x3, 0x8) setsockopt$inet_int(r0, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) r1 = socket$inet(0x2, 0x3, 0x6) r2 = dup3(r0, r1, 0x0) setsockopt$inet_int(r2, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) 7.754062412s ago: executing program 6 (id=5556): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0xd4, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c}) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x4040, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@index_off}]}) 7.376954856s ago: executing program 6 (id=5558): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2c}}, 0x0) ioctl$KVM_CAP_HYPERV_SYNIC(r2, 0x4068aea3, &(0x7f0000000000)={0x94}) 6.86562196s ago: executing program 6 (id=5564): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0) r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22}) io_uring_enter(r1, 0x48e9, 0x0, 0x2, 0x0, 0x0) 5.39330634s ago: executing program 6 (id=5575): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000b40)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x2, "4c0a5ba4"}, @main=@item_4={0x3, 0x0, 0x9, "21310280"}, @main=@item_4={0x3, 0x0, 0x8}]}}, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGUSAGE(r1, 0xc018480b, &(0x7f0000000140)={0x1, 0x200, 0x800, 0x2, 0x401, 0x5}) 5.392505344s ago: executing program 0 (id=5585): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xff58) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f07df33c9f7b986", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 5.227521117s ago: executing program 0 (id=5576): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000002d002100000000000000000004"], 0x1c}], 0x1}, 0x0) 2.379577327s ago: executing program 6 (id=5597): r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000500)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0) io_uring_setup(0x56d0, &(0x7f0000000180)={0x0, 0x55b8, 0x200, 0x2, 0x2dd}) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000") close(0x4) 2.121625237s ago: executing program 0 (id=5599): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000000)={r2, 0x7f}, &(0x7f0000000080)=0x8) 1.294033688s ago: executing program 1 (id=5601): ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000340)={{0x0, 0x0, 0xd, 0x6}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x8000000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x10000000000, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x202, 0x0, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x80000001, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00'}, 0x10) r0 = memfd_create(&(0x7f0000000280)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0) write$binfmt_elf64(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46020000000d0200aa1e1c170003003e000839a59434d90a2742a24e000000000000000000deef14b40028e27ebdfd74dafc20380003"], 0xfebe) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 1.153403309s ago: executing program 1 (id=5603): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x0, 0x3, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x380000, @loopback}, 0x1c) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000001c0)={@loopback, 0x800, 0x1}, 0x20) 1.127789503s ago: executing program 0 (id=5604): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000001080)='./file0\x00', 0x0, 0x1100020, &(0x7f0000005380)={[{@gid}, {}]}) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020) 957.228696ms ago: executing program 0 (id=5606): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) fchdir(r0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10) write$cgroup_int(r1, &(0x7f0000000000)=0x2b00, 0x12) 927.794804ms ago: executing program 1 (id=5607): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000004c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0x2c, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0xc}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8800}, 0x4048840) 709.586591ms ago: executing program 1 (id=5609): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20b03, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000001c0)={0x1, 0x0, [{0x40000000, 0x9, 0x4, 0x2}]}) 617.679012ms ago: executing program 8 (id=5610): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macvlan1\x00', 0x0}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400000001000030500000000fddbdf0000000000", @ANYRES32=0x0, @ANYBLOB="02880100373004002000128008000100687372001400028008000100", @ANYRES32=r1, @ANYBLOB="08000200", @ANYRES32=r3], 0x40}}, 0x4) 455.733861ms ago: executing program 1 (id=5611): pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x60680, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000000c0)=0x3ff) sendfile(r0, r1, 0x0, 0x10ffff) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0xd, 0x102, 0x100002, 0xf36, 0x11, "749412b104d57af63d72010000000900"}) 392.593566ms ago: executing program 8 (id=5612): socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet(0x2, 0x3, 0x33) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) getsockopt$inet_mreqsrc(r0, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28) 265.605297ms ago: executing program 8 (id=5613): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) recvmmsg(r1, &(0x7f0000006100), 0x49f, 0x0, 0x0) 261.629094ms ago: executing program 1 (id=5614): sched_setscheduler(0x0, 0x2, 0x0) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xa}, @hci_rp_pin_code_reply={{0x55}, {0x5}}}}, 0xd) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa2bb1000) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) 214.233218ms ago: executing program 8 (id=5615): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r1, 0x80046402, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r1, 0x80046402, &(0x7f0000000040)=0x200) 85.595702ms ago: executing program 8 (id=5616): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e24, @broadcast}]}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000004c0)=0x27) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000008c0)={r2, 0xfffff801, 0x800, 0x5, 0x8, 0x7, 0x7ff, 0x6, {0x0, @in6={{0xa, 0x4e22, 0x3, @private2, 0x4}}, 0x2, 0x4b23, 0x9, 0x3ff, 0x5}}, &(0x7f0000000540)=0xb0) 36.904909ms ago: executing program 8 (id=5617): r0 = timerfd_create(0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200)) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 0s ago: executing program 0 (id=5618): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x3, r2, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1}) kernel console output (not intermixed with test programs): [1, 0] type 2 family 0 port 6081 - 0 [ 403.215234][T15470] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.293185][T15633] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 403.410757][ T5893] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 403.418673][ T5893] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 403.535369][ T6769] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 403.555798][ T6769] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 403.600177][ T5830] Bluetooth: hci3: command tx timeout [ 403.679031][T15643] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 403.779372][T15645] batadv_slave_0: entered allmulticast mode [ 403.792005][T15645] batadv_slave_0: left allmulticast mode [ 404.036953][T15660] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4017'. [ 404.051297][T15660] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4017'. [ 406.131301][ T30] audit: type=1326 audit(1748506191.131:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15725 comm="syz.8.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7ffc0000 [ 406.173812][ T30] audit: type=1326 audit(1748506191.131:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15725 comm="syz.8.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7ffc0000 [ 406.204681][ T30] audit: type=1326 audit(1748506191.151:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15725 comm="syz.8.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23aab8e969 code=0x7ffc0000 [ 406.227502][ T30] audit: type=1326 audit(1748506191.151:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15725 comm="syz.8.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7ffc0000 [ 406.249120][ C1] vkms_vblank_simulate: vblank timer overrun [ 406.256962][ T30] audit: type=1326 audit(1748506191.151:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15725 comm="syz.8.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f23aab85927 code=0x7ffc0000 [ 406.279657][ T30] audit: type=1326 audit(1748506191.151:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15725 comm="syz.8.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23aab2ab39 code=0x7ffc0000 [ 406.316061][ T30] audit: type=1326 audit(1748506191.151:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15725 comm="syz.8.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f23aab85927 code=0x7ffc0000 [ 406.368288][ T30] audit: type=1326 audit(1748506191.151:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15725 comm="syz.8.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23aab2ab39 code=0x7ffc0000 [ 406.391186][ T30] audit: type=1326 audit(1748506191.151:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15725 comm="syz.8.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f23aab85927 code=0x7ffc0000 [ 406.412742][ C1] vkms_vblank_simulate: vblank timer overrun [ 406.421093][ T30] audit: type=1326 audit(1748506191.151:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15725 comm="syz.8.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23aab2ab39 code=0x7ffc0000 [ 406.963997][T15747] netlink: 'syz.0.4056': attribute type 9 has an invalid length. [ 406.973277][T15747] netlink: 212260 bytes leftover after parsing attributes in process `syz.0.4056'. [ 409.063711][T15840] tun0: tun_chr_ioctl cmd 1074025677 [ 409.085483][T15840] tun0: linktype set to 0 [ 409.820903][T15862] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 410.180987][T15872] bridge0: port 2(bridge_slave_1) entered learning state [ 410.419556][T15883] can0: slcan on ttyS3. [ 410.561357][T15883] can0 (unregistered): slcan off ttyS3. [ 410.754586][T15898] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 411.100517][ T9] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 411.269928][ T9] usb 9-1: Using ep0 maxpacket: 32 [ 411.290638][ T9] usb 9-1: config 0 has no interfaces? [ 411.306635][ T9] usb 9-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b [ 411.330202][ T9] usb 9-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0 [ 411.338274][ T9] usb 9-1: Product: syz [ 411.355458][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 411.355477][ T30] audit: type=1326 audit(1748506196.351:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15923 comm="syz.7.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdcf6d85927 code=0x7ffc0000 [ 411.360336][ T9] usb 9-1: Manufacturer: syz [ 411.391072][ T30] audit: type=1326 audit(1748506196.351:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15923 comm="syz.7.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdcf6d2ab39 code=0x7ffc0000 [ 411.412632][ C1] vkms_vblank_simulate: vblank timer overrun [ 411.453058][ T9] usb 9-1: config 0 descriptor?? [ 411.462211][ T30] audit: type=1326 audit(1748506196.351:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15923 comm="syz.7.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdcf6d85927 code=0x7ffc0000 [ 411.495910][ T30] audit: type=1326 audit(1748506196.381:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15923 comm="syz.7.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdcf6d2ab39 code=0x7ffc0000 [ 411.552273][ T30] audit: type=1326 audit(1748506196.381:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15923 comm="syz.7.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdcf6d85927 code=0x7ffc0000 [ 411.577747][ T30] audit: type=1326 audit(1748506196.381:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15923 comm="syz.7.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdcf6d2ab39 code=0x7ffc0000 [ 411.604889][ T30] audit: type=1326 audit(1748506196.381:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15923 comm="syz.7.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdcf6d85927 code=0x7ffc0000 [ 411.662389][ T30] audit: type=1326 audit(1748506196.381:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15923 comm="syz.7.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdcf6d2ab39 code=0x7ffc0000 [ 411.715877][ T30] audit: type=1326 audit(1748506196.381:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15923 comm="syz.7.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdcf6d85927 code=0x7ffc0000 [ 411.746355][ T10] usb 9-1: USB disconnect, device number 2 [ 411.774658][ T30] audit: type=1326 audit(1748506196.381:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15923 comm="syz.7.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdcf6d2ab39 code=0x7ffc0000 [ 411.803576][ T9] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 411.971928][ T9] usb 4-1: config 0 interface 0 has no altsetting 0 [ 411.978911][ T9] usb 4-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 411.998971][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.028544][ T9] usb 4-1: config 0 descriptor?? [ 412.879291][ T9] video4linux radio48: keene_cmd_main failed (-71) [ 412.897144][ T9] radio-keene 4-1:0.0: V4L2 device registered as radio48 [ 412.952337][ T9] usb 4-1: USB disconnect, device number 41 [ 414.770265][ T44] usb 9-1: new full-speed USB device number 3 using dummy_hcd [ 414.913807][T16049] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4190'. [ 414.915987][T16050] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4192'. [ 414.922863][T16049] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4190'. [ 414.942831][ T44] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 414.956990][ T44] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 414.981321][ T44] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 414.997249][ T44] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 415.015710][ T44] usb 9-1: Product: syz [ 415.024569][ T44] usb 9-1: Manufacturer: syz [ 415.035992][ T44] usb 9-1: SerialNumber: syz [ 415.272421][ T44] usb 9-1: 0:2 : does not exist [ 415.289787][ T44] usb 9-1: 5:0: failed to get current value for ch 0 (-22) [ 415.322589][ T44] usb 9-1: USB disconnect, device number 3 [ 416.161887][T16098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4213'. [ 416.699912][T16116] vim2m vim2m.0: vidioc_s_fmt queue busy [ 416.835164][T16124] loop6: detected capacity change from 0 to 524287999 [ 417.322087][ T24] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 417.515150][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 417.570049][ T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 417.601656][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 417.602489][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 417.630241][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 417.666422][ T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 417.696562][ T24] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 417.722734][ T24] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 417.740183][ T24] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 417.770599][ T24] usb 4-1: Manufacturer: syz [ 417.782443][ T24] usb 4-1: config 0 descriptor?? [ 417.829535][T16156] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4240'. [ 417.978712][T16161] kvm: kvm [16159]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000001b) [ 418.133093][ T24] rc_core: IR keymap rc-hauppauge not found [ 418.150767][ T24] Registered IR keymap rc-empty [ 418.156186][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.217321][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.251922][ T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 418.285029][ T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input32 [ 418.310168][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.348324][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.400233][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.430169][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.461869][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.510116][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.560626][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.615320][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.640377][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 418.650806][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.690301][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 418.722416][ T24] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 418.764385][ T24] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 418.800656][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 418.823907][ T24] usb 4-1: USB disconnect, device number 42 [ 419.680406][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 419.761580][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 419.771491][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 420.345966][T16263] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 420.530339][ T44] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 420.658439][T16277] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4292'. [ 420.712269][ T44] usb 9-1: config 0 has no interfaces? [ 420.718068][ T44] usb 9-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00 [ 420.728321][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 420.754692][ T44] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 420.796170][ T44] usb 9-1: config 0 descriptor?? [ 421.063646][T16257] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 421.084063][T16257] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 421.139761][ T44] usb 9-1: USB disconnect, device number 4 [ 421.590606][ T44] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 421.678718][T16315] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4311'. [ 421.763083][ T44] usb 9-1: Using ep0 maxpacket: 8 [ 421.764240][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 421.770616][ T44] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 421.799554][ T44] usb 9-1: config 0 has no interface number 0 [ 421.810088][ T5873] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 421.810222][ T44] usb 9-1: config 0 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 421.833434][ T44] usb 9-1: config 0 interface 1 altsetting 1 bulk endpoint 0x1 has invalid maxpacket 0 [ 421.843549][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 421.861772][ T44] usb 9-1: config 0 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 421.874773][ T44] usb 9-1: config 0 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 421.887528][ T44] usb 9-1: config 0 interface 1 has no altsetting 0 [ 421.897057][ T44] usb 9-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 421.908716][ T44] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.942398][ T44] usb 9-1: config 0 descriptor?? [ 421.984110][ T5873] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 422.006231][ T5873] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 422.018094][ T5873] usb 7-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 422.030658][ T5873] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 422.060649][ T5873] usb 7-1: config 0 descriptor?? [ 422.178117][ T1211] usb 9-1: USB disconnect, device number 5 [ 422.483311][ T5873] playstation 0003:054C:0DF2.0025: unknown main item tag 0x0 [ 422.500079][ T5873] playstation 0003:054C:0DF2.0025: unknown main item tag 0x0 [ 422.507561][ T5873] playstation 0003:054C:0DF2.0025: unknown main item tag 0x0 [ 422.516364][ T5873] playstation 0003:054C:0DF2.0025: unknown main item tag 0x0 [ 422.542419][ T5873] playstation 0003:054C:0DF2.0025: unknown main item tag 0x0 [ 422.566675][ T5873] playstation 0003:054C:0DF2.0025: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.6-1/input0 [ 422.691889][ T5873] playstation 0003:054C:0DF2.0025: Invalid byte count transferred, expected 20 got 0 [ 422.709753][ T5873] playstation 0003:054C:0DF2.0025: Failed to retrieve DualSense pairing info: -22 [ 422.734020][ T5873] playstation 0003:054C:0DF2.0025: Failed to get MAC address from DualSense [ 422.743207][T16357] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4331'. [ 422.744294][ T5873] playstation 0003:054C:0DF2.0025: Failed to create dualsense. [ 422.794845][ T5873] playstation 0003:054C:0DF2.0025: probe with driver playstation failed with error -22 [ 422.805193][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 422.906731][T16366] netlink: 830 bytes leftover after parsing attributes in process `syz.7.4335'. [ 422.932308][ T5873] usb 7-1: USB disconnect, device number 13 [ 423.120706][ T24] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 423.284177][ T24] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 423.294123][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.321459][ T24] usb 4-1: config 0 descriptor?? [ 423.339322][ T24] cp210x 4-1:0.0: cp210x converter detected [ 423.662886][T16387] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4343'. [ 423.769464][ T24] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 423.844403][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 424.013884][ T24] cp210x 4-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 424.021869][ T24] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 424.034186][ T24] usb 4-1: cp210x converter now attached to ttyUSB0 [ 424.073003][ T24] usb 4-1: USB disconnect, device number 43 [ 424.101168][ T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 424.124467][ T24] cp210x 4-1:0.0: device disconnected [ 424.132970][T16401] loop2: detected capacity change from 0 to 7 [ 424.158014][T16401] Dev loop2: unable to read RDB block 7 [ 424.170473][T16401] loop2: unable to read partition table [ 424.196787][T16401] loop2: partition table beyond EOD, truncated [ 424.205621][T16401] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 424.880455][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 424.888688][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 424.926151][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 425.357856][T16462] netlink: 'syz.0.4380': attribute type 1 has an invalid length. [ 425.379668][T16462] netlink: 172 bytes leftover after parsing attributes in process `syz.0.4380'. [ 425.926914][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 426.960295][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 427.184041][ T5873] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 427.349964][ T5873] usb 9-1: Using ep0 maxpacket: 32 [ 427.370834][ T5873] usb 9-1: config 0 has an invalid interface number: 51 but max is 0 [ 427.379136][ T5873] usb 9-1: config 0 has no interface number 0 [ 427.407492][ T5873] usb 9-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 427.420475][ T5873] usb 9-1: New USB device strings: Mfr=1, Product=229, SerialNumber=2 [ 427.439039][ T5873] usb 9-1: Product: syz [ 427.458538][ T5873] usb 9-1: Manufacturer: syz [ 427.463386][ T5873] usb 9-1: SerialNumber: syz [ 427.481069][ T5873] usb 9-1: config 0 descriptor?? [ 427.513178][ T5873] quatech2 9-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 427.683497][T16547] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 427.734546][ T5873] usb 9-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 427.762637][ T5873] usb 9-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 427.814415][ T30] kauditd_printk_skb: 59 callbacks suppressed [ 427.814434][ T30] audit: type=1326 audit(1748506213.810:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16550 comm="syz.3.4420" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3b1318e969 code=0x0 [ 427.933732][ C0] quatech-serial ttyUSB0: qt2_process_read_urb - xmit_empty message too short [ 428.000282][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 428.008488][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 428.134532][ C0] usb 9-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 428.135832][ T44] usb 9-1: USB disconnect, device number 6 [ 428.156983][ T44] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 428.185924][ T44] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 428.203756][ T44] quatech2 9-1:0.51: device disconnected [ 428.442803][T16565] netlink: 428 bytes leftover after parsing attributes in process `syz.6.4426'. [ 428.452399][T16565] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4426'. [ 429.050292][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 429.235483][T16592] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4439'. [ 429.324024][ T30] audit: type=1326 audit(1748506215.320:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16595 comm="syz.3.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b1318e969 code=0x7ffc0000 [ 429.345651][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.373966][ T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 429.404169][ T30] audit: type=1326 audit(1748506215.350:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16595 comm="syz.3.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b1318e969 code=0x7ffc0000 [ 429.458841][ T30] audit: type=1326 audit(1748506215.350:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16595 comm="syz.3.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b1318e969 code=0x7ffc0000 [ 429.480495][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.493979][ T30] audit: type=1326 audit(1748506215.350:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16595 comm="syz.3.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b1318e969 code=0x7ffc0000 [ 429.515912][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.525320][ T30] audit: type=1326 audit(1748506215.350:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16595 comm="syz.3.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b1318e969 code=0x7ffc0000 [ 429.547370][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.608903][ T30] audit: type=1326 audit(1748506215.350:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16595 comm="syz.3.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b1318e969 code=0x7ffc0000 [ 429.630688][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.675309][ T30] audit: type=1326 audit(1748506215.350:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16595 comm="syz.3.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b1318e969 code=0x7ffc0000 [ 429.696900][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.759998][ T30] audit: type=1326 audit(1748506215.350:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16595 comm="syz.3.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3b13185927 code=0x7ffc0000 [ 429.781498][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.840391][ T30] audit: type=1326 audit(1748506215.350:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16595 comm="syz.3.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3b1312ab39 code=0x7ffc0000 [ 429.861979][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.930344][ T5873] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 430.080445][T16616] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4450'. [ 430.093204][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.119649][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 430.146771][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 430.157201][ T5873] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 430.173129][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.210113][ T5873] usb 4-1: config 0 descriptor?? [ 430.633420][ T5873] cp2112 0003:10C4:EA90.0026: unknown main item tag 0x0 [ 430.668811][ T5873] cp2112 0003:10C4:EA90.0026: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0 [ 430.716735][T16638] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 430.846713][ T5873] cp2112 0003:10C4:EA90.0026: error requesting version [ 430.869006][ T5873] cp2112 0003:10C4:EA90.0026: probe with driver cp2112 failed with error -71 [ 430.899099][ T5873] usb 4-1: USB disconnect, device number 44 [ 431.040943][ T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 431.120240][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 432.161109][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 432.369666][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 432.740236][ T978] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 432.800635][T16719] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4498'. [ 432.920332][ T978] usb 4-1: Using ep0 maxpacket: 16 [ 432.938702][ T978] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 432.961681][ T978] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 17768, setting to 1024 [ 432.994089][ T978] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 433.033142][ T978] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 433.053013][ T978] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.085429][ T978] usb 4-1: config 0 descriptor?? [ 433.107536][T16703] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 433.126782][ T978] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input33 [ 433.203493][ T5873] net_ratelimit: 2 callbacks suppressed [ 433.203515][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 433.397568][ T5873] usb 4-1: USB disconnect, device number 45 [ 433.518470][T16744] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 433.527560][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 433.890954][T16751] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4513'. [ 433.917433][T16751] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4513'. [ 433.948636][T16751] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4513'. [ 434.080701][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 434.143726][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 434.143746][ T30] audit: type=1326 audit(1748506220.140:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16759 comm="syz.6.4517" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbd9438e969 code=0x0 [ 434.240253][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 434.867808][T16794] batadv_slave_0: entered promiscuous mode [ 434.878552][T16794] batadv_slave_0: left promiscuous mode [ 434.918620][T16792] tun0: tun_chr_ioctl cmd 1074025672 [ 434.929930][T16792] tun0: ignored: set checksum disabled [ 435.121424][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 435.135720][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 435.143976][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 435.239971][ T978] usb 9-1: new full-speed USB device number 7 using dummy_hcd [ 435.285939][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 435.412356][ T978] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 435.429889][ T978] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 435.449347][ T978] usb 9-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 435.469204][ T978] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 435.498970][ T978] usb 9-1: config 0 descriptor?? [ 435.507683][ T978] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 435.514926][ T24] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 435.531447][ T978] dvb-usb: bulk message failed: -22 (3/0) [ 435.555819][T16822] loop6: detected capacity change from 0 to 524287999 [ 435.563889][ T978] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 435.580411][ T978] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 435.580728][T16822] buffer_io_error: 8 callbacks suppressed [ 435.580745][T16822] Buffer I/O error on dev loop6, logical block 0, async page read [ 435.597821][ T978] usb 9-1: media controller created [ 435.623424][ T978] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 435.624101][T16822] Buffer I/O error on dev loop6, logical block 0, async page read [ 435.643554][T16824] kernel read not supported for file /eth0 (pid: 16824 comm: syz.3.4542) [ 435.653370][T16822] Buffer I/O error on dev loop6, logical block 0, async page read [ 435.668443][ T30] audit: type=1800 audit(1748506221.660:846): pid=16824 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.4542" name="eth0" dev="mqueue" ino=61923 res=0 errno=0 [ 435.688599][ T978] dvb-usb: bulk message failed: -22 (6/0) [ 435.695099][ T978] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 435.711975][T16822] Buffer I/O error on dev loop6, logical block 0, async page read [ 435.720044][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 435.728642][ T24] usb 1-1: unable to get BOS descriptor or descriptor too short [ 435.740251][T16822] Buffer I/O error on dev loop6, logical block 0, async page read [ 435.741183][ T978] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.8/usb9/9-1/input/input34 [ 435.755133][T16822] Buffer I/O error on dev loop6, logical block 0, async page read [ 435.761651][ T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 435.780370][ T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 435.789680][ T978] dvb-usb: schedule remote query interval to 150 msecs. [ 435.797349][ T978] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 435.802186][T16822] Buffer I/O error on dev loop6, logical block 0, async page read [ 435.809063][ T24] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 435.822943][T16822] Buffer I/O error on dev loop6, logical block 0, async page read [ 435.830401][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 435.837947][T16822] ldm_validate_partition_table(): Disk read failed. [ 435.839412][ T978] usb 9-1: USB disconnect, device number 7 [ 435.847980][T16822] Buffer I/O error on dev loop6, logical block 0, async page read [ 435.855821][ T24] usb 1-1: Product: syz [ 435.865046][ T24] usb 1-1: Manufacturer: syz [ 435.865205][T16822] Buffer I/O error on dev loop6, logical block 0, async page read [ 435.870430][ T24] usb 1-1: SerialNumber: syz [ 435.885330][T16822] Dev loop6: unable to read RDB block 0 [ 435.891657][T16822] loop6: unable to read partition table [ 435.897761][T16822] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 435.908193][ T978] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 435.924022][T16825] ldm_validate_partition_table(): Disk read failed. [ 435.974980][T16825] Dev loop6: unable to read RDB block 0 [ 435.983965][T16825] loop6: unable to read partition table [ 436.004322][T16825] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 436.107192][ T24] usb 1-1: 0:2 : does not exist [ 436.145565][ T24] usb 1-1: USB disconnect, device number 28 [ 436.322972][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 437.460171][ T30] audit: type=1800 audit(1748506223.460:847): pid=16890 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.4573" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 437.479589][ C1] vkms_vblank_simulate: vblank timer overrun [ 437.827721][T16905] netlink: 'syz.3.4577': attribute type 2 has an invalid length. [ 437.840029][T16905] netlink: 'syz.3.4577': attribute type 2 has an invalid length. [ 438.400429][ T5873] net_ratelimit: 5 callbacks suppressed [ 438.400448][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 439.337762][T16977] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4610'. [ 439.443420][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 439.842700][ T30] audit: type=1400 audit(1748506225.840:848): lsm=SMACK fn=smack_task_setioprio action=denied subject="w" object="_" requested=w pid=17003 comm="syz.8.4623" opid=15470 ocomm="syz-executor" [ 439.861256][ C1] vkms_vblank_simulate: vblank timer overrun [ 439.999969][ T978] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 440.191372][ T978] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 440.210010][ T978] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 440.230177][ T978] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 440.241092][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 440.266060][ T978] usb 4-1: New USB device found, idVendor=044f, idProduct=b65a, bcdDevice= 0.00 [ 440.284195][T17017] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 440.294037][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 440.302765][ T978] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.316351][ T978] usb 4-1: config 0 descriptor?? [ 440.468499][T17024] sctp: [Deprecated]: syz.7.4633 (pid 17024) Use of int in max_burst socket option. [ 440.468499][T17024] Use struct sctp_assoc_value instead [ 440.490533][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 440.658431][T17035] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4638'. [ 440.738955][ T978] thrustmaster 0003:044F:B65A.0027: unknown main item tag 0x2 [ 440.761567][ T978] thrustmaster 0003:044F:B65A.0027: item fetching failed at offset 4/7 [ 440.792729][ T978] thrustmaster 0003:044F:B65A.0027: parse failed [ 440.814854][ T978] thrustmaster 0003:044F:B65A.0027: probe with driver thrustmaster failed with error -22 [ 440.945575][ T978] usb 4-1: USB disconnect, device number 46 [ 441.207202][ T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 441.540034][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 441.967417][T17084] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 441.976841][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 442.084675][T17089] netlink: 'syz.3.4662': attribute type 13 has an invalid length. [ 442.724096][T17099] ieee802154 phy0 wpan0: encryption failed: -22 [ 442.740627][T17089] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 442.792138][T17089] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 443.308543][T17114] random: crng reseeded on system resumption [ 443.348978][T17089] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 443.373530][T17089] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 443.390191][T17089] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 443.408871][T17089] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 443.437437][T17089] bond0: left allmulticast mode [ 443.450684][T17089] bond_slave_0: left allmulticast mode [ 443.458729][T17089] bond_slave_1: left allmulticast mode [ 443.464896][T17089] bond0: left promiscuous mode [ 443.470237][T17089] bond_slave_0: left promiscuous mode [ 443.475981][T17089] bond_slave_1: left promiscuous mode [ 443.600109][ T1211] net_ratelimit: 4096 callbacks suppressed [ 443.600129][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 443.630560][T17121] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 443.637138][T17121] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 443.665039][T17121] vhci_hcd vhci_hcd.0: Device attached [ 443.850205][ T1211] vhci_hcd: vhci_device speed not set [ 443.868886][T17135] @: renamed from vlan0 (while UP) [ 443.910074][ T1211] usb 33-1: new full-speed USB device number 2 using vhci_hcd [ 443.940220][ T5873] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 443.982728][T17139] block device autoloading is deprecated and will be removed. [ 444.104470][ T5873] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 444.130353][ T5873] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 444.148239][ T5873] usb 1-1: Product: syz [ 444.160306][ T5873] usb 1-1: Manufacturer: syz [ 444.165942][ T5873] usb 1-1: SerialNumber: syz [ 444.177678][ T5873] usb 1-1: config 0 descriptor?? [ 444.240196][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 444.247029][T17154] vivid-006: disconnect [ 444.270492][T17152] vivid-006: reconnect [ 444.395564][ T5873] usb 1-1: ignoring: probably an ADSL modem [ 444.641318][ T5872] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 444.721746][ T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 444.798248][T17122] vhci_hcd: connection reset by peer [ 444.806248][ T5873] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 444.818883][ T12] vhci_hcd: stop threads [ 444.826218][ T5873] usb 1-1: USB disconnect, device number 29 [ 444.840396][ T12] vhci_hcd: release socket [ 444.849026][ T12] vhci_hcd: disconnect device [ 445.120105][ T978] usb 9-1: new low-speed USB device number 8 using dummy_hcd [ 445.283050][ T978] usb 9-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 445.296667][ T978] usb 9-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 1024, setting to 8 [ 445.311092][ T978] usb 9-1: config 0 interface 0 has no altsetting 0 [ 445.317769][ T978] usb 9-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00 [ 445.327676][ T978] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 445.338921][ T978] usb 9-1: config 0 descriptor?? [ 445.349083][T17182] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 445.365087][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.374178][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 445.396303][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.681434][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 445.826233][ T978] holtek_mouse 0003:04D9:A067.0028: unbalanced delimiter at end of report description [ 445.854947][ T978] holtek_mouse 0003:04D9:A067.0028: hid parse failed: -22 [ 445.878875][ T978] holtek_mouse 0003:04D9:A067.0028: probe with driver holtek_mouse failed with error -22 [ 446.055596][ T978] usb 9-1: USB disconnect, device number 8 [ 446.135094][ T12] bridge_slave_1: left allmulticast mode [ 446.155403][ T12] bridge_slave_1: left promiscuous mode [ 446.174349][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 446.207524][ T12] bridge_slave_0: left allmulticast mode [ 446.222684][ T12] bridge_slave_0: left promiscuous mode [ 446.234524][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 446.418053][T17215] loop6: detected capacity change from 0 to 524287999 [ 446.456035][T17215] buffer_io_error: 22 callbacks suppressed [ 446.456055][T17215] Buffer I/O error on dev loop6, logical block 0, async page read [ 446.480432][T17215] Buffer I/O error on dev loop6, logical block 0, async page read [ 446.488828][T17215] Buffer I/O error on dev loop6, logical block 0, async page read [ 446.502099][T17215] Buffer I/O error on dev loop6, logical block 0, async page read [ 446.531179][T17215] Buffer I/O error on dev loop6, logical block 0, async page read [ 446.542688][T17215] Buffer I/O error on dev loop6, logical block 0, async page read [ 446.565762][T17215] Buffer I/O error on dev loop6, logical block 0, async page read [ 446.577606][T17215] Buffer I/O error on dev loop6, logical block 0, async page read [ 446.590601][T17215] ldm_validate_partition_table(): Disk read failed. [ 446.618738][T17215] Buffer I/O error on dev loop6, logical block 0, async page read [ 446.656809][T17215] Buffer I/O error on dev loop6, logical block 0, async page read [ 446.687365][T17215] Dev loop6: unable to read RDB block 0 [ 446.713684][T17215] loop6: unable to read partition table [ 446.721337][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 446.730058][T17215] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 446.761154][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 446.771574][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 446.786854][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 446.799029][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 446.811372][ T12] team0: Port device geneve0 removed [ 446.821439][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 446.993986][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 447.007591][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 447.018165][ T12] bond0 (unregistering): Released all slaves [ 447.039173][ T12] bond1 (unregistering): Released all slaves [ 447.288529][ T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 447.623256][ T10] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 447.631589][T17251] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4734'. [ 447.698984][T17222] chnl_net:caif_netlink_parms(): no params data found [ 447.765398][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 447.809937][ T10] usb 7-1: Using ep0 maxpacket: 32 [ 447.817302][ T10] usb 7-1: config 0 has an invalid interface number: 51 but max is 0 [ 447.825603][ T10] usb 7-1: config 0 has no interface number 0 [ 447.835805][ T10] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 447.852235][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.875257][ T10] usb 7-1: Product: syz [ 447.879501][ T10] usb 7-1: Manufacturer: syz [ 447.884227][ T10] usb 7-1: SerialNumber: syz [ 447.898823][ T10] usb 7-1: config 0 descriptor?? [ 447.907416][ T10] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 448.000938][T17222] bridge0: port 1(bridge_slave_0) entered blocking state [ 448.008387][T17222] bridge0: port 1(bridge_slave_0) entered disabled state [ 448.026217][T17222] bridge_slave_0: entered allmulticast mode [ 448.043172][T17222] bridge_slave_0: entered promiscuous mode [ 448.063032][T17222] bridge0: port 2(bridge_slave_1) entered blocking state [ 448.080240][T17222] bridge0: port 2(bridge_slave_1) entered disabled state [ 448.097974][T17222] bridge_slave_1: entered allmulticast mode [ 448.146732][T17222] bridge_slave_1: entered promiscuous mode [ 448.168391][ T10] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 448.196646][ T10] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 448.314102][T17222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 448.374658][T17222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 448.467127][T17222] team0: Port device team_slave_0 added [ 448.503630][T17222] team0: Port device team_slave_1 added [ 448.586029][ C0] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 448.594439][ T10] usb 7-1: USB disconnect, device number 14 [ 448.608342][ T10] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 448.636357][ T10] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 448.658392][ T10] quatech2 7-1:0.51: device disconnected [ 448.679245][T17222] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 448.701085][T17222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 448.727031][ C1] vkms_vblank_simulate: vblank timer overrun [ 448.745193][T17222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 448.764215][T17222] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 448.772246][T17222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 448.798150][ C1] vkms_vblank_simulate: vblank timer overrun [ 448.800631][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 448.856126][T17222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 448.880691][ T51] Bluetooth: hci1: command tx timeout [ 449.040045][ T1211] vhci_hcd: vhci_device speed not set [ 449.112784][T17298] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 449.227519][T17222] hsr_slave_0: entered promiscuous mode [ 449.248007][T17222] hsr_slave_1: entered promiscuous mode [ 449.281308][T17222] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 449.288937][T17222] Cannot create hsr debugfs directory [ 449.474891][ T12] hsr_slave_0: left promiscuous mode [ 449.494066][ T12] hsr_slave_1: left promiscuous mode [ 449.503002][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 449.526818][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 449.598760][T17311] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4760'. [ 449.637365][T17314] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 449.842927][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 450.325669][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 450.339573][ T12] team0 (unregistering): Port device team_slave_1 removed [ 450.415239][ T12] team0 (unregistering): Port device team_slave_0 removed [ 450.623150][T17316] Falling back ldisc for ttyS3. [ 450.714544][T17330] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4769'. [ 450.725848][T17330] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4769'. [ 450.889693][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 450.960121][ T51] Bluetooth: hci1: command tx timeout [ 451.180145][T17338] block nbd0: server does not support multiple connections per device. [ 451.208411][T17338] block nbd0: shutting down sockets [ 451.461741][ T978] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 451.621022][ T978] usb 7-1: Using ep0 maxpacket: 32 [ 451.647339][ T978] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 451.677792][ T978] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 451.696553][T17222] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 451.713436][ T978] usb 7-1: config 0 descriptor?? [ 451.723668][T17222] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 451.746846][T17222] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 451.782300][T17222] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 451.920750][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 451.955662][ T978] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 451.978682][ T978] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 452.003969][T17222] 8021q: adding VLAN 0 to HW filter on device bond0 [ 452.012500][ T978] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 452.019722][ T978] usb 7-1: media controller created [ 452.044928][T17222] 8021q: adding VLAN 0 to HW filter on device team0 [ 452.074817][ T978] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 452.094759][ T66] bridge0: port 1(bridge_slave_0) entered blocking state [ 452.102008][ T66] bridge0: port 1(bridge_slave_0) entered forwarding state [ 452.137887][ T5893] bridge0: port 2(bridge_slave_1) entered blocking state [ 452.145134][ T5893] bridge0: port 2(bridge_slave_1) entered forwarding state [ 452.163508][ T978] az6027: usb out operation failed. (-71) [ 452.173027][ T978] az6027: usb out operation failed. (-71) [ 452.179295][ T978] stb0899_attach: Driver disabled by Kconfig [ 452.209871][ T978] az6027: no front-end attached [ 452.209871][ T978] [ 452.225541][ T978] az6027: usb out operation failed. (-71) [ 452.237747][ T978] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 452.262650][ T978] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.6/usb7/7-1/input/input35 [ 452.304845][ T978] dvb-usb: schedule remote query interval to 400 msecs. [ 452.333817][ T978] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 452.358368][ T978] usb 7-1: USB disconnect, device number 15 [ 452.509128][ T978] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 452.675598][T17222] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 452.888971][T17382] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 452.961143][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 453.042238][ T51] Bluetooth: hci1: command tx timeout [ 453.161961][T17222] veth0_vlan: entered promiscuous mode [ 453.187787][T17222] veth1_vlan: entered promiscuous mode [ 453.242343][T17222] veth0_macvtap: entered promiscuous mode [ 453.254169][T17222] veth1_macvtap: entered promiscuous mode [ 453.278374][T17222] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 453.315761][T17222] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 453.342822][T17222] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 453.360534][ T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 453.369794][ T5805] usb 9-1: new low-speed USB device number 9 using dummy_hcd [ 453.369967][T17222] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 453.377398][T17222] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 453.377438][T17222] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 453.532091][T17399] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4798'. [ 453.555592][ T5805] usb 9-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 1023, setting to 8 [ 453.582961][ T5805] usb 9-1: config 0 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 453.599294][ T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 453.621101][ T5805] usb 9-1: config 0 interface 0 has no altsetting 0 [ 453.627829][ T5805] usb 9-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00 [ 453.629991][ T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 453.644448][ T5805] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 453.662637][ T5805] usb 9-1: config 0 descriptor?? [ 453.669133][T17391] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 453.726233][ T6769] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 453.750296][ T6769] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 453.934774][T17411] netlink: 'syz.9.4715': attribute type 15 has an invalid length. [ 454.127683][ T5805] logitech 0003:046D:C623.0029: item fetching failed at offset 0/4 [ 454.141698][ T5805] logitech 0003:046D:C623.0029: parse failed [ 454.148065][ T5805] logitech 0003:046D:C623.0029: probe with driver logitech failed with error -22 [ 454.359570][ T5805] usb 9-1: USB disconnect, device number 9 [ 454.510245][ T1211] usb 1-1: new low-speed USB device number 30 using dummy_hcd [ 454.686499][ T1211] usb 1-1: unable to get BOS descriptor or descriptor too short [ 454.698750][ T1211] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 454.730016][ T1211] usb 1-1: can't read configurations, error -71 [ 455.124508][ T51] Bluetooth: hci1: command tx timeout [ 455.685386][ T9] kernel write not supported for file /vcs (pid: 9 comm: kworker/0:0) [ 455.971394][T17485] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 456.422439][T17507] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 456.630074][ T1211] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 456.798202][ T1211] usb 10-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 456.815607][ T1211] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 456.833670][ T1211] usb 10-1: config 0 descriptor?? [ 456.847173][ T1211] gspca_main: spca508-2.14.0 probing 8086:0110 [ 457.068959][ T1211] gspca_spca508: reg_read err -32 [ 457.086379][ T1211] gspca_spca508: reg_read err -32 [ 457.094120][ T1211] gspca_spca508: reg_read err -32 [ 457.216246][T17534] vlan3: entered allmulticast mode [ 457.230327][T17534] bond0: entered allmulticast mode [ 457.246587][T17534] bond_slave_0: entered allmulticast mode [ 457.272928][T17534] bond_slave_1: entered allmulticast mode [ 457.299260][T17534] batadv_slave_0: entered allmulticast mode [ 457.301584][ T1211] gspca_spca508: reg_read err -71 [ 457.312718][ T1211] gspca_spca508: reg write: error -71 [ 457.328781][ T1211] spca508 10-1:0.0: probe with driver spca508 failed with error -71 [ 457.367530][ T1211] usb 10-1: USB disconnect, device number 2 [ 457.880067][ T44] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 457.957044][ T5805] kernel write not supported for file /29/net/ip_vs_stats (pid: 5805 comm: kworker/1:3) [ 458.051656][T17557] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4870'. [ 458.085001][T17557] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4870'. [ 458.141072][ T44] usb 1-1: Using ep0 maxpacket: 32 [ 458.148161][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 458.170679][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 458.190299][ T44] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 458.206145][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 458.234303][ T44] usb 1-1: config 0 descriptor?? [ 458.714757][ T44] savu 0003:1E7D:2D5A.002A: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 458.880359][ T10] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 458.985826][ T44] usb 1-1: USB disconnect, device number 32 [ 459.062249][ T10] usb 10-1: config index 0 descriptor too short (expected 23569, got 27) [ 459.083556][ T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 459.111616][ T10] usb 10-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 459.130527][ T10] usb 10-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 459.144536][ T10] usb 10-1: Manufacturer: syz [ 459.170302][ T10] usb 10-1: config 0 descriptor?? [ 459.273504][ T10] rc_core: IR keymap rc-hauppauge not found [ 459.279509][ T10] Registered IR keymap rc-empty [ 459.305419][ T10] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0 [ 459.349165][ T10] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0/input36 [ 459.392538][ C0] igorplugusb 10-1:0.0: Error: urb status = -32 [ 459.409743][ T5805] usb 10-1: USB disconnect, device number 3 [ 459.965858][T17624] 9pnet_fd: Insufficient options for proto=fd [ 461.479093][ T30] audit: type=1326 audit(1748506247.470:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.8.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7fc00000 [ 461.520854][T17666] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4919'. [ 461.573132][ T30] audit: type=1326 audit(1748506247.470:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.8.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f23aab8e969 code=0x7fc00000 [ 461.681146][ T30] audit: type=1326 audit(1748506247.470:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.8.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7fc00000 [ 461.736527][ T30] audit: type=1326 audit(1748506247.470:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.8.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7fc00000 [ 461.835661][ T30] audit: type=1326 audit(1748506247.470:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.8.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7fc00000 [ 461.938812][ T30] audit: type=1326 audit(1748506247.470:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.8.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7fc00000 [ 462.025718][ T30] audit: type=1326 audit(1748506247.470:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.8.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7fc00000 [ 462.098446][ T30] audit: type=1326 audit(1748506247.470:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.8.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7fc00000 [ 462.139980][ T30] audit: type=1326 audit(1748506247.470:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.8.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7fc00000 [ 462.233284][ T30] audit: type=1326 audit(1748506247.470:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17659 comm="syz.8.4916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23aab8e969 code=0x7fc00000 [ 462.457932][T17695] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4934'. [ 463.447726][T17726] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4946'. [ 463.487785][T17726] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 463.497432][T17726] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 463.506797][T17726] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 463.515972][T17726] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 463.552301][T17726] netdevsim netdevsim9 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 463.563655][T17726] netdevsim netdevsim9 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 463.573235][T17726] netdevsim netdevsim9 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 463.582844][T17726] netdevsim netdevsim9 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 464.160364][ T44] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 464.332743][ T44] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 464.357099][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 464.391436][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 464.413347][ T44] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 464.447350][ T44] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 464.471348][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.497307][ T44] usb 1-1: config 0 descriptor?? [ 464.956183][ T44] plantronics 0003:047F:FFFF.002B: No inputs registered, leaving [ 464.990908][ T44] plantronics 0003:047F:FFFF.002B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 465.593496][T17772] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 466.776133][ T30] kauditd_printk_skb: 51 callbacks suppressed [ 466.776153][ T30] audit: type=1326 audit(1748506252.770:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17806 comm="syz.7.4981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcf6d8e969 code=0x7ffc0000 [ 466.859139][ T30] audit: type=1326 audit(1748506252.770:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17806 comm="syz.7.4981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcf6d8e969 code=0x7ffc0000 [ 466.934278][ T30] audit: type=1326 audit(1748506252.820:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17806 comm="syz.7.4981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fdcf6d8e969 code=0x7ffc0000 [ 467.018638][ T30] audit: type=1326 audit(1748506252.820:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17806 comm="syz.7.4981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcf6d8e969 code=0x7ffc0000 [ 467.067836][ T44] usb 1-1: USB disconnect, device number 33 [ 467.090572][ T30] audit: type=1326 audit(1748506252.820:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17806 comm="syz.7.4981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcf6d8e969 code=0x7ffc0000 [ 467.199280][ T30] audit: type=1326 audit(1748506252.820:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17806 comm="syz.7.4981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7fdcf6d8e969 code=0x7ffc0000 [ 467.268832][ T30] audit: type=1326 audit(1748506252.820:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17806 comm="syz.7.4981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcf6d8e969 code=0x7ffc0000 [ 467.324351][ T30] audit: type=1326 audit(1748506252.820:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17806 comm="syz.7.4981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7fdcf6d8e969 code=0x7ffc0000 [ 467.410811][ T30] audit: type=1326 audit(1748506252.830:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17806 comm="syz.7.4981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcf6d8e969 code=0x7ffc0000 [ 467.789985][ T9] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 467.810188][ T10] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 467.947193][ T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 467.958690][ T9] usb 10-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00 [ 467.971541][ T10] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 467.984120][ T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.993380][ T10] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 468.006465][ T10] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 468.018742][ T9] usb 10-1: config 0 descriptor?? [ 468.024045][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 468.033488][ T10] usb 7-1: SerialNumber: syz [ 468.269154][ T10] usb 7-1: 0:2 : does not exist [ 468.295150][ T10] usb 7-1: USB disconnect, device number 16 [ 468.455257][ T9] playstation 0003:054C:0BA0.002C: unknown main item tag 0x0 [ 468.488870][ T9] playstation 0003:054C:0BA0.002C: hidraw0: USB HID v0.00 Device [HID 054c:0ba0] on usb-dummy_hcd.9-1/input0 [ 468.653636][ T9] playstation 0003:054C:0BA0.002C: Failed to retrieve feature with reportID 18: -71 [ 468.688081][ T9] playstation 0003:054C:0BA0.002C: Failed to retrieve DualShock4 pairing info: -71 [ 468.705652][ T9] playstation 0003:054C:0BA0.002C: Failed to get MAC address from DualShock4 [ 468.715676][ T9] playstation 0003:054C:0BA0.002C: Failed to create dualshock4. [ 468.748051][ T9] playstation 0003:054C:0BA0.002C: probe with driver playstation failed with error -71 [ 468.770514][ T9] usb 10-1: USB disconnect, device number 4 [ 469.103379][ T30] audit: type=1326 audit(1748506255.090:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17902 comm="syz.6.5009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7ffc0000 [ 469.130809][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 469.863286][T17927] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 470.117861][T17935] can0: slcan on ptm0. [ 470.212175][T17934] can0 (unregistered): slcan off ptm0. [ 471.009577][T17973] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5041'. [ 471.052193][T17973] gtp0: entered promiscuous mode [ 471.057214][T17973] gtp0: entered allmulticast mode [ 471.231693][ T10] IPVS: starting estimator thread 0... [ 471.240612][T17981] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 471.340571][T17985] IPVS: using max 27 ests per chain, 64800 per kthread [ 472.327714][T18035] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 473.215617][T18056] netlink: 'syz.6.5076': attribute type 4 has an invalid length. [ 477.360067][ T44] usb 7-1: new full-speed USB device number 17 using dummy_hcd [ 477.535512][ T44] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 477.563040][ T44] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 477.574678][ T44] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 477.589736][ T44] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 477.605408][ T44] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 477.618890][ T44] usb 7-1: config 0 descriptor?? [ 478.053414][ T44] plantronics 0003:047F:FFFF.002D: reserved main item tag 0xd [ 478.074594][ T44] plantronics 0003:047F:FFFF.002D: No inputs registered, leaving [ 478.091388][T18202] netlink: 176 bytes leftover after parsing attributes in process `syz.8.5140'. [ 478.108274][ T44] plantronics 0003:047F:FFFF.002D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 478.314632][ T24] usb 7-1: USB disconnect, device number 17 [ 478.739625][T18222] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5150'. [ 479.345626][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 479.367081][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 479.729484][T17886] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 479.965837][T17886] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.235497][T17886] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.534094][T17886] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.609395][ T5830] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 480.627469][ T5830] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 480.635831][T18272] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5176'. [ 480.645865][ T5830] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 480.669169][ T5830] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 480.679471][ T5830] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 480.897363][T18285] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5180'. [ 480.968036][T17886] bridge_slave_1: left allmulticast mode [ 480.981113][T17886] bridge_slave_1: left promiscuous mode [ 480.995899][T17886] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.026653][T17886] bridge_slave_0: left allmulticast mode [ 481.046152][T17886] bridge_slave_0: left promiscuous mode [ 481.058977][T17886] bridge0: port 1(bridge_slave_0) entered disabled state [ 481.616057][T17886] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 481.643760][T17886] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 481.670818][T17886] bond0 (unregistering): Released all slaves [ 482.178578][T18274] chnl_net:caif_netlink_parms(): no params data found [ 482.615967][T18328] syzkaller1: entered promiscuous mode [ 482.634603][T18328] syzkaller1: entered allmulticast mode [ 482.720332][ T51] Bluetooth: hci1: command tx timeout [ 482.771958][T17886] hsr_slave_0: left promiscuous mode [ 482.783221][T17886] hsr_slave_1: left promiscuous mode [ 482.789556][T17886] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 482.800468][T17886] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 482.808664][T17886] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 482.816535][T17886] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 482.867405][T17886] veth1_macvtap: left promiscuous mode [ 482.874480][T17886] veth0_macvtap: left promiscuous mode [ 482.880492][T17886] veth1_vlan: left promiscuous mode [ 482.886066][T17886] veth0_vlan: left promiscuous mode [ 483.447117][ T30] kauditd_printk_skb: 653 callbacks suppressed [ 483.447137][ T30] audit: type=1326 audit(1748506269.440:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18334 comm="syz.7.5199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcf6d8e969 code=0x7fc00000 [ 483.674969][T18366] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 484.047155][T17886] team0 (unregistering): Port device team_slave_1 removed [ 484.162881][T17886] team0 (unregistering): Port device team_slave_0 removed [ 484.800176][ T51] Bluetooth: hci1: command tx timeout [ 484.816837][T18338] netlink: 'syz.0.5201': attribute type 2 has an invalid length. [ 484.945580][T18274] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.954522][T18274] bridge0: port 1(bridge_slave_0) entered disabled state [ 484.961992][T18274] bridge_slave_0: entered allmulticast mode [ 484.969964][T18274] bridge_slave_0: entered promiscuous mode [ 485.028810][T18274] bridge0: port 2(bridge_slave_1) entered blocking state [ 485.058687][T18274] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.066227][T18274] bridge_slave_1: entered allmulticast mode [ 485.074461][T18274] bridge_slave_1: entered promiscuous mode [ 485.244898][T18274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 485.284001][T18274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 485.453958][T18274] team0: Port device team_slave_0 added [ 485.484402][T18413] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 485.486047][T18274] team0: Port device team_slave_1 added [ 485.491742][T18413] IPv6: NLM_F_CREATE should be set when creating new route [ 485.491857][T18413] IPv6: NLM_F_CREATE should be set when creating new route [ 485.491884][T18413] IPv6: NLM_F_CREATE should be set when creating new route [ 485.682950][T18274] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 485.713277][T18274] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 485.756889][T18274] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 485.783905][T18274] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 485.798074][T18274] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 485.861449][T18274] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 486.046100][T18274] hsr_slave_0: entered promiscuous mode [ 486.065058][T18274] hsr_slave_1: entered promiscuous mode [ 486.088829][T18274] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 486.108293][T18274] Cannot create hsr debugfs directory [ 486.490700][ T5893] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.611023][ T5893] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.746561][ T5893] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.883129][ T51] Bluetooth: hci1: command tx timeout [ 486.912120][ T5893] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.136912][T18452] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5249'. [ 487.185690][ T5830] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 487.204612][ T5830] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 487.214180][ T5830] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 487.216607][T18452] netlink: 'syz.6.5249': attribute type 7 has an invalid length. [ 487.244214][ T5830] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 487.256393][ T5830] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 487.304002][T18452] netlink: 'syz.6.5249': attribute type 8 has an invalid length. [ 487.332327][ T5893] bridge_slave_1: left allmulticast mode [ 487.338359][ T5893] bridge_slave_1: left promiscuous mode [ 487.344073][T18452] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5249'. [ 487.353347][ T5893] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.373082][ T5893] bridge_slave_0: left allmulticast mode [ 487.378782][ T5893] bridge_slave_0: left promiscuous mode [ 487.384922][ T5893] bridge0: port 1(bridge_slave_0) entered disabled state [ 487.758578][ T5893] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 487.773462][ T5893] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 487.785341][ T5893] bond0 (unregistering): Released all slaves [ 487.810613][T18452] gretap0: entered promiscuous mode [ 487.816948][T18452] batadv_slave_1: entered promiscuous mode [ 488.079552][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.091795][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.099249][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.106840][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.115832][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x2 [ 488.123365][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.130874][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.138290][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.146262][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.154147][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.161727][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.169157][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.199520][ T44] hid-generic 00A0:0006:0003.002E: unknown main item tag 0x0 [ 488.214005][T18274] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 488.231338][ T44] hid-generic 00A0:0006:0003.002E: hidraw0: HID v0.05 Device [syz1] on syz0 [ 488.327934][T18274] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 488.335474][ T24] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 488.388964][T18274] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 488.402944][T18274] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 488.476226][ T5893] hsr_slave_0: left promiscuous mode [ 488.485988][ T5893] hsr_slave_1: left promiscuous mode [ 488.489976][ T24] usb 7-1: Using ep0 maxpacket: 16 [ 488.494676][ T5893] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 488.513156][ T24] usb 7-1: config 0 has no interfaces? [ 488.520360][ T5893] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 488.526138][ T24] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 488.538394][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 488.538453][ T5893] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 488.558852][ T24] usb 7-1: Product: syz [ 488.567838][ T24] usb 7-1: Manufacturer: syz [ 488.577145][ T24] usb 7-1: SerialNumber: syz [ 488.588877][ T24] usb 7-1: config 0 descriptor?? [ 488.626755][ T5893] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 488.732881][ T5893] veth1_macvtap: left promiscuous mode [ 488.738676][ T5893] veth0_macvtap: left promiscuous mode [ 488.770144][ T5893] veth1_vlan: left promiscuous mode [ 488.778045][ T5893] veth0_vlan: left promiscuous mode [ 488.854735][ T24] usb 7-1: USB disconnect, device number 18 [ 488.962110][ T51] Bluetooth: hci1: command tx timeout [ 489.282338][ T51] Bluetooth: hci2: command tx timeout [ 489.489456][ T5893] team0 (unregistering): Port device team_slave_1 removed [ 489.550538][ T5893] team0 (unregistering): Port device team_slave_0 removed [ 490.147960][T18455] chnl_net:caif_netlink_parms(): no params data found [ 490.556845][T18455] bridge0: port 1(bridge_slave_0) entered blocking state [ 490.578083][T18455] bridge0: port 1(bridge_slave_0) entered disabled state [ 490.595854][T18455] bridge_slave_0: entered allmulticast mode [ 490.623365][T18455] bridge_slave_0: entered promiscuous mode [ 490.656426][T18455] bridge0: port 2(bridge_slave_1) entered blocking state [ 490.692303][T18455] bridge0: port 2(bridge_slave_1) entered disabled state [ 490.705247][T18455] bridge_slave_1: entered allmulticast mode [ 490.721997][T18455] bridge_slave_1: entered promiscuous mode [ 490.914211][T18455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 490.941428][T18274] 8021q: adding VLAN 0 to HW filter on device bond0 [ 490.953836][T18455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 491.039038][T18455] team0: Port device team_slave_0 added [ 491.067972][T18455] team0: Port device team_slave_1 added [ 491.181766][T18455] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 491.188872][T18455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 491.238286][T18455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 491.252118][T18455] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 491.259208][T18455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 491.299661][T18455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 491.323183][T18274] 8021q: adding VLAN 0 to HW filter on device team0 [ 491.350425][T17886] bridge0: port 1(bridge_slave_0) entered blocking state [ 491.357640][T17886] bridge0: port 1(bridge_slave_0) entered forwarding state [ 491.360028][ T51] Bluetooth: hci2: command tx timeout [ 491.379840][T17886] bridge0: port 2(bridge_slave_1) entered blocking state [ 491.387079][T17886] bridge0: port 2(bridge_slave_1) entered forwarding state [ 491.485688][T18455] hsr_slave_0: entered promiscuous mode [ 491.496863][T18455] hsr_slave_1: entered promiscuous mode [ 491.503663][T18455] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 491.512367][T18455] Cannot create hsr debugfs directory [ 491.600107][ T1211] usb 7-1: new full-speed USB device number 19 using dummy_hcd [ 491.795803][ T1211] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 491.817562][ T1211] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 491.851228][ T1211] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 491.870209][ T1211] usb 7-1: New USB device strings: Mfr=145, Product=0, SerialNumber=0 [ 491.887541][ T1211] usb 7-1: Manufacturer: syz [ 491.889103][T18550] netlink: 'syz.0.5288': attribute type 2 has an invalid length. [ 491.914998][ T1211] usb 7-1: config 0 descriptor?? [ 491.924555][ T1211] hub 7-1:0.0: USB hub found [ 492.107115][T18274] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 492.132549][ T1211] hub 7-1:0.0: 1 port detected [ 492.319305][T18274] veth0_vlan: entered promiscuous mode [ 492.395953][T18274] veth1_vlan: entered promiscuous mode [ 492.406429][T18455] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 492.421299][T18455] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 492.442039][T18455] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 492.466412][T18455] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 492.531216][T18274] veth0_macvtap: entered promiscuous mode [ 492.551356][ T1211] usb 7-1: USB disconnect, device number 19 [ 492.558754][T18274] veth1_macvtap: entered promiscuous mode [ 492.606244][T18274] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 492.628372][T18274] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 492.644488][T18274] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 492.670310][T18274] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 492.679073][T18274] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 492.709883][T18274] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 492.929749][T18455] 8021q: adding VLAN 0 to HW filter on device bond0 [ 492.951506][ T5893] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 492.959391][ T5893] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 493.016916][T18455] 8021q: adding VLAN 0 to HW filter on device team0 [ 493.063191][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.070428][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 493.093013][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 493.101345][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 493.110737][ T5893] bridge0: port 2(bridge_slave_1) entered blocking state [ 493.117961][ T5893] bridge0: port 2(bridge_slave_1) entered forwarding state [ 493.431422][T18587] input: syz1 as /devices/virtual/input/input39 [ 493.449758][ T5830] Bluetooth: hci2: command tx timeout [ 493.520329][ T5830] Bluetooth: hci4: command 0x041b tx timeout [ 493.956161][T18455] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 493.975757][T18609] tun0: tun_chr_ioctl cmd 1074025675 [ 493.990406][T18609] tun0: persist enabled [ 494.005053][T18609] tun0: tun_chr_ioctl cmd 1074025675 [ 494.031389][T18609] tun0: persist disabled [ 494.130317][ T24] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 494.301335][ T24] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 494.320690][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 494.335590][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 494.353108][ T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 494.398473][ T24] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 494.410248][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.445146][ T24] usb 1-1: config 0 descriptor?? [ 494.878223][ T24] plantronics 0003:047F:FFFF.002F: ignoring exceeding usage max [ 494.905819][ T24] plantronics 0003:047F:FFFF.002F: No inputs registered, leaving [ 494.925793][ T24] plantronics 0003:047F:FFFF.002F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 494.938344][T18455] veth0_vlan: entered promiscuous mode [ 494.981367][T18455] veth1_vlan: entered promiscuous mode [ 495.031252][T18455] veth0_macvtap: entered promiscuous mode [ 495.053590][T18455] veth1_macvtap: entered promiscuous mode [ 495.108655][T18455] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 495.174763][T18455] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 495.231870][T18455] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 495.256062][T18455] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 495.282469][T18455] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 495.304368][T18455] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 495.520306][ T51] Bluetooth: hci2: command tx timeout [ 495.563210][T17886] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 495.603654][T17886] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 495.726306][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 495.754758][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 495.861561][ T30] audit: type=1326 audit(1748506281.850:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18668 comm="syz.1.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8238e969 code=0x7ffc0000 [ 495.917582][ T30] audit: type=1326 audit(1748506281.850:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18668 comm="syz.1.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 496.041499][ T30] audit: type=1326 audit(1748506281.850:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18668 comm="syz.1.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8238e969 code=0x7ffc0000 [ 496.152846][ T30] audit: type=1326 audit(1748506281.850:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18668 comm="syz.1.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8238e969 code=0x7ffc0000 [ 496.174554][ C1] vkms_vblank_simulate: vblank timer overrun [ 496.249961][ T30] audit: type=1326 audit(1748506281.860:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18668 comm="syz.1.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 496.350544][ T30] audit: type=1326 audit(1748506281.860:1579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18668 comm="syz.1.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 496.424982][ T30] audit: type=1326 audit(1748506281.860:1580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18668 comm="syz.1.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 496.465014][ T66] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 496.549924][ T30] audit: type=1326 audit(1748506281.860:1581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18668 comm="syz.1.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8238e969 code=0x7ffc0000 [ 496.573480][ T44] usb 7-1: new full-speed USB device number 20 using dummy_hcd [ 496.641106][ T30] audit: type=1326 audit(1748506281.860:1582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18668 comm="syz.1.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 496.742412][ T66] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 496.752922][ T44] usb 7-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 496.752956][ T44] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 496.756179][ T44] usb 7-1: config 0 descriptor?? [ 496.790082][ T30] audit: type=1326 audit(1748506281.860:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18668 comm="syz.1.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8238e969 code=0x7ffc0000 [ 496.998847][ T66] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 497.055811][ T24] usb 1-1: USB disconnect, device number 34 [ 497.291786][ T66] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 497.627969][ T66] bridge_slave_1: left allmulticast mode [ 497.643090][ T66] bridge_slave_1: left promiscuous mode [ 497.648938][ T66] bridge0: port 2(bridge_slave_1) entered disabled state [ 497.673180][ T66] bridge_slave_0: left allmulticast mode [ 497.678882][ T66] bridge_slave_0: left promiscuous mode [ 497.710292][ T66] bridge0: port 1(bridge_slave_0) entered disabled state [ 497.811186][ T5830] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 497.821802][ T5830] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 497.831229][ T5830] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 497.850482][ T5830] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 497.858376][ T5830] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 497.890157][ T44] pegasus 7-1:0.0: probe with driver pegasus failed with error -71 [ 497.928953][ T44] usb 7-1: USB disconnect, device number 20 [ 498.655817][T18715] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5346'. [ 498.748498][ T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 498.770661][ T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 498.786517][ T66] bond0 (unregistering): Released all slaves [ 499.557365][ T66] hsr_slave_0: left promiscuous mode [ 499.565213][ T66] hsr_slave_1: left promiscuous mode [ 499.601993][ T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 499.609468][ T66] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 499.649745][ T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 499.690691][ T66] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 499.746307][ T66] veth1_macvtap: left promiscuous mode [ 499.758760][ T66] veth0_macvtap: left promiscuous mode [ 499.782703][ T66] veth1_vlan: left promiscuous mode [ 499.801677][ T66] veth0_vlan: left promiscuous mode [ 499.882645][T18742] loop8: detected capacity change from 0 to 8 [ 499.891038][T18742] Dev loop8: unable to read RDB block 8 [ 499.896755][T18742] loop8: unable to read partition table [ 499.903360][T18742] loop8: partition table beyond EOD, truncated [ 499.909695][T18742] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 499.920105][ T5830] Bluetooth: hci2: command tx timeout [ 500.969115][ T66] team0 (unregistering): Port device team_slave_1 removed [ 501.037174][ T66] team0 (unregistering): Port device team_slave_0 removed [ 501.938438][T18754] smc: net device bond0 applied user defined pnetid SYZ0 [ 502.003638][ T5830] Bluetooth: hci2: command tx timeout [ 502.229277][T18700] chnl_net:caif_netlink_parms(): no params data found [ 502.459435][T18700] bridge0: port 1(bridge_slave_0) entered blocking state [ 502.470134][T18700] bridge0: port 1(bridge_slave_0) entered disabled state [ 502.477526][T18700] bridge_slave_0: entered allmulticast mode [ 502.522831][T18700] bridge_slave_0: entered promiscuous mode [ 502.554977][T18700] bridge0: port 2(bridge_slave_1) entered blocking state [ 502.569765][T18700] bridge0: port 2(bridge_slave_1) entered disabled state [ 502.577678][T18700] bridge_slave_1: entered allmulticast mode [ 502.591044][T18700] bridge_slave_1: entered promiscuous mode [ 502.671113][T18700] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 502.693484][T18700] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 502.758607][T18700] team0: Port device team_slave_0 added [ 502.769913][ T1211] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 502.786753][T18700] team0: Port device team_slave_1 added [ 502.828368][T18700] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 502.836935][T18700] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 502.866465][T18700] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 502.886253][T18700] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 502.893529][T18700] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 502.923987][T18700] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 502.940104][ T1211] usb 1-1: Using ep0 maxpacket: 32 [ 502.951922][ T1211] usb 1-1: config 0 interface 0 has no altsetting 0 [ 502.963927][ T1211] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 502.975452][ T1211] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 502.987900][ T1211] usb 1-1: Product: syz [ 502.993356][ T1211] usb 1-1: Manufacturer: syz [ 503.001288][ T1211] usb 1-1: SerialNumber: syz [ 503.016775][ T1211] usb 1-1: config 0 descriptor?? [ 503.090395][T18700] hsr_slave_0: entered promiscuous mode [ 503.097829][T18700] hsr_slave_1: entered promiscuous mode [ 503.105457][T18700] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 503.113350][T18700] Cannot create hsr debugfs directory [ 503.428402][T18793] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5379'. [ 503.440168][ T1211] gs_usb 1-1:0.0: Configuring for 3 interfaces [ 503.848341][ T1211] gs_usb 1-1:0.0: Couldn't get bit timing const for channel 1 (-EPROTO) [ 503.914548][ T1211] gs_usb 1-1:0.0: probe with driver gs_usb failed with error -71 [ 503.945043][ T1211] usb 1-1: USB disconnect, device number 35 [ 503.978357][ T30] kauditd_printk_skb: 172 callbacks suppressed [ 503.978376][ T30] audit: type=1326 audit(1748506289.970:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18804 comm="syz.6.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 504.007021][ C1] vkms_vblank_simulate: vblank timer overrun [ 504.080243][ T5830] Bluetooth: hci2: command tx timeout [ 504.305261][T18700] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 504.327203][T18700] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 504.358057][T18700] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 504.397913][T18700] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 504.612190][T18700] 8021q: adding VLAN 0 to HW filter on device bond0 [ 504.653844][ T30] audit: type=1326 audit(1748506290.640:1757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18804 comm="syz.6.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 504.675610][ C1] vkms_vblank_simulate: vblank timer overrun [ 504.696131][T18700] 8021q: adding VLAN 0 to HW filter on device team0 [ 504.736824][ T6769] bridge0: port 1(bridge_slave_0) entered blocking state [ 504.744104][ T6769] bridge0: port 1(bridge_slave_0) entered forwarding state [ 504.798668][ T6769] bridge0: port 2(bridge_slave_1) entered blocking state [ 504.806227][ T6769] bridge0: port 2(bridge_slave_1) entered forwarding state [ 505.350299][ T44] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 505.367467][T18700] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 505.511282][ T44] usb 1-1: Using ep0 maxpacket: 8 [ 505.525813][ T44] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 505.556381][ T44] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 505.575858][ T44] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 505.612964][ T44] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 505.641649][ T44] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 505.663379][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 505.707942][ T44] hub 1-1:1.0: bad descriptor, ignoring hub [ 505.724656][ T44] hub 1-1:1.0: probe with driver hub failed with error -5 [ 505.733437][ T44] cdc_wdm 1-1:1.0: skipping garbage [ 505.739063][ T44] cdc_wdm 1-1:1.0: skipping garbage [ 505.749405][ T44] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 505.755607][ T44] cdc_wdm 1-1:1.0: Unknown control protocol [ 506.010282][ T1211] usb 1-1: USB disconnect, device number 36 [ 506.026285][T18700] veth0_vlan: entered promiscuous mode [ 506.039500][T18700] veth1_vlan: entered promiscuous mode [ 506.111411][T18700] veth0_macvtap: entered promiscuous mode [ 506.131526][T18700] veth1_macvtap: entered promiscuous mode [ 506.163474][ T5830] Bluetooth: hci2: command tx timeout [ 506.173009][T18700] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 506.197373][T18700] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 506.225473][T18700] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.234785][T18700] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.246284][T18700] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.257711][T18700] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.340103][ T1211] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 506.382354][ T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 506.390508][ T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 506.459969][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 506.475030][T18884] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5413'. [ 506.484258][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 506.511344][ T1211] usb 1-1: Using ep0 maxpacket: 8 [ 506.530902][ T1211] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 506.553551][ T1211] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 506.584248][ T1211] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 506.607114][ T1211] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 506.647361][ T1211] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 506.658799][ T1211] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 506.689039][ T1211] hub 1-1:1.0: bad descriptor, ignoring hub [ 506.701722][ T1211] hub 1-1:1.0: probe with driver hub failed with error -5 [ 506.720820][ T1211] cdc_wdm 1-1:1.0: skipping garbage [ 506.726087][ T1211] cdc_wdm 1-1:1.0: skipping garbage [ 506.756324][ T1211] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 506.767336][ T1211] cdc_wdm 1-1:1.0: Unknown control protocol [ 506.804930][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.824410][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.000544][ T24] usb 1-1: USB disconnect, device number 37 [ 507.229907][ T5907] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 507.412904][ T5907] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 507.450471][ T5907] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 507.482061][ T5907] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 507.510018][ T5907] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 507.518081][ T5907] usb 2-1: Product: syz [ 507.550124][ T5907] usb 2-1: Manufacturer: syz [ 507.554940][ T5907] usb 2-1: SerialNumber: syz [ 507.702665][ T6769] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.800217][ T5907] usb 2-1: 0:2 : does not exist [ 507.813385][ T5907] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 507.872813][ T5907] usb 2-1: USB disconnect, device number 9 [ 507.932260][ T6769] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.085558][ T30] audit: type=1326 audit(1748506294.080:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18924 comm="syz.0.5427" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f269a38e969 code=0x0 [ 508.106624][ C1] vkms_vblank_simulate: vblank timer overrun [ 508.323708][ T6769] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.602656][ T6769] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.627999][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 508.644456][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 508.653453][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 508.664401][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 508.675026][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 509.086391][T18957] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 509.086538][T18955] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 509.132124][ T6769] bridge_slave_1: left allmulticast mode [ 509.137839][ T6769] bridge_slave_1: left promiscuous mode [ 509.147447][ T6769] bridge0: port 2(bridge_slave_1) entered disabled state [ 509.165046][ T6769] bridge_slave_0: left allmulticast mode [ 509.180221][ T6769] bridge_slave_0: left promiscuous mode [ 509.193250][ T6769] bridge0: port 1(bridge_slave_0) entered disabled state [ 509.977360][ T6769] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 509.980349][ T24] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 510.007406][ T6769] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 510.024552][ T6769] bond0 (unregistering): Released all slaves [ 510.126742][T18975] bond0: (slave bond_slave_0): Releasing backup interface [ 510.184903][ T24] usb 7-1: Using ep0 maxpacket: 16 [ 510.212717][ T24] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 510.226633][T18989] overlayfs: failed to clone upperpath [ 510.237466][ T24] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 510.262402][ T24] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 510.288569][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 510.304561][ T24] usb 7-1: Product: syz [ 510.308825][ T24] usb 7-1: Manufacturer: syz [ 510.325051][ T24] usb 7-1: SerialNumber: syz [ 510.581176][ T24] usb 7-1: 0:2 : does not exist [ 510.597092][ T24] usb 7-1: 5:0: failed to get current value for ch 0 (-22) [ 510.606539][ T5872] kernel write not supported for file [eventfd] (pid: 5872 comm: kworker/0:3) [ 510.645453][ T24] usb 7-1: 5:0: failed to get current value for ch 0 (-22) [ 510.684612][ T24] usb 7-1: 5:0: failed to get current value for ch 0 (-22) [ 510.720431][ T5830] Bluetooth: hci2: command tx timeout [ 510.729505][ T24] usb 7-1: USB disconnect, device number 21 [ 510.761606][T18943] chnl_net:caif_netlink_parms(): no params data found [ 510.940502][ T6769] hsr_slave_0: left promiscuous mode [ 510.975882][ T6769] hsr_slave_1: left promiscuous mode [ 510.982288][ T6769] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 510.989969][ T6769] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 511.008320][ T6769] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 511.019887][ T6769] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 511.087890][ T6769] veth1_macvtap: left promiscuous mode [ 511.107212][ T6769] veth0_macvtap: left promiscuous mode [ 511.121103][ T6769] veth1_vlan: left promiscuous mode [ 511.135635][ T6769] veth0_vlan: left promiscuous mode [ 511.468096][ T30] audit: type=1326 audit(1748506297.460:1759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19028 comm="syz.1.5470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 511.547453][ T30] audit: type=1326 audit(1748506297.490:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19028 comm="syz.1.5470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 511.569870][ T30] audit: type=1326 audit(1748506297.490:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19028 comm="syz.1.5470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 511.699280][ T30] audit: type=1326 audit(1748506297.490:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19028 comm="syz.1.5470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8238e969 code=0x7ffc0000 [ 511.749965][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 511.920659][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 511.993282][ T30] audit: type=1326 audit(1748506297.490:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19028 comm="syz.1.5470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 512.030199][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 512.126598][T19044] overlay: filesystem on ./bus not supported as upperdir [ 512.197489][ T30] audit: type=1326 audit(1748506297.490:1764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19028 comm="syz.1.5470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 512.260742][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 512.298072][ T30] audit: type=1326 audit(1748506297.490:1765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19028 comm="syz.1.5470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 512.327857][ T30] audit: type=1326 audit(1748506297.490:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19028 comm="syz.1.5470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8238e969 code=0x7ffc0000 [ 512.358613][ T30] audit: type=1326 audit(1748506297.490:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19028 comm="syz.1.5470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce8232ab39 code=0x7ffc0000 [ 512.428121][ T30] audit: type=1326 audit(1748506297.490:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19028 comm="syz.1.5470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce8238e969 code=0x7ffc0000 [ 512.803172][ T5830] Bluetooth: hci2: command tx timeout [ 512.817133][T19051] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 513.008160][ T6769] team0 (unregistering): Port device team_slave_1 removed [ 513.079375][ T6769] team0 (unregistering): Port device team_slave_0 removed [ 513.941795][T18943] bridge0: port 1(bridge_slave_0) entered blocking state [ 513.949547][T18943] bridge0: port 1(bridge_slave_0) entered disabled state [ 513.976423][T18943] bridge_slave_0: entered allmulticast mode [ 513.992103][T18943] bridge_slave_0: entered promiscuous mode [ 514.069117][T18943] bridge0: port 2(bridge_slave_1) entered blocking state [ 514.087674][T18943] bridge0: port 2(bridge_slave_1) entered disabled state [ 514.110163][T18943] bridge_slave_1: entered allmulticast mode [ 514.118091][T18943] bridge_slave_1: entered promiscuous mode [ 514.227412][T19078] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5487'. [ 514.244616][T19078] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5487'. [ 514.267473][T18943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 514.305496][T18943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 514.497386][T18943] team0: Port device team_slave_0 added [ 514.516037][T18943] team0: Port device team_slave_1 added [ 514.783025][T18943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 514.807149][T18943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 514.870102][T18943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 514.880864][ T5830] Bluetooth: hci2: command tx timeout [ 514.919778][T18943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 514.932861][T18943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 514.958823][ C1] vkms_vblank_simulate: vblank timer overrun [ 514.986473][T18943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 516.960374][ T5830] Bluetooth: hci2: command tx timeout [ 517.253949][T19124] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 517.282516][T19124] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 517.374499][T19124] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 517.407185][T19124] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 517.414808][T18943] hsr_slave_0: entered promiscuous mode [ 517.425986][T18943] hsr_slave_1: entered promiscuous mode [ 517.433001][T18943] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 517.441496][T18943] Cannot create hsr debugfs directory [ 517.456233][T19124] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 517.497424][T19124] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 517.544525][T19124] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 517.577558][T19124] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 517.585566][T19124] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 517.604514][T19124] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 517.704070][T19136] block nbd6: server does not support multiple connections per device. [ 517.736305][T19135] block nbd6: shutting down sockets [ 518.343439][T18943] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 518.391607][T18943] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 518.493417][T18943] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 518.509130][T18943] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 518.561520][T19155] netlink: 36 bytes leftover after parsing attributes in process `syz.6.5519'. [ 518.944999][T18943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 519.058874][T18943] 8021q: adding VLAN 0 to HW filter on device team0 [ 519.112780][ T5893] bridge0: port 1(bridge_slave_0) entered blocking state [ 519.120491][ T5893] bridge0: port 1(bridge_slave_0) entered forwarding state [ 519.197976][ T5893] bridge0: port 2(bridge_slave_1) entered blocking state [ 519.205324][ T5893] bridge0: port 2(bridge_slave_1) entered forwarding state [ 519.215816][T19178] loop7: detected capacity change from 0 to 7 [ 519.241967][T19178] Dev loop7: unable to read RDB block 7 [ 519.256422][T19178] loop7: AHDI p1 p2 [ 519.267350][T19178] loop7: partition table partially beyond EOD, truncated [ 519.281923][ T5830] Bluetooth: hci4: command 0x041b tx timeout [ 519.295000][T19178] loop7: p1 start 1702000233 is beyond EOD, truncated [ 519.439961][ T5830] Bluetooth: hci3: command 0x0406 tx timeout [ 519.520056][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 519.608770][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 520.262749][T18943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 520.609934][ T24] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 520.773881][ T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 520.804085][ T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 520.833767][ T24] usb 1-1: config 1 has no interface number 0 [ 520.843561][T18943] veth0_vlan: entered promiscuous mode [ 520.849279][ T24] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 520.875819][T18943] veth1_vlan: entered promiscuous mode [ 520.883731][ T24] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 520.902581][ T24] usb 1-1: New USB device found, idVendor=0525, idProduct=a4c3, bcdDevice= 0.40 [ 520.915176][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 520.944654][ T24] usb 1-1: Product: syz [ 520.948891][ T24] usb 1-1: Manufacturer: syz [ 520.963695][ T24] usb 1-1: SerialNumber: syz [ 520.987976][T18943] veth0_macvtap: entered promiscuous mode [ 521.006092][T18943] veth1_macvtap: entered promiscuous mode [ 521.054744][T18943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 521.097301][T18943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 521.145055][T18943] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.181640][T18943] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.212075][T18943] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.242476][T18943] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.360251][ T5830] Bluetooth: hci4: command 0x041b tx timeout [ 521.525533][ T5830] Bluetooth: hci3: command 0x0406 tx timeout [ 521.600843][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 521.658894][ T6769] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 521.670304][ T6769] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 521.680407][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 521.829686][ T24] cdc_ncm 1-1:1.1: bind() failure [ 521.939708][ T6769] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 521.958515][ T6769] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 522.061630][ T24] usb 1-1: USB disconnect, device number 38 [ 522.727647][ T6769] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 523.002909][ T6769] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 523.154697][ T6769] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 523.256971][ T6769] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 523.414742][ T6769] bridge_slave_1: left allmulticast mode [ 523.420643][ T6769] bridge_slave_1: left promiscuous mode [ 523.427473][ T6769] bridge0: port 2(bridge_slave_1) entered disabled state [ 523.446302][ T6769] bridge_slave_0: left allmulticast mode [ 523.459917][ T6769] bridge_slave_0: left promiscuous mode [ 523.465739][ T6769] bridge0: port 1(bridge_slave_0) entered disabled state [ 523.689368][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 523.695611][T19254] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 523.754559][T19254] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 523.826212][T19254] overlayfs: conflicting lowerdir path [ 523.910250][T19259] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 524.398663][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 524.428193][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 524.442166][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 524.458542][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 524.469069][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 524.966582][T19287] 9pnet: p9_errstr2errno: server reported unknown error 18446 [ 525.017844][ T6769] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 525.050585][ T6769] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 525.077368][ T6769] bond0 (unregistering): Released all slaves [ 525.427707][ T30] kauditd_printk_skb: 114 callbacks suppressed [ 525.427727][ T30] audit: type=1326 audit(1748506311.410:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19274 comm="syz.6.5564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 525.519558][ T30] audit: type=1326 audit(1748506311.410:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19274 comm="syz.6.5564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 525.587592][ T30] audit: type=1326 audit(1748506311.410:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19274 comm="syz.6.5564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 525.610462][ T30] audit: type=1326 audit(1748506311.410:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19274 comm="syz.6.5564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 525.650019][ T30] audit: type=1326 audit(1748506311.410:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19274 comm="syz.6.5564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 525.671693][ C1] vkms_vblank_simulate: vblank timer overrun [ 525.682859][ T30] audit: type=1326 audit(1748506311.410:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19274 comm="syz.6.5564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 525.705501][ T30] audit: type=1326 audit(1748506311.420:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19274 comm="syz.6.5564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 525.734854][ T30] audit: type=1326 audit(1748506311.420:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19274 comm="syz.6.5564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 525.756527][ C1] vkms_vblank_simulate: vblank timer overrun [ 525.830198][ T30] audit: type=1326 audit(1748506311.420:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19274 comm="syz.6.5564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 525.874927][ T30] audit: type=1326 audit(1748506311.420:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19274 comm="syz.6.5564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9438e969 code=0x7fc00000 [ 526.023645][ T6769] hsr_slave_0: left promiscuous mode [ 526.046900][ T6769] hsr_slave_1: left promiscuous mode [ 526.066508][ T6769] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 526.082933][ T6769] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 526.104795][ T6769] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 526.126050][ T6769] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 526.148594][T19308] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5576'. [ 526.179034][ T6769] veth1_macvtap: left promiscuous mode [ 526.184934][ T6769] veth0_macvtap: left promiscuous mode [ 526.192750][ T6769] veth1_vlan: left promiscuous mode [ 526.198254][ T6769] veth0_vlan: left promiscuous mode [ 526.250188][ T5873] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 526.413384][ T5873] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 526.445578][ T5873] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 526.459880][ T5873] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 526.469681][ T5873] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 526.490544][ T5873] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 526.515039][ T5873] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 526.553192][ T5873] usb 7-1: config 0 descriptor?? [ 526.570231][ T5830] Bluetooth: hci2: command tx timeout [ 526.973357][ T5873] plantronics 0003:047F:FFFF.0030: ignoring exceeding usage max [ 526.995325][ T5873] plantronics 0003:047F:FFFF.0030: No inputs registered, leaving [ 527.034667][ T5873] plantronics 0003:047F:FFFF.0030: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 527.700619][ T6769] team0 (unregistering): Port device team_slave_1 removed [ 527.895279][ T6769] team0 (unregistering): Port device team_slave_0 removed [ 528.303174][T19334] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 528.577282][T19342] sctp: [Deprecated]: syz.1.5592 (pid 19342) Use of int in maxseg socket option. [ 528.577282][T19342] Use struct sctp_assoc_value instead [ 528.644469][ T5830] Bluetooth: hci2: command tx timeout [ 528.659764][T19344] input: syz0 as /devices/virtual/input/input42 [ 529.382892][T19269] chnl_net:caif_netlink_parms(): no params data found [ 529.507694][ T24] usb 7-1: reset high-speed USB device number 22 using dummy_hcd [ 529.635045][T19269] bridge0: port 1(bridge_slave_0) entered blocking state [ 529.650388][T19269] bridge0: port 1(bridge_slave_0) entered disabled state [ 529.657737][T19269] bridge_slave_0: entered allmulticast mode [ 529.681682][T19269] bridge_slave_0: entered promiscuous mode [ 529.704593][T19269] bridge0: port 2(bridge_slave_1) entered blocking state [ 529.718482][T19269] bridge0: port 2(bridge_slave_1) entered disabled state [ 529.726516][ T24] usb 7-1: device firmware changed [ 529.728675][T19269] bridge_slave_1: entered allmulticast mode [ 529.739713][ T978] usb 7-1: USB disconnect, device number 22 [ 529.754185][T19269] bridge_slave_1: entered promiscuous mode [ 529.900486][ T978] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 529.970889][T19269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 529.993830][T19269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 530.086632][ T978] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 530.114371][ T978] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 530.151915][ T978] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 530.182230][ T978] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 530.187116][T19269] team0: Port device team_slave_0 added [ 530.207549][ T978] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 530.232704][ T978] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 530.244027][ T978] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 530.266495][ T978] usb 7-1: Product: syz [ 530.283045][T19269] team0: Port device team_slave_1 added [ 530.285092][ T978] usb 7-1: Manufacturer: syz [ 530.325873][ T978] cdc_wdm 7-1:1.0: skipping garbage [ 530.341564][ T978] cdc_wdm 7-1:1.0: skipping garbage [ 530.358938][ T978] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 530.380718][T19381] syz_tun: entered allmulticast mode [ 530.386897][ T978] cdc_wdm 7-1:1.0: Unknown control protocol [ 530.393735][T19269] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 530.410763][T19269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 530.452779][T19269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 530.464634][T19378] syz_tun: left allmulticast mode [ 530.481749][T19269] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 530.500948][T19386] syz.0.5606: attempt to access beyond end of device [ 530.500948][T19386] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 530.514183][T19269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 530.568331][T19269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 530.681181][T19269] hsr_slave_0: entered promiscuous mode [ 530.696199][T19269] hsr_slave_1: entered promiscuous mode [ 530.703600][T19269] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 530.711519][T19269] Cannot create hsr debugfs directory [ 530.720200][ T5830] Bluetooth: hci2: command tx timeout [ 530.741004][T19393] macvlan1: entered promiscuous mode [ 530.748853][T19393] ipvlan0: entered promiscuous mode [ 530.755934][T19393] ipvlan0: left promiscuous mode [ 530.763652][T19393] macvlan1: left promiscuous mode [ 530.818435][ T978] usb 7-1: USB disconnect, device number 23 [ 531.117488][ T5830] Bluetooth: hci1: unexpected event for opcode 0x040d [ 636.309767][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 636.316782][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P19402/1:b..l [ 636.325391][ C0] rcu: (detected by 0, t=10502 jiffies, g=92917, q=457 ncpus=2) [ 636.333279][ C0] task:syz.1.5614 state:R running task stack:24552 pid:19402 tgid:19401 ppid:18274 task_flags:0x400040 flags:0x00004002 [ 636.348036][ C0] Call Trace: [ 636.351344][ C0] [ 636.354300][ C0] __schedule+0x16a2/0x4cb0 [ 636.358835][ C0] ? xfd_validate_state+0x6d/0x150 [ 636.363982][ C0] ? save_fpregs_to_fpstate+0xa3/0x210 [ 636.369679][ C0] ? __switch_to+0xd74/0x1600 [ 636.374399][ C0] ? preempt_schedule_irq+0xb5/0x150 [ 636.379903][ C0] ? __pfx___schedule+0x10/0x10 [ 636.384802][ C0] ? preempt_schedule_irq+0xaa/0x150 [ 636.390124][ C0] preempt_schedule_irq+0xb5/0x150 [ 636.395289][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 636.401045][ C0] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 636.406888][ C0] irqentry_exit+0x6f/0x90 [ 636.411328][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 636.417329][ C0] RIP: 0010:unwind_next_frame+0x1315/0x2390 [ 636.423254][ C0] Code: 83 e0 fe 4c 8d 3c 45 00 00 00 00 49 01 ef 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 84 c0 75 27 49 63 07 <4c> 01 f8 49 8d 4f 04 4c 39 e0 48 0f 46 e9 49 8d 47 fc 48 0f 47 d8 [ 636.442884][ C0] RSP: 0018:ffffc90003a2ecb8 EFLAGS: 00000246 [ 636.448975][ C0] RAX: fffffffff24e7704 RBX: ffffffff8fbaba34 RCX: dffffc0000000000 [ 636.456971][ C0] RDX: ffffffff8fbaba34 RSI: ffffffff90399164 RDI: ffffffff8be19020 [ 636.464969][ C0] RBP: ffffffff8fbaba34 R08: 0000000000000001 R09: ffffffff81724865 [ 636.472961][ C0] R10: ffffc90003a2edd8 R11: ffffffff81ac9840 R12: ffffffff820968f4 [ 636.480970][ C0] R13: ffffffff8fbaba34 R14: ffffc90003a2ed88 R15: ffffffff8fbaba34 [ 636.488999][ C0] ? __handle_mm_fault+0x37c4/0x55e0 [ 636.494326][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 636.500513][ C0] ? unwind_next_frame+0xa5/0x2390 [ 636.505666][ C0] ? unwind_next_frame+0xd4/0x2390 [ 636.510821][ C0] ? unwind_next_frame+0xa5/0x2390 [ 636.515967][ C0] ? __handle_mm_fault+0x37c5/0x55e0 [ 636.521294][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 636.527480][ C0] arch_stack_walk+0x11c/0x150 [ 636.532283][ C0] ? __handle_mm_fault+0x37c5/0x55e0 [ 636.537614][ C0] stack_trace_save+0x9c/0xe0 [ 636.542323][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 636.547836][ C0] save_stack+0xf7/0x1f0 [ 636.552112][ C0] ? __pfx_save_stack+0x10/0x10 [ 636.556979][ C0] ? post_alloc_hook+0x240/0x2a0 [ 636.561937][ C0] ? get_page_from_freelist+0x21d1/0x22b0 [ 636.567680][ C0] ? __alloc_frozen_pages_noprof+0x181/0x370 [ 636.573686][ C0] ? alloc_pages_mpol+0x232/0x4a0 [ 636.578731][ C0] ? folio_alloc_mpol_noprof+0x39/0x70 [ 636.584210][ C0] ? shmem_alloc_and_add_folio+0x447/0xf60 [ 636.590048][ C0] ? shmem_get_folio_gfp+0x59d/0x1660 [ 636.595452][ C0] ? shmem_fault+0x179/0x390 [ 636.600073][ C0] ? __do_fault+0x138/0x390 [ 636.604602][ C0] ? __handle_mm_fault+0x37c5/0x55e0 [ 636.609933][ C0] ? seqcount_lockdep_reader_access+0x102/0x180 [ 636.616220][ C0] __set_page_owner+0x8d/0x4a0 [ 636.621015][ C0] ? __pfx___set_page_owner+0x10/0x10 [ 636.626420][ C0] post_alloc_hook+0x240/0x2a0 [ 636.631230][ C0] get_page_from_freelist+0x21d1/0x22b0 [ 636.636863][ C0] ? __pfx_get_page_from_freelist+0x10/0x10 [ 636.642787][ C0] ? prepare_alloc_pages+0x213/0x610 [ 636.648116][ C0] __alloc_frozen_pages_noprof+0x181/0x370 [ 636.653953][ C0] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 636.661011][ C0] ? policy_nodemask+0x27c/0x720 [ 636.665985][ C0] alloc_pages_mpol+0x232/0x4a0 [ 636.671389][ C0] folio_alloc_mpol_noprof+0x39/0x70 [ 636.676745][ C0] shmem_alloc_and_add_folio+0x447/0xf60 [ 636.682421][ C0] ? filemap_get_entry+0xad/0x2f0 [ 636.687490][ C0] ? filemap_get_entry+0xad/0x2f0 [ 636.692543][ C0] ? filemap_get_entry+0xad/0x2f0 [ 636.697617][ C0] ? shmem_huge_global_enabled+0x174/0x3a0 [ 636.703464][ C0] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 636.709649][ C0] ? shmem_allowable_huge_orders+0x414/0x420 [ 636.715677][ C0] shmem_get_folio_gfp+0x59d/0x1660 [ 636.720937][ C0] shmem_fault+0x179/0x390 [ 636.725475][ C0] __do_fault+0x138/0x390 [ 636.729846][ C0] __handle_mm_fault+0x37c5/0x55e0 [ 636.735019][ C0] ? __pfx___handle_mm_fault+0x10/0x10 [ 636.740548][ C0] ? follow_page_pte+0x8aa/0x13d0 [ 636.746063][ C0] handle_mm_fault+0x2d5/0x7f0 [ 636.750968][ C0] __get_user_pages+0x1a78/0x30c0 [ 636.756065][ C0] ? __pfx___get_user_pages+0x10/0x10 [ 636.761481][ C0] populate_vma_page_range+0x26b/0x340 [ 636.766975][ C0] ? __pfx_populate_vma_page_range+0x10/0x10 [ 636.772985][ C0] ? userfaultfd_unmap_complete+0x278/0x2d0 [ 636.778915][ C0] ? down_read+0x1ad/0x2e0 [ 636.783363][ C0] __mm_populate+0x24c/0x380 [ 636.787989][ C0] ? __pfx___mm_populate+0x10/0x10 [ 636.793147][ C0] ? up_write+0x1c4/0x420 [ 636.797516][ C0] vm_mmap_pgoff+0x3f0/0x4c0 [ 636.802145][ C0] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 636.807294][ C0] ? rcu_is_watching+0x15/0xb0 [ 636.812090][ C0] ? ksys_mmap_pgoff+0xf4/0x760 [ 636.816964][ C0] ? __x64_sys_mmap+0x7f/0x140 [ 636.821877][ C0] do_syscall_64+0xfa/0x3b0 [ 636.826421][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 636.831674][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.837768][ C0] ? clear_bhb_loop+0x60/0xb0 [ 636.842485][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.848406][ C0] RIP: 0033:0x7fce8238e969 [ 636.852843][ C0] RSP: 002b:00007fce801f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 636.861990][ C0] RAX: ffffffffffffffda RBX: 00007fce825b5fa0 RCX: 00007fce8238e969 [ 636.869985][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000 [ 636.877978][ C0] RBP: 00007fce82410ab1 R08: ffffffffffffffff R09: 00000000a2bb1000 [ 636.885972][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 636.893992][ C0] R13: 0000000000000000 R14: 00007fce825b5fa0 R15: 00007ffe248ea968 [ 636.902016][ C0] [ 636.905065][ C0] rcu: rcu_preempt kthread starved for 10494 jiffies! g92917 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 636.916280][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 636.926262][ C0] rcu: RCU grace-period kthread stack dump: [ 636.932161][ C0] task:rcu_preempt state:R running task stack:27320 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 636.945704][ C0] Call Trace: [ 636.949013][ C0] [ 636.951991][ C0] __schedule+0x16a2/0x4cb0 [ 636.956534][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 636.961761][ C0] ? schedule+0x165/0x360 [ 636.966118][ C0] ? __lock_acquire+0xab9/0xd20 [ 636.970994][ C0] ? __pfx___schedule+0x10/0x10 [ 636.975887][ C0] ? schedule+0x91/0x360 [ 636.980156][ C0] schedule+0x165/0x360 [ 636.984336][ C0] schedule_timeout+0x12b/0x270 [ 636.989229][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 636.994630][ C0] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 637.000557][ C0] ? __pfx_process_timeout+0x10/0x10 [ 637.005879][ C0] ? prepare_to_swait_event+0x341/0x380 [ 637.011467][ C0] rcu_gp_fqs_loop+0x301/0x1540 [ 637.016429][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 637.021672][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 637.026630][ C0] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 637.032896][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 637.038207][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 637.043432][ C0] ? finish_swait+0xcd/0x1f0 [ 637.048060][ C0] rcu_gp_kthread+0x99/0x390 [ 637.052681][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 637.057905][ C0] ? __kthread_parkme+0x7b/0x200 [ 637.062874][ C0] ? __kthread_parkme+0x1a1/0x200 [ 637.067936][ C0] kthread+0x70e/0x8a0 [ 637.072032][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 637.077252][ C0] ? __pfx_kthread+0x10/0x10 [ 637.081863][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 637.087086][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 637.092310][ C0] ? __pfx_kthread+0x10/0x10 [ 637.096959][ C0] ret_from_fork+0x3fc/0x770 [ 637.101607][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 637.106769][ C0] ? __switch_to_asm+0x39/0x70 [ 637.111559][ C0] ? __switch_to_asm+0x33/0x70 [ 637.116340][ C0] ? __pfx_kthread+0x10/0x10 [ 637.120951][ C0] ret_from_fork_asm+0x1a/0x30 [ 637.125753][ C0] [ 637.128797][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 637.135170][ C0] CPU: 0 UID: 0 PID: 5819 Comm: syz-executor Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) [ 637.147047][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 637.157128][ C0] RIP: 0010:smp_call_function_many_cond+0xe69/0x11c0 [ 637.163871][ C0] Code: 00 45 8b 2f 44 89 ee 83 e6 01 31 ff e8 a0 77 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 4b 73 0b 00 eb 37 f3 90 <43> 0f b6 04 2c 84 c0 75 10 41 f7 07 01 00 00 00 74 1e e8 30 73 0b [ 637.183515][ C0] RSP: 0018:ffffc9000491f5c0 EFLAGS: 00000293 [ 637.189623][ C0] RAX: ffffffff81b486d0 RBX: ffff8880b863ca80 RCX: ffff88806d0a1e00 [ 637.197806][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 637.205824][ C0] RBP: ffffc9000491f720 R08: ffffffff8f9f87b7 R09: 1ffffffff1f3f0f6 [ 637.213828][ C0] R10: dffffc0000000000 R11: fffffbfff1f3f0f7 R12: 1ffff110170e8241 [ 637.221827][ C0] R13: dffffc0000000000 R14: 0000000000000001 R15: ffff8880b8741208 [ 637.229823][ C0] FS: 0000555587e8f500(0000) GS:ffff888125c98000(0000) knlGS:0000000000000000 [ 637.238782][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 637.245383][ C0] CR2: 00007f269b0e56c0 CR3: 0000000063478000 CR4: 00000000003526f0 [ 637.253376][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 637.261363][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 637.269352][ C0] Call Trace: [ 637.272658][ C0] [ 637.275618][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 637.280847][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 637.287240][ C0] ? ldt_dup_context+0x336/0x3e0 [ 637.292236][ C0] ? rcu_is_watching+0x15/0xb0 [ 637.297044][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 637.302265][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 637.307410][ C0] flush_tlb_mm_range+0x6b1/0x12c0 [ 637.312561][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 637.318132][ C0] ? up_write+0x1c4/0x420 [ 637.322499][ C0] copy_mm+0x18e2/0x2160 [ 637.326803][ C0] ? __pfx_copy_mm+0x10/0x10 [ 637.331421][ C0] ? do_raw_spin_lock+0x121/0x290 [ 637.336568][ C0] ? __init_rwsem+0x122/0x160 [ 637.341274][ C0] ? copy_signal+0x50b/0x630 [ 637.345900][ C0] copy_process+0x1706/0x3c00 [ 637.350635][ C0] ? copy_process+0x97f/0x3c00 [ 637.355573][ C0] ? __pfx_copy_process+0x10/0x10 [ 637.360657][ C0] kernel_clone+0x224/0x7f0 [ 637.365213][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 637.370407][ C0] ? count_memcg_event_mm+0x92/0x3b0 [ 637.375742][ C0] ? count_memcg_event_mm+0x35b/0x3b0 [ 637.381160][ C0] __x64_sys_clone+0x18b/0x1e0 [ 637.385956][ C0] ? __pfx___x64_sys_clone+0x10/0x10 [ 637.391290][ C0] ? do_user_addr_fault+0xc8a/0x1390 [ 637.396615][ C0] ? do_syscall_64+0xbe/0x3b0 [ 637.401338][ C0] do_syscall_64+0xfa/0x3b0 [ 637.405873][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 637.411096][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.417187][ C0] ? clear_bhb_loop+0x60/0xb0 [ 637.421891][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.427808][ C0] RIP: 0033:0x7f269a3851d3 [ 637.432267][ C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 637.451989][ C0] RSP: 002b:00007ffc0e3998c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 637.460427][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f269a3851d3 [ 637.468416][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 637.476404][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 637.484390][ C0] R10: 0000555587e8f7d0 R11: 0000000000000246 R12: 0000000000000000 [ 637.492433][ C0] R13: 00000000000927c0 R14: 0000000000081b1e R15: 00007ffc0e399a60 [ 637.500442][ C0]