last executing test programs: 11m34.640454657s ago: executing program 1 (id=15685): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x2}, 0x6) write(r0, &(0x7f00000000c0)="5100030000", 0x5) 11m34.577905577s ago: executing program 1 (id=15688): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000000180)=ANY=[@ANYBLOB="70010000", @ANYRES16=r1, @ANYBLOB="99c12dbd7000ffdbdf251b000000080001001700000008009a0002000000700022801c0000800800020008000000080004000500000008000500040000001c0000800840060002000000080006000700000008000400571a00001400008048000100090000000800030001000000140000800800020026f5ffff08000700000000000c00008071000500080000000400cc00"], 0x170}, 0x1, 0x0, 0x0, 0x842}, 0x840) 11m34.472139305s ago: executing program 1 (id=15694): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)=0x2) ioctl$PPPIOCSMRRU(r0, 0x4004743b, &(0x7f0000000080)=0xc) 11m34.316996027s ago: executing program 1 (id=15704): ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000480)={0x54, 0xd8, 0xfffc, {0x20, 0x1}, {0x4b, 0x2}, @cond=[{0xa3dd, 0x0, 0x9, 0x5, 0x1, 0x71}, {0x8, 0xffff, 0xffe4, 0x0, 0x3, 0x3800}]}) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8) 11m34.251899721s ago: executing program 1 (id=15708): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 11m34.167654104s ago: executing program 1 (id=15710): r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RATE_DEL(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000000)={0x3c, r0, 0x6ae3e61d32b8160b, 0x0, 0x0, {0x4a}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40001}, 0x4004) 11m18.991944396s ago: executing program 32 (id=15710): r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RATE_DEL(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000000)={0x3c, r0, 0x6ae3e61d32b8160b, 0x0, 0x0, {0x4a}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40001}, 0x4004) 8m35.678252138s ago: executing program 3 (id=19635): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e) sendmmsg(r0, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0) 8m35.559536228s ago: executing program 3 (id=19639): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@newlink={0x48, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x7201}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x323a}, @IFLA_GTP_CREATE_SOCKETS={0x5}]}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x48}}, 0x0) 8m35.524752452s ago: executing program 3 (id=19642): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000140)={0x2}) sendmmsg$unix(r0, &(0x7f0000011500)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)="11", 0x1}], 0x1, 0x0, 0x0, 0x4004040}}], 0x1, 0x40015) 8m35.460374523s ago: executing program 3 (id=19644): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0xc) 8m35.460112846s ago: executing program 3 (id=19646): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0xfffffffb}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="5c0000001e00110227bd7000ffdbdf2507000000", @ANYRES32=0x0, @ANYBLOB="00000000400003"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 8m35.348608013s ago: executing program 3 (id=19648): r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x42, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x800000) 8m35.300784402s ago: executing program 33 (id=19648): r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x42, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x800000) 5m12.817939043s ago: executing program 4 (id=24991): capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000080)={0x0, 0x7ff, 0x0, 0x0, 0x9}) r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_SET_MASTER(r1, 0x641e) 5m12.717303349s ago: executing program 4 (id=24992): r0 = socket(0xa, 0x3, 0x87) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ipvlan0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={@local, 0x78, r1}) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x8916, &(0x7f0000000000)) 5m12.717141909s ago: executing program 4 (id=24993): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000032c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a600000000b0a0102000000000000000001000001080003400000008008000f400000000008000340000000200900010073797a310000000027000d40b1efbc487adad81450cddbfaf6308ad9e3276657792377af9437373eb042da2e7f07a400240000000b0a010200000000000000000500000a0800074000000003080004400000000270010000160a01040000000000000000020000050900010073797a3000000000240103809000038014000100687372300000000000000000000000001400010076657468315f766972745f77696669001400010076657468305f766c616e00000000000014000100697036746e6c300000000000000000001400010068737230000000000000000000000000140001006d6163767461703000000000000000001400010064756d6d7930000000000000001b00009000038014000100766972745f776966693000000000000014000100626f6e645f736c6176655f310000000014000100766574683100000000000000000000001400010069703665727370616e300000000000001400010076657468305f6d616376746170000000140001006272696467655f736c6176655f3100001400010076657468305f746f5f7465616d00000008000740000000010c00054000000000000000040900020073797a30"], 0x21c}, 0x1, 0x0, 0x0, 0x40044}, 0x20008000) 5m12.645314376s ago: executing program 4 (id=24994): r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000000000)='n', 0x1, 0xc008001, &(0x7f0000004ff0)={0x2, 0x4e22, @rand_addr=0xfffffffd}, 0x10) listen(r0, 0xda91) accept4(r0, &(0x7f0000000340)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x0, 0x80000) 5m12.575280984s ago: executing program 4 (id=24997): openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) 5m12.574671029s ago: executing program 4 (id=24998): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000050000000900010073797a30000000002c000000030a01010000000000000000050000000900010073797a30000000000900030073797a300000000078000000060a010400000000000000000500000008000b400000000050000480240001800b00010074756e6e656c0000140002800800014000000041080002"], 0xec}}, 0x0) r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RATE_DEL(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0b160600000000002154137400000800b8"], 0x3c}}, 0x0) 4m57.073774451s ago: executing program 34 (id=24998): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000050000000900010073797a30000000002c000000030a01010000000000000000050000000900010073797a30000000000900030073797a300000000078000000060a010400000000000000000500000008000b400000000050000480240001800b00010074756e6e656c0000140002800800014000000041080002"], 0xec}}, 0x0) r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RATE_DEL(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0b160600000000002154137400000800b8"], 0x3c}}, 0x0) 4m13.647372676s ago: executing program 6 (id=25992): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) mlockall(0x1) 4m12.916190444s ago: executing program 6 (id=26006): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x22301, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x100) write$binfmt_script(r0, &(0x7f0000000140)={'#! ', './file3'}, 0xb) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) 4m12.307325138s ago: executing program 6 (id=26018): syz_open_dev$loop(&(0x7f0000000100), 0x3, 0x1a7a40) r0 = syz_io_uring_setup(0xf00, &(0x7f0000000400)={0x0, 0x595f, 0x10000, 0x0, 0x51}, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, r3, &(0x7f0000000280)=@IORING_OP_READV=@use_registered_buffer={0x1, 0xc, 0x4004, @fd_index=0x3, 0x5, 0x0, 0x0, 0x10}) io_uring_enter(r0, 0x2000, 0xfffffffd, 0x9, 0x0, 0x0) 4m12.307144702s ago: executing program 6 (id=26019): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 4m12.220657775s ago: executing program 6 (id=26020): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) rmdir(0x0) 4m11.929816406s ago: executing program 6 (id=26025): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x28, r1, 0x5, 0x3, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}}, 0x0) 4m11.880536493s ago: executing program 35 (id=26025): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x28, r1, 0x5, 0x3, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}}, 0x0) 3m29.589665863s ago: executing program 0 (id=27148): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000140)={0x3c, r0, 0x1, 0x2, 0x25dfdbfd, {{0x2}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x976}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xc}]]}, 0x3c}, 0x1, 0x0, 0x0, 0x4044080}, 0x20004800) 3m29.524813041s ago: executing program 0 (id=27149): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x40, 0x972, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) setresuid(0x0, 0x0, 0x0) 3m29.319811499s ago: executing program 0 (id=27157): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) 3m29.083975431s ago: executing program 0 (id=27163): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x51) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x81899, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount(0x0, &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x80000, 0x0) 3m29.026588411s ago: executing program 0 (id=27165): r0 = socket(0x1e, 0x1, 0x0) connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) write$binfmt_misc(r0, &(0x7f0000000400), 0x2000011a) recvmmsg(r0, &(0x7f0000003280)=[{{0x0, 0x0, &(0x7f0000002cc0)=[{&(0x7f0000000cc0)=""/4096, 0x1000}], 0x1}, 0x9}], 0x1, 0x10140, 0x0) 3m28.787483818s ago: executing program 0 (id=27169): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000080)={0x3c, r1, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r2}}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x6}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x8003}]}, 0x3c}}, 0x20000000) 3m28.755739884s ago: executing program 36 (id=27169): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000080)={0x3c, r1, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r2}}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x6}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x8003}]}, 0x3c}}, 0x20000000) 1m9.816074771s ago: executing program 7 (id=29224): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00') read$FUSE(r0, &(0x7f0000003380)={0x2020}, 0x2020) 1m9.613798643s ago: executing program 7 (id=29227): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x47, 0xd, 0x7ffc0001}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) sync_file_range(r0, 0xd81, 0x6, 0xa) 1m9.32048955s ago: executing program 7 (id=29236): bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x10, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue1\x00', 0x4}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000140)={0xa7, @tick=0x20014}) 1m9.230524215s ago: executing program 7 (id=29237): mkdirat(0xffffffffffffff9c, &(0x7f00000007c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x21d000, 0x0) pivot_root(&(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='.\x00') 1m9.230027269s ago: executing program 7 (id=29238): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000240), 0x3af4701e) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000006, 0x10010, r0, 0xd1877000) ioctl$FS_IOC_RESVSP(r0, 0x4030582b, &(0x7f0000000c00)={0x0, 0x1, 0x4, 0x40000000000000, 0x0, 0xf0}) 1m8.918837985s ago: executing program 7 (id=29239): r0 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000480)=0x4) bind$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x2710}, 0x10) listen(r0, 0x5) accept4$unix(r0, 0x0, 0x0, 0x0) 1m8.810764759s ago: executing program 37 (id=29239): r0 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000480)=0x4) bind$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x2710}, 0x10) listen(r0, 0x5) accept4$unix(r0, 0x0, 0x0, 0x0) 2.494040296s ago: executing program 5 (id=30081): r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01000000000000000062540000000e0002006e657464657673696d0000000f0002006e657464657673696d300000080003"], 0x3c}, 0x1, 0x0, 0x0, 0x8001}, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff8000}]}) close_range(r2, 0xffffffffffffffff, 0x0) 2.396327882s ago: executing program 5 (id=30085): r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) close(r2) 2.328264039s ago: executing program 5 (id=30087): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f00000002c0)=ANY=[], 0x98) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7a, &(0x7f0000000340)={r1, @in6={{0xa, 0x3, 0x4, @rand_addr=' \x01\x00'}}}, &(0x7f0000000040)=0x84) 2.219171197s ago: executing program 5 (id=30088): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x3f46137792f68265) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0xc0089364, &(0x7f00000001c0)) 2.157683247s ago: executing program 5 (id=30092): r0 = socket$kcm(0xf, 0x3, 0x2) sendmsg$inet(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b070102000000e4a17c455b3a89e0", 0x10}], 0x1}, 0x0) r1 = socket$kcm(0xf, 0x3, 0x2) sendmsg$inet(r1, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0) sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="020a030002000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0) 2.099918006s ago: executing program 5 (id=30093): r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x40025b0c, 0x0) 1.849887819s ago: executing program 8 (id=30102): syz_open_dev$usbfs(&(0x7f0000000100), 0x72, 0x101b01) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000800), r0) sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000220000000a0001007770616e3000000005002000000004000500200000000000050020000000000009001f"], 0x44}, 0x1, 0x0, 0x0, 0x880}, 0x44) 1.468715833s ago: executing program 8 (id=30104): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x9, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140), 0x4) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x11a, 0x4, 0x0, 0x0) 1.390062607s ago: executing program 8 (id=30106): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x7fff0000}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x10a942, 0x9f667fd378a54ed4) write$P9_RREADLINK(r0, &(0x7f0000000040)={0x10, 0x17, 0x2, {0xffffffffffffffc1, './file0'}}, 0xfffffdab) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000240)=[{0x6, 0x0, 0x0, 0x7fff0001}]}) 1.308036313s ago: executing program 2 (id=30108): r0 = socket(0x1e, 0x1, 0x0) connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10) recvmmsg(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000140)=""/156, 0x9c}], 0x1, &(0x7f0000000500)=""/31, 0x1f}, 0x8000}], 0x400000000000387, 0x2102, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) write$binfmt_misc(r0, &(0x7f0000000340), 0x2000011a) 959.842327ms ago: executing program 8 (id=30109): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x34, r1, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000800}, 0x400d4) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000800}, 0x0) 730.678583ms ago: executing program 8 (id=30110): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000ac0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000080)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@key_params=[@NL80211_ATTR_MAC={0xa, 0x6, @device_b}], @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 730.463753ms ago: executing program 2 (id=30111): r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000000000000850000006d00000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 659.00873ms ago: executing program 2 (id=30112): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x94173000) 557.783963ms ago: executing program 8 (id=30114): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x14, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCAPPLICATION(r1, 0x4802, 0x5) 430.051563ms ago: executing program 9 (id=30115): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000100)={@val={0x2000}, @void, @eth={@broadcast, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1}, {0x300, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x36) 429.830518ms ago: executing program 2 (id=30116): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 317.313829ms ago: executing program 9 (id=30117): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x7, @empty, 0x2}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) 240.263947ms ago: executing program 9 (id=30118): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000480)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x1c, r1, 0xb1d, 0x70bd27, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008080}, 0x2040850) 183.627368ms ago: executing program 2 (id=30119): r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x10002, 0x2) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000000)='^', 0x1}], 0x1) 179.000785ms ago: executing program 9 (id=30120): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001300)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x54}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x38, 0x7, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x2}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040}, 0x0) 86.282985ms ago: executing program 9 (id=30121): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000f00), 0x4) sendmsg$unix(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x20000000) bind$unix(r0, &(0x7f0000000040)=@file={0x1, './file1\x00'}, 0x6e) connect$unix(r1, &(0x7f0000000140)=@file={0x1, './file1\x00'}, 0x6e) 84.970813ms ago: executing program 9 (id=30122): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000640)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xfec0ffffffffffff, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x59, 0x88, 0xfe, 0x0, 0x2a}, 0xe) readv(r0, &(0x7f0000001780)=[{&(0x7f00000000c0)=""/3, 0x3}], 0x1) shutdown(r0, 0x1) 0s ago: executing program 2 (id=30123): r0 = syz_usb_connect$cdc_ncm(0x3, 0x72, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6, 0x1, 0x0, 0x7fffffff}]}) syz_usb_disconnect(r0) close_range(r1, 0xffffffffffffffff, 0x0) 0s ago: executing program 9 (id=30125): r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000003c0)=':', 0x1}], 0x1}}], 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000006480)={&(0x7f0000c25000/0x4000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x65b86bb5, 0x1, 0x0}, &(0x7f00000064c0)=0x40) kernel console output (not intermixed with test programs): face 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 953.013534][ T10] usb 13-1: string descriptor 0 read error: -22 [ 953.018048][ T10] usb 13-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 953.021205][ T10] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 953.032427][ T10] adutux 13-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 953.196682][T24183] netlink: 'syz.7.28411': attribute type 4 has an invalid length. [ 953.297298][ T4944] usb 13-1: USB disconnect, device number 9 [ 953.353850][T24210] pimreg: left allmulticast mode [ 953.355545][T24210] netdevsim netdevsim2 netdevsim2: left allmulticast mode [ 953.390338][ T5905] kernel write not supported for file /sg0 (pid: 5905 comm: kworker/3:4) [ 953.704596][T24263] netlink: 24 bytes leftover after parsing attributes in process `syz.5.28430'. [ 953.707574][T24263] veth0_to_bond: Caught tx_queue_len zero misconfig [ 953.825213][T24277] random: crng reseeded on system resumption [ 953.842994][T24280] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 954.589460][T24379] loop8: detected capacity change from 0 to 7 [ 954.592482][T24379] Dev loop8: unable to read RDB block 7 [ 954.594211][T24379] loop8: unable to read partition table [ 954.596408][T24379] loop8: partition table beyond EOD, truncated [ 954.600930][T24379] loop_reread_partitions: partition scan of loop8 (þ被xü—ŸÑà– ) failed (rc=-5) [ 955.577546][T18775] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 955.581160][T18775] CPU: 1 UID: 0 PID: 18775 Comm: kworker/u33:1 Tainted: G L syzkaller #0 PREEMPT(full) [ 955.581181][T18775] Tainted: [L]=SOFTLOCKUP [ 955.581186][T18775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 955.581195][T18775] Workqueue: hci3 hci_rx_work [ 955.581212][T18775] Call Trace: [ 955.581216][T18775] [ 955.581224][T18775] dump_stack_lvl+0x100/0x190 [ 955.581239][T18775] sysfs_warn_dup.cold+0x1c/0x28 [ 955.581258][T18775] sysfs_create_dir_ns+0x24b/0x2b0 [ 955.581272][T18775] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 955.581285][T18775] ? find_held_lock+0x2b/0x80 [ 955.581298][T18775] ? kobject_add_internal+0x25f/0x930 [ 955.581310][T18775] ? kobject_add_internal+0x25f/0x930 [ 955.581324][T18775] ? do_raw_spin_unlock+0x145/0x1e0 [ 955.581339][T18775] kobject_add_internal+0x2c8/0x930 [ 955.581353][T18775] kobject_add+0x16a/0x1e0 [ 955.581364][T18775] ? __pfx_kobject_add+0x10/0x10 [ 955.581375][T18775] ? class_to_subsys+0x10f/0x150 [ 955.581391][T18775] ? kobject_put+0xb9/0x640 [ 955.581407][T18775] ? _raw_spin_unlock+0x28/0x50 [ 955.581424][T18775] device_add+0x294/0x1950 [ 955.581436][T18775] ? __pfx_dev_set_name+0x10/0x10 [ 955.581451][T18775] ? __pfx_device_add+0x10/0x10 [ 955.581464][T18775] ? mgmt_send_event_skb+0x2fb/0x460 [ 955.581482][T18775] hci_conn_add_sysfs+0x1a3/0x260 [ 955.581500][T18775] le_conn_complete_evt+0x11eb/0x1f60 [ 955.581519][T18775] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 955.581538][T18775] hci_le_conn_complete_evt+0x23c/0x3a0 [ 955.581553][T18775] ? skb_pull_data+0x15f/0x1e0 [ 955.581590][T18775] hci_le_meta_evt+0x34a/0x5f0 [ 955.581610][T18775] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 955.581627][T18775] hci_event_packet+0x51c/0xcd0 [ 955.581644][T18775] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 955.581660][T18775] ? __pfx_hci_event_packet+0x10/0x10 [ 955.581677][T18775] ? kcov_remote_start+0x374/0x660 [ 955.581692][T18775] ? lockdep_hardirqs_on+0x78/0x100 [ 955.581718][T18775] hci_rx_work+0x451/0xfc0 [ 955.581750][T18775] process_one_work+0xa0e/0x1980 [ 955.581779][T18775] ? __pfx_process_one_work+0x10/0x10 [ 955.581805][T18775] ? __pfx_hci_rx_work+0x10/0x10 [ 955.581824][T18775] worker_thread+0x5ef/0xe50 [ 955.581838][T18775] ? __pfx_worker_thread+0x10/0x10 [ 955.581850][T18775] ? kthread+0x13a/0x450 [ 955.581865][T18775] ? __pfx_worker_thread+0x10/0x10 [ 955.581875][T18775] kthread+0x370/0x450 [ 955.581890][T18775] ? __pfx_kthread+0x10/0x10 [ 955.581907][T18775] ret_from_fork+0x72b/0xd50 [ 955.581920][T18775] ? __pfx_ret_from_fork+0x10/0x10 [ 955.581933][T18775] ? __switch_to+0x800/0x1100 [ 955.581948][T18775] ? __pfx_kthread+0x10/0x10 [ 955.581965][T18775] ret_from_fork_asm+0x1a/0x30 [ 955.581987][T18775] [ 955.582003][T18775] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 955.679253][T18775] Bluetooth: hci3: failed to register connection device [ 956.162385][T24526] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 40 [ 956.349194][T24551] lo speed is unknown, defaulting to 1000 [ 956.458967][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 956.473004][T24582] __nla_validate_parse: 3 callbacks suppressed [ 956.473015][T24582] netlink: 4 bytes leftover after parsing attributes in process `syz.5.28509'. [ 956.485988][T24582] netlink: 4 bytes leftover after parsing attributes in process `syz.5.28509'. [ 956.552119][ T5905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 956.622327][T24592] IPv6: NLM_F_CREATE should be specified when creating new route [ 956.973026][ T40] audit: type=1326 audit(2000001793.356:22204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24616 comm="syz.7.28521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 956.987747][ T40] audit: type=1326 audit(2000001793.356:22205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24616 comm="syz.7.28521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 956.997312][ T40] audit: type=1326 audit(2000001793.356:22206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24616 comm="syz.7.28521" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 957.013163][ T40] audit: type=1326 audit(2000001793.356:22207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24616 comm="syz.7.28521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 957.022510][ T40] audit: type=1326 audit(2000001793.356:22208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24616 comm="syz.7.28521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 957.030036][ T40] audit: type=1326 audit(2000001793.356:22209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24616 comm="syz.7.28521" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 957.042208][ T40] audit: type=1326 audit(2000001793.356:22210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24616 comm="syz.7.28521" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa5f98 code=0x7ffc0000 [ 957.056997][ T40] audit: type=1326 audit(2000001793.356:22211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24616 comm="syz.7.28521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 957.064334][ T40] audit: type=1326 audit(2000001793.356:22212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24616 comm="syz.7.28521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 957.072792][ T40] audit: type=1326 audit(2000001793.356:22213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24616 comm="syz.7.28521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 957.188503][T26037] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 957.194335][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 957.268593][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 957.357740][ T5905] usb 12-1: new high-speed USB device number 11 using dummy_hcd [ 957.509293][ T5905] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 957.516758][ T5905] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 957.519998][ T5905] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 957.524056][ T5905] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 957.526894][ T5905] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 957.531118][ T5905] usb 12-1: config 0 descriptor?? [ 957.827773][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 957.944104][ T5905] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 957.946479][ T5905] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 957.948859][ T5905] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 957.951243][ T5905] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 957.953614][ T5905] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 957.956022][ T5905] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 957.958394][ T5905] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 957.960664][ T5905] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 957.963011][ T5905] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 957.985935][ T5905] plantronics 0003:047F:FFFF.001B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 958.058065][T18305] usb 10-1: new high-speed USB device number 27 using dummy_hcd [ 958.200603][ T5905] usb 12-1: USB disconnect, device number 11 [ 958.229464][T18305] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 958.232906][T18305] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 958.235912][T18305] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 958.240679][T18305] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 958.243597][T18305] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 958.247309][T18305] usb 10-1: config 0 descriptor?? [ 958.307740][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 958.673148][T18305] plantronics 0003:047F:FFFF.001C: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 959.007523][ T10] usb 12-1: new full-speed USB device number 12 using dummy_hcd [ 959.189125][ T10] usb 12-1: config 0 has an invalid interface number: 8 but max is 0 [ 959.195020][ T10] usb 12-1: config 0 has no interface number 0 [ 959.196972][ T10] usb 12-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F [ 959.203008][ T10] usb 12-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 959.208482][ T10] usb 12-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 959.212762][ T10] usb 12-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 959.216903][ T10] usb 12-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 959.221683][ T10] usb 12-1: Product: syz [ 959.223051][ T10] usb 12-1: SerialNumber: syz [ 959.228482][ T10] usb 12-1: config 0 descriptor?? [ 959.232997][ T10] cm109 12-1:0.8: invalid payload size 0, expected 4 [ 959.238644][ T10] input: CM109 USB driver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.8/input/input142 [ 959.337607][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 959.486217][ C0] cm109 12-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 959.491669][ C0] cm109 12-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 959.494401][ C0] cm109 12-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 959.497126][ C0] cm109 12-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 959.499618][ C0] cm109 12-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 959.501866][ C0] cm109 12-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 959.504346][ C0] cm109 12-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 959.506656][ C0] cm109 12-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 959.509231][ C0] cm109 12-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 959.511478][ C0] cm109 12-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 959.514036][ T10] usb 12-1: USB disconnect, device number 12 [ 959.515852][ C0] cm109 12-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 959.526001][ T10] cm109 12-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 959.751871][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 960.076082][T24762] netlink: 24 bytes leftover after parsing attributes in process `syz.8.28549'. [ 960.388834][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 960.701665][T18305] usb 10-1: USB disconnect, device number 27 [ 960.799008][ T5857] e1000 0000:00:06.0 eth0: Reset adapter [ 960.843820][T24853] netlink: 'syz.7.28569': attribute type 11 has an invalid length. [ 961.147662][T18305] usb 10-1: new high-speed USB device number 28 using dummy_hcd [ 961.309016][T18305] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 961.312217][T18305] usb 10-1: config 0 has no interfaces? [ 961.313947][T18305] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 961.316726][T18305] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 961.321255][T18305] usb 10-1: config 0 descriptor?? [ 961.529298][T18305] usb 10-1: USB disconnect, device number 28 [ 962.461060][ T4944] net_ratelimit: 1 callbacks suppressed [ 962.461072][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 962.777339][T26037] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 962.948097][ T4944] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 963.507135][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 964.547291][T13925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 965.587300][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 965.818173][ T5905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 966.618770][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 966.779165][T24152] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 967.418898][ T5905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 967.657757][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 968.696535][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 968.856761][T26037] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 969.736425][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 970.787205][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 971.004923][T24917] netlink: 'syz.5.28578': attribute type 13 has an invalid length. [ 971.024291][T24929] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 971.093454][ T40] kauditd_printk_skb: 42 callbacks suppressed [ 971.093466][ T40] audit: type=1326 audit(2000001807.477:22256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24927 comm="syz.7.28579" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x0 [ 971.257766][T19337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 971.361969][T24983] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.28593'. [ 971.583604][T25016] lo speed is unknown, defaulting to 1000 [ 971.676026][T24152] usb 13-1: new high-speed USB device number 10 using dummy_hcd [ 971.817427][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 971.846334][T24152] usb 13-1: Using ep0 maxpacket: 8 [ 971.849941][T24152] usb 13-1: config index 0 descriptor too short (expected 301, got 45) [ 971.852639][T24152] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 971.855623][T24152] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 971.859402][T24152] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 971.862461][T24152] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 971.866974][T24152] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 971.869823][T24152] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 971.872578][T25055] netlink: 12 bytes leftover after parsing attributes in process `syz.2.28606'. [ 971.889206][T14934] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 971.893074][T14934] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 971.897014][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 971.901421][T25055] netlink: 12 bytes leftover after parsing attributes in process `syz.2.28606'. [ 971.906715][T14934] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 971.914372][T14934] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 972.315906][T19337] usb 10-1: new high-speed USB device number 29 using dummy_hcd [ 972.425892][ T10] usb 12-1: new high-speed USB device number 13 using dummy_hcd [ 972.465872][T19337] usb 10-1: Using ep0 maxpacket: 8 [ 972.469545][T19337] usb 10-1: config index 0 descriptor too short (expected 301, got 45) [ 972.472192][T19337] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 972.475278][T19337] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 972.478488][T19337] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 972.481695][T19337] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 972.485669][T19337] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 972.488792][T19337] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 972.536263][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 972.575906][ T10] usb 12-1: Using ep0 maxpacket: 8 [ 972.579584][ T10] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 972.584087][ T10] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 972.588365][ T10] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 972.592324][ T10] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 972.597551][ T10] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 972.601098][ T10] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 972.699843][T19337] usb 10-1: GET_CAPABILITIES returned 0 [ 972.701618][T19337] usbtmc 10-1:16.0: can't read capabilities [ 972.812673][ T10] usb 12-1: GET_CAPABILITIES returned 0 [ 972.814462][ T10] usbtmc 12-1:16.0: can't read capabilities [ 972.838158][T24152] usb 13-1: USB disconnect, device number 10 [ 972.856059][ T5857] net_ratelimit: 1 callbacks suppressed [ 972.856076][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 973.017781][T19337] usb 12-1: USB disconnect, device number 13 [ 973.176901][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 973.689683][T25150] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 973.694752][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 973.700637][T25150] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 973.703583][T14929] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 973.708264][T25150] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 973.712256][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 973.715475][T25150] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 973.906032][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 974.167115][T25190] lo speed is unknown, defaulting to 1000 [ 974.316172][ T10] usb 12-1: new high-speed USB device number 14 using dummy_hcd [ 974.378913][T25214] input: syz1 as /devices/virtual/input/input143 [ 974.465758][ T10] usb 12-1: Using ep0 maxpacket: 8 [ 974.473332][ T10] usb 12-1: config index 0 descriptor too short (expected 301, got 45) [ 974.476872][ T10] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 974.479954][ T10] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 974.482889][ T10] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 974.486392][ T10] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 974.490710][ T10] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 974.493582][ T10] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 974.709817][ T10] usb 12-1: usb_control_msg returned -32 [ 974.711554][ T10] usbtmc 12-1:16.0: can't read capabilities [ 975.097539][ T24] usb 10-1: USB disconnect, device number 29 [ 975.198368][T25248] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 975.203591][T25248] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 975.209847][T25248] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 975.218498][T25248] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 975.265790][T19308] usb 12-1: USB disconnect, device number 14 [ 975.347668][T25265] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 975.488036][T25283] team0 (unregistering): Port device team_slave_0 removed [ 975.490988][T25283] team0 (unregistering): Port device team_slave_1 removed [ 975.704959][T25308] netlink: 4 bytes leftover after parsing attributes in process `syz.5.28650'. [ 975.784064][T25314] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes [ 975.798315][T25317] netlink: 4 bytes leftover after parsing attributes in process `syz.7.28653'. [ 975.819868][T25320] team_slave_1: Caught tx_queue_len zero misconfig [ 975.840106][T25320] netlink: 20 bytes leftover after parsing attributes in process `syz.5.28654'. [ 975.848026][T25323] netlink: 208240 bytes leftover after parsing attributes in process `syz.7.28655'. [ 976.147656][T25362] netlink: 176 bytes leftover after parsing attributes in process `syz.5.28664'. [ 976.209237][T25368] netlink: 'syz.5.28666': attribute type 5 has an invalid length. [ 976.211652][T25368] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.28666'. [ 976.582486][ T40] audit: type=1326 audit(2000001812.968:22257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25410 comm="syz.5.28679" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef7c code=0x0 [ 976.755340][ T10] usb 13-1: new high-speed USB device number 11 using dummy_hcd [ 976.834106][T25423] netlink: 12 bytes leftover after parsing attributes in process `syz.7.28682'. [ 976.837632][T25423] syz.7.28682: page allocation failure: order:4, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 976.841831][T25423] CPU: 2 UID: 0 PID: 25423 Comm: syz.7.28682 Tainted: G L syzkaller #0 PREEMPT(full) [ 976.841854][T25423] Tainted: [L]=SOFTLOCKUP [ 976.841859][T25423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 976.841866][T25423] Call Trace: [ 976.841871][T25423] [ 976.841877][T25423] dump_stack_lvl+0x100/0x190 [ 976.841893][T25423] warn_alloc.cold+0x95/0x1c1 [ 976.841907][T25423] ? __pfx_warn_alloc+0x10/0x10 [ 976.841933][T25423] ? __pfx___might_resched+0x10/0x10 [ 976.841949][T25423] __alloc_frozen_pages_noprof+0xf25/0x2bc0 [ 976.841975][T25423] ? lock_acquire+0x1b1/0x370 [ 976.841992][T25423] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 976.842010][T25423] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 976.842027][T25423] ? mark_held_locks+0x40/0x70 [ 976.842045][T25423] ? lockdep_hardirqs_on+0x78/0x100 [ 976.842063][T25423] ? rcu_is_watching+0x12/0xc0 [ 976.842076][T25423] ? trace_sched_exit_tp+0x11c/0x160 [ 976.842092][T25423] ? __schedule+0x12a7/0x67a0 [ 976.842106][T25423] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 976.842123][T25423] ? policy_nodemask+0xed/0x4f0 [ 976.842138][T25423] alloc_pages_mpol+0x1fb/0x540 [ 976.842153][T25423] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 976.842166][T25423] ? tick_nohz_tick_stopped+0x6c/0xa0 [ 976.842183][T25423] ? __irq_work_queue_local+0x1d7/0x4f0 [ 976.842203][T25423] ? wiphy_new_nm+0x701/0x21a0 [ 976.842213][T25423] ___kmalloc_large_node+0xe5/0x120 [ 976.842228][T25423] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 976.842245][T25423] __kmalloc_large_node_noprof+0x1c/0x70 [ 976.842260][T25423] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 976.842276][T25423] __kmalloc_noprof+0x5be/0x850 [ 976.842289][T25423] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 976.842305][T25423] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 976.842322][T25423] ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10 [ 976.842334][T25423] wiphy_new_nm+0x701/0x21a0 [ 976.842346][T25423] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 976.842364][T25423] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 976.842380][T25423] ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10 [ 976.842392][T25423] ieee80211_alloc_hw_nm+0x1afc/0x22e0 [ 976.842408][T25423] ? __local_bh_enable_ip+0x9e/0x120 [ 976.842424][T25423] mac80211_hwsim_new_radio+0x1de/0x5aa0 [ 976.842439][T25423] ? __pfx__printk+0x10/0x10 [ 976.842450][T25423] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 976.842468][T25423] ? rcu_is_watching+0x12/0xc0 [ 976.842480][T25423] ? do_trace_netlink_extack+0x74/0x1f0 [ 976.842493][T25423] ? __nla_validate_parse+0x1e7/0x28b0 [ 976.842507][T25423] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 976.842526][T25423] hwsim_new_radio_nl+0xc5f/0x1370 [ 976.842540][T25423] ? rcu_is_watching+0x12/0xc0 [ 976.842552][T25423] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 976.842571][T25423] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 976.842588][T25423] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 976.842608][T25423] genl_family_rcv_msg_doit+0x214/0x300 [ 976.842626][T25423] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 976.842643][T25423] ? genl_get_cmd+0x3e7/0x760 [ 976.842662][T25423] ? bpf_lsm_capable+0x9/0x10 [ 976.842674][T25423] ? security_capable+0x80/0x260 [ 976.842685][T25423] ? ns_capable+0xd2/0xf0 [ 976.842699][T25423] genl_rcv_msg+0x560/0x800 [ 976.842718][T25423] ? __pfx_genl_rcv_msg+0x10/0x10 [ 976.842734][T25423] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 976.842753][T25423] netlink_rcv_skb+0x159/0x420 [ 976.842768][T25423] ? __pfx_genl_rcv_msg+0x10/0x10 [ 976.842785][T25423] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 976.842806][T25423] ? netlink_deliver_tap+0x1ae/0xcc0 [ 976.842823][T25423] genl_rcv+0x28/0x40 [ 976.842837][T25423] netlink_unicast+0x585/0x850 [ 976.842878][T25423] ? __pfx_netlink_unicast+0x10/0x10 [ 976.842900][T25423] netlink_sendmsg+0x8b0/0xda0 [ 976.842919][T25423] ? __pfx_netlink_sendmsg+0x10/0x10 [ 976.842936][T25423] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 976.842952][T25423] ____sys_sendmsg+0x9e1/0xb70 [ 976.842967][T25423] ? __pfx_netlink_sendmsg+0x10/0x10 [ 976.842985][T25423] ? __pfx_____sys_sendmsg+0x10/0x10 [ 976.842999][T25423] ? __pfx___futex_wait+0x10/0x10 [ 976.843016][T25423] ? __pfx_futex_wake_mark+0x10/0x10 [ 976.843033][T25423] ___sys_sendmsg+0x190/0x1e0 [ 976.843049][T25423] ? __pfx____sys_sendmsg+0x10/0x10 [ 976.843071][T25423] ? find_held_lock+0x2b/0x80 [ 976.843095][T25423] __sys_sendmsg+0x170/0x220 [ 976.843106][T25423] ? __pfx___sys_sendmsg+0x10/0x10 [ 976.843118][T25423] ? __ia32_sys_futex_time32+0x2f4/0x470 [ 976.843137][T25423] ? rcu_is_watching+0x12/0xc0 [ 976.843152][T25423] __do_fast_syscall_32+0xe7/0x970 [ 976.843171][T25423] do_fast_syscall_32+0x32/0x70 [ 976.843187][T25423] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 976.843202][T25423] RIP: 0023:0xf7fa5f7c [ 976.843212][T25423] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 976.843223][T25423] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 976.843233][T25423] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100 [ 976.843240][T25423] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 976.843247][T25423] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 976.843253][T25423] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 976.843259][T25423] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 976.843274][T25423] [ 976.843355][T25423] Mem-Info: [ 976.915321][ T10] usb 13-1: Using ep0 maxpacket: 8 [ 976.915674][T25423] active_anon:469 inactive_anon:3132 isolated_anon:0 [ 976.915674][T25423] active_file:537 inactive_file:15414 isolated_file:0 [ 976.915674][T25423] unevictable:1769 dirty:259 writeback:0 [ 976.915674][T25423] slab_reclaimable:7544 slab_unreclaimable:77855 [ 976.915674][T25423] mapped:22033 shmem:3438 pagetables:2275 [ 976.915674][T25423] sec_pagetables:382 bounce:0 [ 976.915674][T25423] kernel_misc_reclaimable:0 [ 976.915674][T25423] free:49064 free_pcp:470 free_cma:0 [ 976.918789][ T10] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 976.918920][T25423] Node 0 active_anon:0kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8288kB pagetables:1072kB sec_pagetables:1136kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 976.920725][ T10] usb 13-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 976.922273][T25423] Node 1 active_anon:1876kB inactive_anon:12524kB active_file:2148kB inactive_file:61656kB unevictable:3540kB isolated(anon):0kB isolated(file):0kB mapped:88108kB dirty:1036kB writeback:0kB shmem:10216kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8380kB pagetables:8028kB sec_pagetables:392kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 976.924235][ T10] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 976.925785][T25423] Node 0 DMA free:3364kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 976.931253][ T10] usb 13-1: config 0 descriptor?? [ 976.933337][T25423] lowmem_reserve[]: 0 285 285 285 285 [ 976.933364][T25423] Node 0 DMA32 free:33008kB boost:22528kB min:35624kB low:38896kB high:42168kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:3536kB writepending:0kB zspages:144kB present:1032196kB managed:292748kB mlocked:0kB bounce:0kB free_pcp:256kB local_pcp:0kB free_cma:0kB [ 977.077960][T25423] lowmem_reserve[]: 0 0 0 0 0 [ 977.079705][T25423] Node 1 DMA32 free:152084kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1916kB inactive_anon:12524kB active_file:7652kB inactive_file:61656kB unevictable:3540kB writepending:1036kB zspages:6728kB present:1048432kB managed:948212kB mlocked:4kB bounce:0kB free_pcp:3344kB local_pcp:2264kB free_cma:0kB [ 977.089949][T25423] lowmem_reserve[]: 0 0 0 0 0 [ 977.091532][T25423] Node 0 DMA: 97*4kB (U) 48*8kB (U) 16*16kB (U) 19*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 3364kB [ 977.096398][T25423] Node 0 DMA32: 1142*4kB (UME) 629*8kB (UME) 239*16kB (UME) 120*32kB (UME) 64*64kB (UME) 23*128kB (UME) 16*256kB (UME) 7*512kB (UME) 1*1024kB (U) 0*2048kB 0*4096kB = 33008kB [ 977.101858][T25423] Node 1 DMA32: 1063*4kB (U) 6443*8kB (UE) 5987*16kB (UE) 12*32kB (UE) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 151972kB [ 977.107316][T25423] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 977.110302][T25423] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 977.113318][T25423] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 977.116581][T25423] Node 1 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 977.119436][T25423] 21717 total pagecache pages [ 977.120923][T25423] 947 pages in swap cache [ 977.122265][T25423] Free swap = 4kB [ 977.123560][T25423] Total swap = 124996kB [ 977.124871][T25423] 524155 pages RAM [ 977.126131][T25423] 0 pages HighMem/MovableOnly [ 977.127620][T25423] 210075 pages reserved [ 977.128954][T25423] 0 pages cma reserved [ 977.174634][ T10] iowarrior 13-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 977.374353][T19337] usb 13-1: USB disconnect, device number 11 [ 977.376312][ C3] iowarrior 13-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19 [ 977.606960][T25474] netlink: 4 bytes leftover after parsing attributes in process `syz.7.28692'. [ 977.628074][T25474] bond1: Invalid ad_actor_system MAC address. [ 977.632292][T25474] bond1: option ad_actor_system: invalid value (5) [ 977.636130][T25474] bond1 (unregistering): Released all slaves [ 977.936483][T25566] netlink: 4 bytes leftover after parsing attributes in process `syz.8.28700'. [ 978.136098][ T5857] net_ratelimit: 5 callbacks suppressed [ 978.136110][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 978.208969][T25608] tun0: tun_chr_ioctl cmd 1074025675 [ 978.213938][T25608] tun0: persist enabled [ 978.217008][T25608] tun0: tun_chr_ioctl cmd 1074025675 [ 978.218734][T25608] tun0: persist enabled [ 978.321796][T25636] netlink: 8 bytes leftover after parsing attributes in process `syz.8.28720'. [ 978.548497][ T40] audit: type=1326 audit(2000001814.938:22258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25674 comm="syz.5.28730" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef7c code=0x0 [ 978.995148][ T5857] usb 12-1: new high-speed USB device number 15 using dummy_hcd [ 979.155076][T19337] usb 13-1: new high-speed USB device number 12 using dummy_hcd [ 979.156645][ T5857] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 979.160790][ T5857] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 979.164361][ T5857] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 979.168846][ T5857] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 979.171626][ T5857] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 979.175347][ T5857] usb 12-1: config 0 descriptor?? [ 979.185255][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 979.255697][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 979.305041][T19337] usb 13-1: Using ep0 maxpacket: 32 [ 979.307936][T19337] usb 13-1: config index 0 descriptor too short (expected 29220, got 36) [ 979.310576][T19337] usb 13-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 979.313183][T19337] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 979.316074][T19337] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 979.319009][T19337] usb 13-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 979.321939][T19337] usb 13-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 979.325972][T19337] usb 13-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 979.328725][T19337] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 979.332379][T19337] usb 13-1: config 0 descriptor?? [ 979.538092][T19337] usblp 13-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 979.591813][T25739] sctp: [Deprecated]: syz.5.28743 (pid 25739) Use of struct sctp_assoc_value in delayed_ack socket option. [ 979.591813][T25739] Use struct sctp_sack_info instead [ 979.593718][ T5857] plantronics 0003:047F:FFFF.001D: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 979.742739][ T5857] usb 13-1: USB disconnect, device number 12 [ 979.748160][ T5857] usblp0: removed [ 979.783883][T19337] usb 12-1: USB disconnect, device number 15 [ 980.134955][T18775] Bluetooth: hci0: command tx timeout [ 980.225063][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 980.471887][T25790] netlink: 4 bytes leftover after parsing attributes in process `syz.8.28749'. [ 980.521955][T25796] ipvlan1: Caught tx_queue_len zero misconfig [ 980.766616][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 981.070463][T25874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 981.075632][T25874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 981.078338][T25874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 981.083430][T25874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 981.086412][T25874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 981.263037][T25903] netlink: 4 bytes leftover after parsing attributes in process `syz.7.28784'. [ 981.267517][T25903] netlink: 72 bytes leftover after parsing attributes in process `syz.7.28784'. [ 981.841704][T25956] ±ÿÿÿÿa–ïD: renamed from lo (while UP) [ 981.927850][T25962] trusted_key: syz.8.28802 sent an empty control message without MSG_MORE. [ 982.034749][T19308] usb 12-1: new high-speed USB device number 16 using dummy_hcd [ 982.186085][T19308] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 982.189822][T19308] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 982.193291][T19308] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 982.198542][T19308] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 982.202180][T19308] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 982.208638][T19308] usb 12-1: config 0 descriptor?? [ 982.625767][T19308] plantronics 0003:047F:FFFF.001E: reserved main item tag 0xd [ 982.638082][T19308] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 982.780541][T26005] IPv6: NLM_F_REPLACE set, but no existing node found! [ 982.887176][ T10] usb 12-1: USB disconnect, device number 16 [ 983.334755][ T24] net_ratelimit: 9 callbacks suppressed [ 983.334767][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 983.419027][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 983.427392][T26041] netlink: 'syz.5.28825': attribute type 1 has an invalid length. [ 983.479119][T26055] netlink: 116 bytes leftover after parsing attributes in process `syz.8.28829'. [ 983.509807][T26060] fuse: Bad value for 'fd' [ 983.714539][ T24] usb 12-1: new high-speed USB device number 17 using dummy_hcd [ 983.886437][ T24] usb 12-1: Using ep0 maxpacket: 8 [ 983.892595][ T24] usb 12-1: config index 0 descriptor too short (expected 301, got 45) [ 983.897700][ T24] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 983.901271][ T24] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 983.904348][ T24] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 983.907372][ T24] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 983.911079][ T24] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 983.916359][ T24] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 984.063498][T26125] netlink: 36 bytes leftover after parsing attributes in process `syz.5.28855'. [ 984.133984][ T24] usb 12-1: usb_control_msg returned -32 [ 984.138662][ T24] usbtmc 12-1:16.0: can't read capabilities [ 984.143308][T26128] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 984.385268][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 984.488571][T26163] usbtmc 12-1:16.0: control status returned 0 [ 984.693473][ T844] usb 12-1: USB disconnect, device number 17 [ 984.733376][T26190] tunl0: Caught tx_queue_len zero misconfig [ 984.841594][T26201] netlink: 4 bytes leftover after parsing attributes in process `syz.5.28874'. [ 985.055003][T26219] input: syz1 as /devices/virtual/input/input145 [ 985.230236][T26244] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 985.295365][T26253] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.28887'. [ 985.327259][T26256] netlink: 8 bytes leftover after parsing attributes in process `syz.5.28888'. [ 985.330344][T26256] netlink: 4 bytes leftover after parsing attributes in process `syz.5.28888'. [ 985.333335][T26256] netlink: 8 bytes leftover after parsing attributes in process `syz.5.28888'. [ 985.424524][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 985.429095][T26276] netem: change failed [ 986.454390][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 986.459277][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 987.143119][T26366] netlink: 20 bytes leftover after parsing attributes in process `syz.7.28920'. [ 987.299625][T26374] netlink: 8 bytes leftover after parsing attributes in process `syz.7.28922'. [ 987.302479][T26374] netlink: 4 bytes leftover after parsing attributes in process `syz.7.28922'. [ 987.305534][T26374] netlink: 'syz.7.28922': attribute type 15 has an invalid length. [ 987.494300][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 987.930879][T26419] Invalid argument reading file caps for ./file0 [ 988.323990][T19308] usb 10-1: new high-speed USB device number 30 using dummy_hcd [ 988.353169][T26447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 988.390563][T26456] fuse: Bad value for 'fd' [ 988.474475][T19308] usb 10-1: Using ep0 maxpacket: 8 [ 988.481146][T19308] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 988.484758][T19308] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 988.485535][T26460] __nla_validate_parse: 4 callbacks suppressed [ 988.485546][T26460] netlink: 16 bytes leftover after parsing attributes in process `syz.8.28948'. [ 988.487872][T19308] usb 10-1: config 0 interface 0 has no altsetting 0 [ 988.494977][T19308] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 988.497808][T19308] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 988.503249][T19308] usb 10-1: config 0 descriptor?? [ 988.530069][T26469] netlink: 80 bytes leftover after parsing attributes in process `syz.2.28951'. [ 988.538744][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 988.919022][T19308] mcp2221 0003:04D8:00DD.001F: unknown main item tag 0x0 [ 988.921200][T19308] mcp2221 0003:04D8:00DD.001F: unknown main item tag 0x0 [ 988.923300][T19308] mcp2221 0003:04D8:00DD.001F: unknown main item tag 0x0 [ 988.925580][T19308] mcp2221 0003:04D8:00DD.001F: unknown main item tag 0x0 [ 988.927712][T19308] mcp2221 0003:04D8:00DD.001F: unknown main item tag 0x0 [ 988.930218][T19308] mcp2221 0003:04D8:00DD.001F: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 988.939612][T26516] vxcan1: tx drop: invalid sa for name 0x0000000000000002 [ 988.972364][T26522] xfrm1: entered allmulticast mode [ 989.118427][ T24] usb 10-1: USB disconnect, device number 30 [ 989.494885][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 989.573935][T12438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 989.625955][T26567] netlink: 4 bytes leftover after parsing attributes in process `syz.8.28976'. [ 989.643124][T26567] bond1: Invalid ad_actor_system MAC address. [ 989.645780][T26567] bond1: option ad_actor_system: invalid value (5) [ 989.650064][T26567] bond1 (unregistering): Released all slaves [ 989.814793][T12438] e1000 0000:00:06.0 eth0: Reset adapter [ 990.093798][ T844] usb 10-1: new high-speed USB device number 31 using dummy_hcd [ 990.244289][ T844] usb 10-1: Using ep0 maxpacket: 8 [ 990.247329][ T844] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 990.250808][ T844] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 990.253966][ T844] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 990.257045][ T844] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 990.260909][ T844] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 990.263706][ T844] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 990.475065][ T844] usb 10-1: usb_control_msg returned -32 [ 990.479227][ T844] usbtmc 10-1:16.0: can't read capabilities [ 990.592478][ T844] usb 10-1: USB disconnect, device number 31 [ 990.615192][T12438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 991.663783][T12438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 991.974681][T12438] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 992.375357][T24152] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 992.534108][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 992.694333][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 993.733732][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 994.783354][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 995.574006][T26037] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 995.823329][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 996.853544][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 997.893213][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 998.614819][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 998.932842][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 999.424937][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 999.972848][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1000.053260][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1001.012729][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1001.653107][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1002.052494][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1002.623566][T24152] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1003.102660][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1004.135538][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1004.693089][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1005.172371][T26037] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1005.175873][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1006.213013][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1007.252074][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1008.213372][T26037] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1008.303113][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1008.421595][T19308] usb 10-1: new high-speed USB device number 32 using dummy_hcd [ 1008.571609][T19308] usb 10-1: Using ep0 maxpacket: 8 [ 1008.578218][T19308] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1008.583505][T19308] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1008.587445][T19308] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1008.594282][T19308] usb 10-1: config 0 descriptor?? [ 1008.817521][T19308] iowarrior 10-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 1009.092480][T19308] usb 10-1: USB disconnect, device number 32 [ 1009.092537][ C3] iowarrior 10-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19 [ 1009.333904][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1009.606657][T26790] mac80211_hwsim hwsim67 wlan0: entered promiscuous mode [ 1009.610345][T26790] mac80211_hwsim hwsim67 wlan0: entered allmulticast mode [ 1009.801493][T26799] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1009.964681][T26818] netlink: 48 bytes leftover after parsing attributes in process `syz.5.29015'. [ 1009.998603][T26822] Invalid argument reading file caps for ./file0 [ 1010.091228][T26828] lo speed is unknown, defaulting to 1000 [ 1010.345618][T26868] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1010.348424][T26868] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1010.357048][T26868] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1010.360388][T26868] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1010.377357][T26868] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1010.386656][ T194] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1010.393423][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1010.403798][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1010.410094][T26868] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1010.423489][T26868] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1010.426429][T26868] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1010.435477][T26868] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1011.200723][T26946] lo: Caught tx_queue_len zero misconfig [ 1011.251744][ T93] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1011.259439][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1011.266701][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1011.401223][T26958] netlink: 212340 bytes leftover after parsing attributes in process `syz.5.29043'. [ 1011.411443][T26958] openvswitch: netlink: Port 167772160 exceeds max allowable 65535 [ 1011.414908][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1011.545617][T26973] lo speed is unknown, defaulting to 1000 [ 1011.583042][T26975] pim6reg1: entered promiscuous mode [ 1011.585114][T26975] pim6reg1: entered allmulticast mode [ 1011.751519][T19337] usb 12-1: new high-speed USB device number 18 using dummy_hcd [ 1011.832074][T26920] Process accounting resumed [ 1011.849950][T26973] netlink: 132 bytes leftover after parsing attributes in process `syz.8.29047'. [ 1011.875789][T27012] lo speed is unknown, defaulting to 1000 [ 1011.912755][T19337] usb 12-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1011.922418][T19337] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1011.929534][T19337] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1011.934803][T19337] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1011.941977][T19337] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1011.946463][T19337] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1011.969896][T19337] usb 12-1: config 0 descriptor?? [ 1011.980322][T26967] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1012.215348][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1012.258971][T27054] all (unregistering): Released all slaves [ 1012.375565][T18775] Bluetooth: hci3: command 0x0c1a tx timeout [ 1012.378374][T18775] Bluetooth: hci1: command 0x0c1a tx timeout [ 1012.402248][T19337] plantronics 0003:047F:FFFF.0020: reserved main item tag 0xd [ 1012.436685][T19337] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 1012.451656][T18775] Bluetooth: hci0: command 0x0c1a tx timeout [ 1012.703599][ T24] usb 12-1: USB disconnect, device number 18 [ 1013.854676][T27209] overlayfs: failed to clone upperpath [ 1014.240341][T27238] lo speed is unknown, defaulting to 1000 [ 1014.310915][ T844] usb 10-1: new high-speed USB device number 33 using dummy_hcd [ 1014.451869][T18775] Bluetooth: hci3: command 0x0c1a tx timeout [ 1014.451874][ T62] Bluetooth: hci1: command 0x0c1a tx timeout [ 1014.470027][ T844] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1014.478715][ T844] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1014.492400][ T844] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1014.497523][ T844] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1014.503945][ T844] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1014.507950][ T844] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1014.524228][ T844] usb 10-1: config 0 descriptor?? [ 1014.531436][ T24] net_ratelimit: 6 callbacks suppressed [ 1014.531454][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1014.533479][T27224] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1014.534589][T18775] Bluetooth: hci0: command 0x0c1a tx timeout [ 1014.961439][ T844] plantronics 0003:047F:FFFF.0021: reserved main item tag 0xd [ 1014.973178][ T844] plantronics 0003:047F:FFFF.0021: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 1015.074165][T27307] overlayfs: failed to clone upperpath [ 1015.295146][ T844] usb 10-1: USB disconnect, device number 33 [ 1015.581209][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1016.051572][ T194] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1016.056279][ T844] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1016.059827][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1016.532007][T18775] Bluetooth: hci3: command 0x0c1a tx timeout [ 1016.621051][T18775] Bluetooth: hci0: command 0x0c1a tx timeout [ 1016.715093][ T194] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1016.718587][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1016.722156][T19337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1017.090817][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1018.130718][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1018.610421][T18775] Bluetooth: hci3: command 0x0c1a tx timeout [ 1019.582639][T27458] bridge0: port 2(bridge_slave_1) entered disabled state [ 1019.586075][T27458] bridge0: port 1(bridge_slave_0) entered disabled state [ 1019.606440][T27466] netlink: 428 bytes leftover after parsing attributes in process `syz.2.29121'. [ 1019.681374][T27458] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1019.690915][T27458] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1019.710267][T19337] usb 10-1: new high-speed USB device number 34 using dummy_hcd [ 1019.722930][T27472] net_ratelimit: 8 callbacks suppressed [ 1019.722950][T27472] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1019.741328][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1019.807039][T27466] netlink: 12 bytes leftover after parsing attributes in process `syz.2.29121'. [ 1019.811814][ T93] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1019.815842][ T93] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1019.820058][ T93] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1019.831555][ T93] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1019.834376][T27476] netlink: 4 bytes leftover after parsing attributes in process `syz.8.29127'. [ 1019.860204][T19337] usb 10-1: Using ep0 maxpacket: 8 [ 1019.863503][T19337] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 1019.867447][T19337] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 1019.871647][T19337] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1019.874858][T19337] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1019.879255][T19337] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1019.882506][T19337] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1020.096067][T19337] usb 10-1: usb_control_msg returned -32 [ 1020.098347][T19337] usbtmc 10-1:16.0: can't read capabilities [ 1020.221789][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1020.286128][T27449] usb 10-1: usbtmc_ioctl_clear_out_halt returned -32 [ 1020.291849][T19337] usb 10-1: USB disconnect, device number 34 [ 1020.834823][T27533] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.29139'. [ 1021.190686][ T5436] usb 10-1: new high-speed USB device number 35 using dummy_hcd [ 1021.260596][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1021.351421][ T5436] usb 10-1: Using ep0 maxpacket: 8 [ 1021.356214][ T5436] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1021.361113][ T5436] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1021.365357][ T5436] usb 10-1: config 0 interface 0 has no altsetting 0 [ 1021.368194][ T5436] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 1021.373018][ T5436] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1021.378430][ T5436] usb 10-1: config 0 descriptor?? [ 1021.793986][ T5436] mcp2221 0003:04D8:00DD.0022: unknown main item tag 0x0 [ 1021.799345][ T5436] mcp2221 0003:04D8:00DD.0022: unknown main item tag 0x0 [ 1021.802621][ T5436] mcp2221 0003:04D8:00DD.0022: unknown main item tag 0x0 [ 1021.804884][ T5436] mcp2221 0003:04D8:00DD.0022: unknown main item tag 0x0 [ 1021.807163][ T5436] mcp2221 0003:04D8:00DD.0022: unknown main item tag 0x0 [ 1021.810263][ T5436] mcp2221 0003:04D8:00DD.0022: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 1021.813970][T18305] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1021.991501][T27540] i2c i2c-2: unsupported multi-msg i2c transaction [ 1021.999197][T19308] usb 10-1: USB disconnect, device number 35 [ 1022.290921][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1022.770280][T19337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1023.262327][T27639] netlink: 4 bytes leftover after parsing attributes in process `syz.2.29165'. [ 1023.330146][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1023.330451][T27647] netlink: 4 bytes leftover after parsing attributes in process `syz.7.29168'. [ 1023.340660][T27647] netlink: 4 bytes leftover after parsing attributes in process `syz.7.29168'. [ 1023.345721][T27647] netlink: 104 bytes leftover after parsing attributes in process `syz.7.29168'. [ 1023.348728][T27647] netlink: 104 bytes leftover after parsing attributes in process `syz.7.29168'. [ 1023.585066][ C1] vxcan1: j1939_tp_rxtimer: 0xffff888078149800: rx timeout, send abort [ 1023.594558][ C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff888078149800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 1023.657480][T27670] netlink: 212336 bytes leftover after parsing attributes in process `syz.8.29176'. [ 1023.890370][ T4944] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 1024.380316][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1024.609748][ T10] usb 10-1: new high-speed USB device number 36 using dummy_hcd [ 1024.773520][ T10] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1024.777499][ T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1024.782499][ T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1024.787342][ T10] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1024.793088][ T10] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1024.796999][ T10] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1024.801454][ T10] usb 10-1: config 0 descriptor?? [ 1024.803662][T27709] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 1025.218446][ T10] plantronics 0003:047F:FFFF.0023: reserved main item tag 0xd [ 1025.233628][ T10] plantronics 0003:047F:FFFF.0023: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 1025.419832][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1025.485458][T19337] usb 10-1: USB disconnect, device number 36 [ 1025.811377][T19337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1026.450449][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1027.489626][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1028.530266][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1028.849826][T19337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1029.569625][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1030.609212][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1031.410045][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1031.649757][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1031.889187][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1032.689272][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1033.729152][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1033.933146][T27762] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.29187'. [ 1034.044882][T27774] kvm: apic: phys broadcast and lowest prio [ 1034.180273][T27793] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1034.189307][T27793] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1034.195961][T27793] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1034.585230][ T194] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1034.589079][ T194] netdevsim netdevsim2 netdevsim0: unset [1, 2] type 2 family 0 port 39516 - 0 [ 1034.591821][ T194] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1034.594567][ T194] netdevsim netdevsim2 netdevsim1: unset [1, 2] type 2 family 0 port 39516 - 0 [ 1034.597462][ T194] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1034.601297][ T194] netdevsim netdevsim2 netdevsim2: unset [1, 2] type 2 family 0 port 39516 - 0 [ 1034.605483][ T194] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1034.613054][ T194] netdevsim netdevsim2 netdevsim3: unset [1, 2] type 2 family 0 port 39516 - 0 [ 1034.756518][T19308] Process accounting resumed [ 1034.772947][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1034.786255][T27843] Process accounting resumed [ 1035.085391][ T40] audit: type=1326 audit(2000001871.475:22259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27874 comm="syz.7.29227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 1035.097423][ T40] audit: type=1326 audit(2000001871.475:22260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27874 comm="syz.7.29227" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 1035.109202][ T40] audit: type=1326 audit(2000001871.475:22261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27874 comm="syz.7.29227" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fa5fa7 code=0x7ffc0000 [ 1035.128795][ T40] audit: type=1326 audit(2000001871.475:22262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27874 comm="syz.7.29227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 1035.137891][ T40] audit: type=1326 audit(2000001871.475:22263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27874 comm="syz.7.29227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 1035.149389][ T40] audit: type=1326 audit(2000001871.475:22264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27874 comm="syz.7.29227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 1035.168244][ T40] audit: type=1326 audit(2000001871.475:22265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27874 comm="syz.7.29227" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 1035.174995][ T40] audit: type=1326 audit(2000001871.475:22266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27874 comm="syz.7.29227" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fa5fa7 code=0x7ffc0000 [ 1035.182917][ T40] audit: type=1326 audit(2000001871.475:22267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27874 comm="syz.7.29227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 1035.192878][ T40] audit: type=1326 audit(2000001871.475:22268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27874 comm="syz.7.29227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000 [ 1035.551691][T27906] /dev/sr0: Can't open blockdev [ 1035.832965][ T24] net_ratelimit: 1 callbacks suppressed [ 1035.832983][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1035.994368][ T62] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1036.006391][ T62] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1036.022494][ T62] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1036.027154][ T62] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1036.034087][ T62] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1036.208951][T27925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1036.285035][ T93] bridge_slave_1: left promiscuous mode [ 1036.287016][ T93] bridge0: port 2(bridge_slave_1) entered disabled state [ 1036.291728][ T93] bridge_slave_0: left allmulticast mode [ 1036.293458][ T93] bridge_slave_0: left promiscuous mode [ 1036.295428][ T93] bridge0: port 1(bridge_slave_0) entered disabled state [ 1036.492485][ T93] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1036.497273][ T93] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1036.500705][ T93] bond0 (unregistering): Released all slaves [ 1036.527095][T27940] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1036.621679][T27912] lo speed is unknown, defaulting to 1000 [ 1036.855990][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1036.995710][ T5460] 8021q: adding VLAN 0 to HW filter on device eth18 [ 1037.144134][T28065] netlink: 44 bytes leftover after parsing attributes in process `syz.8.29248'. [ 1037.195485][T27912] bridge0: port 1(bridge_slave_0) entered blocking state [ 1037.199402][T27912] bridge0: port 1(bridge_slave_0) entered disabled state [ 1037.202995][T27912] bridge_slave_0: entered allmulticast mode [ 1037.206877][T27912] bridge_slave_0: entered promiscuous mode [ 1037.212821][T27912] bridge0: port 2(bridge_slave_1) entered blocking state [ 1037.216129][T27912] bridge0: port 2(bridge_slave_1) entered disabled state [ 1037.219602][T27912] bridge_slave_1: entered allmulticast mode [ 1037.223719][T27912] bridge_slave_1: entered promiscuous mode [ 1037.310392][T27912] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1037.319570][T27912] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1037.378551][T27912] team0: Port device team_slave_0 added [ 1037.433803][T27912] team0: Port device team_slave_1 added [ 1037.484821][T28162] netlink: 212348 bytes leftover after parsing attributes in process `syz.8.29252'. [ 1037.488714][T28162] openvswitch: netlink: Message has 3 unknown bytes. [ 1037.514801][ T5460] 8021q: adding VLAN 0 to HW filter on device eth19 [ 1037.521581][T27912] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1037.524850][T27912] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1037.538531][T27912] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1037.567835][T27912] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1037.572115][T27912] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1037.583151][T27912] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1037.587445][T28166] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1037.594209][T28166] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1037.597205][T28166] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1037.603302][T28166] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1037.606385][T28166] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1037.614747][T28164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1037.650157][T27912] hsr_slave_0: entered promiscuous mode [ 1037.653507][T27912] hsr_slave_1: entered promiscuous mode [ 1037.656820][T27912] debugfs: 'hsr0' already exists in 'hsr' [ 1037.660505][T27912] Cannot create hsr debugfs directory [ 1037.740970][ T93] hsr_slave_0: left promiscuous mode [ 1037.745964][ T93] hsr_slave_1: left promiscuous mode [ 1037.749172][ T93] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1037.752965][ T93] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1037.998459][ T93] team0 (unregistering): Port device team_slave_1 removed [ 1038.006033][ T93] team0 (unregistering): Port device team_slave_0 removed [ 1038.128141][T18775] Bluetooth: hci3: command tx timeout [ 1038.129751][ T5460] 8021q: adding VLAN 0 to HW filter on device eth20 [ 1038.394488][T28298] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.29258'. [ 1038.487818][T27912] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1038.493123][T27912] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1038.496896][ T5460] 8021q: adding VLAN 0 to HW filter on device eth21 [ 1038.500694][T27912] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1038.539532][T27912] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1038.543380][T27912] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1038.550067][T27912] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1038.553837][T27912] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1038.567747][T27912] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1038.626073][ T93] IPVS: stop unused estimator thread 0... [ 1038.627145][T27912] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1038.641288][T27912] 8021q: adding VLAN 0 to HW filter on device team0 [ 1038.649355][T14934] bridge0: port 1(bridge_slave_0) entered blocking state [ 1038.651812][T14934] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1038.662447][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1038.665419][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1039.033131][T27912] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1039.245781][T27912] veth0_vlan: entered promiscuous mode [ 1039.255148][T27912] veth1_vlan: entered promiscuous mode [ 1039.285212][T27912] veth0_macvtap: entered promiscuous mode [ 1039.291863][T27912] veth1_macvtap: entered promiscuous mode [ 1039.307277][T27912] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1039.316909][T27912] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1039.329457][ T194] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1039.339903][ T194] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1039.348508][ T194] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1039.355668][ T194] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1039.479027][ T93] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1039.496194][ T93] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1039.534249][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1039.541972][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1039.806081][T28377] netlink: 56 bytes leftover after parsing attributes in process `syz.9.29270'. [ 1040.088058][T19337] usb 14-1: new high-speed USB device number 2 using dummy_hcd [ 1040.208037][T18775] Bluetooth: hci3: command tx timeout [ 1040.239904][T19337] usb 14-1: Using ep0 maxpacket: 32 [ 1040.244099][T19337] usb 14-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 1040.251292][T19337] usb 14-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 1040.255630][T19337] usb 14-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 1040.260026][T19337] usb 14-1: Product: syz [ 1040.262085][T19337] usb 14-1: Manufacturer: syz [ 1040.263965][T19337] usb 14-1: SerialNumber: syz [ 1040.268504][T19337] usb 14-1: config 0 descriptor?? [ 1040.273511][T28382] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22 [ 1040.278964][T19337] hub 14-1:0.0: bad descriptor, ignoring hub [ 1040.281581][T19337] hub 14-1:0.0: probe with driver hub failed with error -5 [ 1040.852711][T28430] 9pnet: p9_errstr2errno: server reported unknown error 0x000 [ 1040.947030][T28382] usb 14-1: reset high-speed USB device number 2 using dummy_hcd [ 1041.007663][T28437] veth0_to_bridge: Caught tx_queue_len zero misconfig [ 1041.010781][T19308] net_ratelimit: 4 callbacks suppressed [ 1041.010798][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1041.019699][T24152] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1041.023105][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1041.126952][T28382] usb 14-1: device firmware changed [ 1041.139243][T19337] usb 14-1: USB disconnect, device number 2 [ 1041.278708][T19337] usb 14-1: new high-speed USB device number 3 using dummy_hcd [ 1041.437788][T19337] usb 14-1: Using ep0 maxpacket: 32 [ 1041.444048][T19337] usb 14-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 1041.451787][T19337] usb 14-1: string descriptor 0 read error: -22 [ 1041.454943][T19337] usb 14-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 1041.459204][T19337] usb 14-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 1041.465753][T19337] usb 14-1: config 0 descriptor?? [ 1041.469128][T28419] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22 [ 1041.473357][T19337] hub 14-1:0.0: bad descriptor, ignoring hub [ 1041.475927][T19337] hub 14-1:0.0: probe with driver hub failed with error -5 [ 1041.847871][T19337] usb 14-1: USB disconnect, device number 3 [ 1042.057759][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1042.287706][T18775] Bluetooth: hci3: command tx timeout [ 1043.070297][T28540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.29320'. [ 1043.075020][T14928] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1043.079098][T14928] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1043.083459][T14928] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1043.088390][T14928] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1043.096768][T28540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.29320'. [ 1043.103757][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1043.448976][T28554] netlink: 4 bytes leftover after parsing attributes in process `syz.5.29326'. [ 1043.493342][T28559] netlink: 'syz.5.29328': attribute type 19 has an invalid length. [ 1043.532139][T28561] netlink: 83 bytes leftover after parsing attributes in process `syz.5.29329'. [ 1043.546629][T28564] netlink: 8 bytes leftover after parsing attributes in process `syz.2.29330'. [ 1043.763767][T18775] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 1044.048475][T19337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1044.129656][T12438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1044.310788][ T40] kauditd_printk_skb: 210 callbacks suppressed [ 1044.310807][ T40] audit: type=1326 audit(2000001880.706:22479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28556 comm="syz.9.29327" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8f7c code=0x7fc00000 [ 1044.367892][T18775] Bluetooth: hci3: command tx timeout [ 1044.597753][T28617] /dev/sr0: Can't open blockdev [ 1045.177482][T12438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1045.207605][T19337] usb 10-1: new high-speed USB device number 37 using dummy_hcd [ 1045.357296][T19337] usb 10-1: Using ep0 maxpacket: 8 [ 1045.362129][T19337] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1045.365816][T19337] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1045.369928][T19337] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 1045.374713][T19337] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 1045.379528][T19337] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 1045.383381][T19337] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1045.395282][T19337] hub 10-1:1.0: bad descriptor, ignoring hub [ 1045.398294][T19337] hub 10-1:1.0: probe with driver hub failed with error -5 [ 1045.401834][T19337] cdc_wdm 10-1:1.0: skipping garbage [ 1045.403512][T19337] cdc_wdm 10-1:1.0: skipping garbage [ 1045.406163][T19337] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 1045.410604][T19337] cdc_wdm 10-1:1.0: Unknown control protocol [ 1045.447926][T28667] fuse: Bad value for 'fd' [ 1045.655951][T28677] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29367'. [ 1045.686131][T28677] team0: Port device team_slave_0 removed [ 1045.966032][T28705] Invalid source name [ 1045.972500][T28705] UBIFS error (pid: 28705): cannot open "./file0", error -22 [ 1046.217508][ T5857] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1047.087267][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1047.249628][ T4944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1048.201526][T28777] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1048.211191][T28777] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1048.214934][T28777] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1048.219210][T28777] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1048.222981][T28777] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1048.227162][T28777] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1048.231246][T28777] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1049.109883][T28642] cdc_wdm 10-1:1.0: Error autopm - -16 [ 1049.110139][T12438] usb 10-1: USB disconnect, device number 37 [ 1049.430504][T28829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1049.464533][T28829] tipc: Resetting bearer [ 1049.470390][T28829] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1049.475070][T28829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1049.488887][T28829] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1049.493321][T28829] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1049.498148][T28829] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1049.502434][T28829] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1049.512868][T28829] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1049.519509][T28829] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 1049.525934][T28833] netlink: 20 bytes leftover after parsing attributes in process `syz.8.29408'. [ 1049.533526][ T34] lo speed is unknown, defaulting to 1000 [ 1049.546356][ T34] syz0: Port: 1 Link ACTIVE [ 1049.562368][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1049.570976][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1049.578807][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1049.582515][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1049.859209][ T40] audit: type=1326 audit(2000001886.247:22480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28854 comm="syz.8.29415" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f24f7c code=0x0 [ 1050.229473][ T844] usb 10-1: new high-speed USB device number 38 using dummy_hcd [ 1050.283476][T28894] netlink: 8 bytes leftover after parsing attributes in process `syz.2.29423'. [ 1050.289507][T28894] netlink: 8 bytes leftover after parsing attributes in process `syz.2.29423'. [ 1050.404001][ T844] usb 10-1: config index 0 descriptor too short (expected 39, got 27) [ 1050.412563][ T844] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1050.425914][T28905] bridge11: entered promiscuous mode [ 1050.428977][ T844] usb 10-1: config 0 interface 0 has no altsetting 0 [ 1050.431263][T28905] bridge11: entered allmulticast mode [ 1050.434621][ T844] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1050.438522][ T844] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1050.442018][ T844] usb 10-1: Product: syz [ 1050.443980][ T844] usb 10-1: Manufacturer: syz [ 1050.446067][ T844] usb 10-1: SerialNumber: syz [ 1050.452719][ T844] usb 10-1: config 0 descriptor?? [ 1050.458054][ T844] hub 10-1:0.0: bad descriptor, ignoring hub [ 1050.461620][ T844] hub 10-1:0.0: probe with driver hub failed with error -5 [ 1050.467322][ T844] usb 10-1: selecting invalid altsetting 0 [ 1051.134802][T28872] usb 10-1: reset high-speed USB device number 38 using dummy_hcd [ 1051.314466][T28969] netlink: 4 bytes leftover after parsing attributes in process `syz.8.29438'. [ 1051.391798][T28980] loop5: detected capacity change from 0 to 7 [ 1051.401841][T28980] Dev loop5: unable to read RDB block 7 [ 1051.404937][T28981] net_ratelimit: 250 callbacks suppressed [ 1051.404952][T28981] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1051.405027][T28980] loop5: AHDI p1 [ 1051.410376][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1051.411744][T28980] loop5: partition table partially beyond EOD, truncated [ 1051.414845][T28981] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1051.423514][T28981] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1051.432661][T28981] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1051.436130][T28981] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1051.570539][T28872] usb 10-1: failed to restore interface 0 altsetting 251 (error=-71) [ 1051.582503][ T844] usb 10-1: USB disconnect, device number 38 [ 1052.446669][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1053.168353][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1053.498081][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1054.221752][T29028] loop8: detected capacity change from 0 to 7 [ 1054.232626][T29028] Dev loop8: unable to read RDB block 7 [ 1054.239600][T29028] loop8: AHDI p1 p2 p3 [ 1054.241457][T29028] loop8: partition table partially beyond EOD, truncated [ 1054.244998][T29028] loop8: p1 start 1601398130 is beyond EOD, truncated [ 1054.249222][T29028] loop8: p2 start 1702059890 is beyond EOD, truncated [ 1054.340925][T29028] Dev loop8: unable to read RDB block 7 [ 1054.346180][T29028] loop8: AHDI p1 p2 p3 [ 1054.352216][T29028] loop8: partition table partially beyond EOD, truncated [ 1054.358084][T29028] loop8: p1 start 1601398130 is beyond EOD, truncated [ 1054.361223][T29028] loop8: p2 start 1702059890 is beyond EOD, truncated [ 1054.456589][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1055.065657][T18775] Bluetooth: hci1: unexpected event for opcode 0x041c [ 1055.289693][T29078] /dev/sr0: Can't open blockdev [ 1055.550561][T29114] ip6erspan0: entered allmulticast mode [ 1056.606113][T24903] net_ratelimit: 3 callbacks suppressed [ 1056.606129][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1056.726549][ T50] usb 14-1: new high-speed USB device number 4 using dummy_hcd [ 1056.754237][T29185] serio: Serial port ptm0 [ 1056.886492][ T50] usb 14-1: Using ep0 maxpacket: 8 [ 1056.891032][ T50] usb 14-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1056.896023][ T50] usb 14-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1056.900458][ T50] usb 14-1: config 0 interface 0 has no altsetting 0 [ 1056.903438][ T50] usb 14-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 1056.908047][ T50] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1056.913893][ T50] usb 14-1: config 0 descriptor?? [ 1057.376783][ T50] mcp2221 0003:04D8:00DD.0024: unknown main item tag 0x0 [ 1057.380169][ T50] mcp2221 0003:04D8:00DD.0024: unknown main item tag 0x0 [ 1057.387334][ T50] mcp2221 0003:04D8:00DD.0024: unknown main item tag 0x0 [ 1057.395777][ T50] mcp2221 0003:04D8:00DD.0024: unknown main item tag 0x0 [ 1057.401310][ T50] mcp2221 0003:04D8:00DD.0024: unknown main item tag 0x0 [ 1057.408419][ T50] mcp2221 0003:04D8:00DD.0024: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.9-1/input0 [ 1057.461238][T29230] netlink: 36 bytes leftover after parsing attributes in process `syz.5.29504'. [ 1057.550747][ T50] usb 14-1: USB disconnect, device number 4 [ 1057.648444][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1058.101421][T29299] wg0: Caught tx_queue_len zero misconfig [ 1058.419110][T29331] netlink: 212348 bytes leftover after parsing attributes in process `syz.8.29528'. [ 1058.686502][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1058.796437][ T50] usb 14-1: new high-speed USB device number 5 using dummy_hcd [ 1058.956378][ T50] usb 14-1: Using ep0 maxpacket: 16 [ 1058.962750][ T50] usb 14-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 1058.967423][ T50] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1058.970951][ T50] usb 14-1: Product: syz [ 1058.972918][ T50] usb 14-1: Manufacturer: syz [ 1058.975292][ T50] usb 14-1: SerialNumber: syz [ 1058.981071][ T50] usb 14-1: config 0 descriptor?? [ 1059.247904][ T1486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1059.435615][ T50] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 1059.439846][ T50] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1059.443162][ T50] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 1059.446216][ T50] usb 14-1: media controller created [ 1059.463517][ T50] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1059.576134][ T1486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1059.735681][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1059.802680][T29377] macvlan2: entered promiscuous mode [ 1059.805049][T29377] macvlan2: entered allmulticast mode [ 1059.808597][T29377] team0: Device macvlan2 is already an upper device of the team interface [ 1060.020746][T29344] dtv5100: wlen = 3, aborting. [ 1060.026322][ T50] zl10353_read_register: readreg error (reg=127, ret==0) [ 1060.036978][ T50] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 1060.044809][ T50] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 1060.060142][ T50] usb 14-1: USB disconnect, device number 5 [ 1060.097411][ T50] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 1060.767200][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1061.113837][ T844] kernel write not supported for file /input/mouse0 (pid: 844 comm: kworker/0:2) [ 1061.598292][T29506] lo speed is unknown, defaulting to 1000 [ 1061.816998][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1061.833459][T29548] tipc: Resetting bearer [ 1061.862035][T29548] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 1061.944851][T29560] netlink: 28 bytes leftover after parsing attributes in process `syz.9.29584'. [ 1061.948890][T29560] netlink: 'syz.9.29584': attribute type 7 has an invalid length. [ 1061.951989][T29560] netlink: 'syz.9.29584': attribute type 8 has an invalid length. [ 1061.956004][T29560] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29584'. [ 1061.964643][T29560] erspan0: entered promiscuous mode [ 1061.970712][T29560] gretap0: entered promiscuous mode [ 1061.981085][T29560] erspan0: left promiscuous mode [ 1061.987651][T29560] gretap0: left promiscuous mode [ 1062.285980][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1062.451757][T29582] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1062.454698][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1062.846184][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1062.884471][T29613] input: syz0 as /devices/virtual/input/input149 [ 1063.210531][T29644] netlink: 4 bytes leftover after parsing attributes in process `syz.8.29608'. [ 1063.326508][T29672] overlayfs: failed to clone upperpath [ 1063.393366][T29674] lo speed is unknown, defaulting to 1000 [ 1063.428546][T29684] fuse: Bad value for 'fd' [ 1063.895428][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1064.300404][T19308] hid-generic 0004:FFFFFFFF:0000.0025: unknown main item tag 0x0 [ 1064.303572][T19308] hid-generic 0004:FFFFFFFF:0000.0025: unknown main item tag 0x0 [ 1064.307072][T19308] hid-generic 0004:FFFFFFFF:0000.0025: unknown main item tag 0x0 [ 1064.310418][T19308] hid-generic 0004:FFFFFFFF:0000.0025: unknown main item tag 0x0 [ 1064.313602][T19308] hid-generic 0004:FFFFFFFF:0000.0025: unknown main item tag 0x0 [ 1064.317095][T19308] hid-generic 0004:FFFFFFFF:0000.0025: unknown main item tag 0x0 [ 1064.319764][T19308] hid-generic 0004:FFFFFFFF:0000.0025: unknown main item tag 0x0 [ 1064.322249][T19308] hid-generic 0004:FFFFFFFF:0000.0025: unknown main item tag 0x0 [ 1064.325361][T19308] hid-generic 0004:FFFFFFFF:0000.0025: unknown main item tag 0x0 [ 1064.327932][T19308] hid-generic 0004:FFFFFFFF:0000.0025: unknown main item tag 0x0 [ 1064.332157][T19308] hid-generic 0004:FFFFFFFF:0000.0025: hidraw1: HID v0.00 Device [syz0] on syz0 [ 1064.409910][T29790] netlink: 'syz.5.29637': attribute type 2 has an invalid length. [ 1064.413977][T29790] netlink: 4 bytes leftover after parsing attributes in process `syz.5.29637'. [ 1064.698928][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1064.925145][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1065.329301][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1065.331970][ T1486] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 1065.334955][T18775] Bluetooth: hci1: command 0x0c1a tx timeout [ 1065.336922][ T1486] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 1067.005108][T24903] net_ratelimit: 1 callbacks suppressed [ 1067.005128][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1067.404736][ T1486] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1067.414818][ T1486] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 1067.415001][T18775] Bluetooth: hci0: command 0x0c1a tx timeout [ 1067.694653][T24903] usb 10-1: new high-speed USB device number 39 using dummy_hcd [ 1067.854831][T24903] usb 10-1: Using ep0 maxpacket: 32 [ 1067.859033][T24903] usb 10-1: config index 0 descriptor too short (expected 539, got 27) [ 1067.864635][T24903] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1067.869087][T24903] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1067.876169][T24903] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1067.892395][T24903] usb 10-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 1067.896782][T24903] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1067.899559][T24903] usb 10-1: Product: syz [ 1067.901280][T24903] usb 10-1: Manufacturer: syz [ 1067.903317][T24903] usb 10-1: SerialNumber: syz [ 1067.908683][T24903] usb 10-1: config 0 descriptor?? [ 1067.917058][T29830] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1067.922771][T24903] hub 10-1:0.0: bad descriptor, ignoring hub [ 1067.925527][T24903] hub 10-1:0.0: probe with driver hub failed with error -5 [ 1067.933177][T24903] input: syz syz as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input150 [ 1068.035083][ T24] usb 14-1: new high-speed USB device number 6 using dummy_hcd [ 1068.058125][T13923] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1068.181791][ T10] usb 10-1: USB disconnect, device number 39 [ 1068.181880][ C2] usbtouchscreen 10-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 1068.196437][ T24] usb 14-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1068.200152][ T24] usb 14-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1068.205524][ T24] usb 14-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1068.208357][ T24] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1068.211799][ T24] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1068.216929][ T24] usb 14-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1068.220011][ T24] usb 14-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1068.222520][ T24] usb 14-1: Product: syz [ 1068.224167][ T24] usb 14-1: Manufacturer: syz [ 1068.235931][ T24] cdc_wdm 14-1:1.0: skipping garbage [ 1068.238149][ T24] cdc_wdm 14-1:1.0: skipping garbage [ 1068.240969][ T24] cdc_wdm 14-1:1.0: cdc-wdm0: USB WDM device [ 1068.243533][ T24] cdc_wdm 14-1:1.0: Unknown control protocol [ 1068.261292][T29889] 9p: Bad value for 'rfdno' [ 1068.364918][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1068.510178][T29921] netlink: 'syz.8.29671': attribute type 10 has an invalid length. [ 1068.533012][T29921] veth0_vlan: left promiscuous mode [ 1068.537102][T29921] veth0_vlan: entered promiscuous mode [ 1068.543805][T29921] team0: Device veth0_vlan failed to register rx_handler [ 1068.816335][T29935] fuse: Bad value for 'fd' [ 1069.085012][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1069.100195][ T50] usb 14-1: USB disconnect, device number 6 [ 1069.432694][T29992] lo speed is unknown, defaulting to 1000 [ 1069.467455][T30008] netlink: 5 bytes leftover after parsing attributes in process `syz.5.29691'. [ 1069.491845][T30008] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1069.564692][ T1486] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 1069.567667][ T1486] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 1069.575701][T18775] Bluetooth: hci3: command 0x0c1a tx timeout [ 1069.787350][T30040] syzkaller1: entered promiscuous mode [ 1069.789715][T30040] syzkaller1: entered allmulticast mode [ 1069.808726][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1070.036220][T30055] lo speed is unknown, defaulting to 1000 [ 1070.125159][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1070.159585][T30088] netlink: 212916 bytes leftover after parsing attributes in process `syz.9.29705'. [ 1070.312441][T30102] Invalid argument reading file caps for ./file0 [ 1071.144249][T19308] usb 10-1: new high-speed USB device number 40 using dummy_hcd [ 1071.174436][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1071.296724][T19308] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1071.300549][T19308] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1071.305666][T19308] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1071.310389][T19308] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1071.317199][T19308] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1071.321160][T19308] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1071.326182][T19308] usb 10-1: Product: syz [ 1071.328782][T19308] usb 10-1: Manufacturer: syz [ 1071.337259][T19308] cdc_wdm 10-1:1.0: skipping garbage [ 1071.339995][T19308] cdc_wdm 10-1:1.0: skipping garbage [ 1071.344440][T19308] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 1071.346895][T19308] cdc_wdm 10-1:1.0: Unknown control protocol [ 1071.420991][T30167] netlink: 212916 bytes leftover after parsing attributes in process `syz.8.29726'. [ 1071.548620][ C3] wdm_int_callback: 13255 callbacks suppressed [ 1071.548637][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 1071.552657][ C3] wdm_int_callback: 13255 callbacks suppressed [ 1071.552669][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 1071.556745][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 1071.559093][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 1071.561890][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 1071.564957][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 1071.567701][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 1071.570480][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 1071.573250][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 1071.575384][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 1071.577925][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 1071.580059][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 1071.582857][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 1071.586422][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 1071.589812][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 1071.591974][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 1071.594284][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 1071.596431][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 1071.598567][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 1071.600633][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 1071.603416][T19308] usb 10-1: USB disconnect, device number 40 [ 1071.603470][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 1071.785359][T30194] fuse: Bad value for 'fd' [ 1072.062685][T30209] syzkaller1: entered promiscuous mode [ 1072.066484][T30209] syzkaller1: entered allmulticast mode [ 1072.216992][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1072.774028][ T50] usb 14-1: new high-speed USB device number 7 using dummy_hcd [ 1072.845238][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1072.936228][ T50] usb 14-1: config index 0 descriptor too short (expected 39, got 27) [ 1072.939649][ T50] usb 14-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1072.943479][ T50] usb 14-1: config 0 interface 0 has no altsetting 0 [ 1072.949014][ T50] usb 14-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1072.952288][ T50] usb 14-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1072.956210][ T50] usb 14-1: Product: syz [ 1072.957941][ T50] usb 14-1: Manufacturer: syz [ 1072.959773][ T50] usb 14-1: SerialNumber: syz [ 1072.962954][ T50] usb 14-1: config 0 descriptor?? [ 1072.967372][ T50] hub 14-1:0.0: bad descriptor, ignoring hub [ 1072.969813][ T50] hub 14-1:0.0: probe with driver hub failed with error -5 [ 1072.974802][ T50] usb 14-1: selecting invalid altsetting 0 [ 1073.044585][T18305] usb 10-1: new high-speed USB device number 41 using dummy_hcd [ 1073.203971][T18305] usb 10-1: Using ep0 maxpacket: 8 [ 1073.207274][T18305] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1073.210756][T18305] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1073.214389][T18305] usb 10-1: config 0 interface 0 has no altsetting 0 [ 1073.216412][T18305] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 1073.219202][T18305] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1073.225190][T18305] usb 10-1: config 0 descriptor?? [ 1073.244184][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1073.356960][T30278] loop8: detected capacity change from 0 to 8 [ 1073.364659][T30278] Dev loop8: unable to read RDB block 8 [ 1073.367039][T30278] loop8: unable to read partition table [ 1073.369621][T30278] loop8: partition table beyond EOD, truncated [ 1073.372150][T30278] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 1073.634533][T30244] usb 14-1: reset high-speed USB device number 7 using dummy_hcd [ 1073.648246][T18305] hid_parser_main: 22 callbacks suppressed [ 1073.648272][T18305] mcp2221 0003:04D8:00DD.0026: unknown main item tag 0x0 [ 1073.654764][T18305] mcp2221 0003:04D8:00DD.0026: unknown main item tag 0x0 [ 1073.657870][T18305] mcp2221 0003:04D8:00DD.0026: unknown main item tag 0x0 [ 1073.660729][T18305] mcp2221 0003:04D8:00DD.0026: unknown main item tag 0x0 [ 1073.663655][T18305] mcp2221 0003:04D8:00DD.0026: unknown main item tag 0x0 [ 1073.668512][T18305] mcp2221 0003:04D8:00DD.0026: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 1073.776384][T30309] netlink: 20 bytes leftover after parsing attributes in process `syz.8.29758'. [ 1073.839608][T24903] usb 10-1: USB disconnect, device number 41 [ 1074.284465][T18305] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1074.294308][T19308] usb 14-1: USB disconnect, device number 7 [ 1074.296873][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1074.506251][T30365] lo speed is unknown, defaulting to 1000 [ 1074.542380][T30377] netlink: 5 bytes leftover after parsing attributes in process `syz.8.29768'. [ 1074.566265][T30377] A link change request failed with some changes committed already. Interface 26±ÿÿÿÿa–ïD may have been left with an inconsistent configuration, please check. [ 1074.583320][T30377] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1074.587958][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1074.825578][T19308] usb 10-1: new high-speed USB device number 42 using dummy_hcd [ 1074.916761][T30403] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 1074.965245][ T1486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1074.985937][T19308] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1074.990284][T19308] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1074.999609][T19308] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1075.003760][T19308] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1075.009114][T19308] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1075.018903][T19308] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1075.023498][T19308] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1075.027814][T19308] usb 10-1: Product: syz [ 1075.029747][T19308] usb 10-1: Manufacturer: syz [ 1075.042662][T19308] cdc_wdm 10-1:1.0: skipping garbage [ 1075.045480][T19308] cdc_wdm 10-1:1.0: skipping garbage [ 1075.055078][T19308] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 1075.057796][T19308] cdc_wdm 10-1:1.0: Unknown control protocol [ 1075.856636][ T24] usb 10-1: USB disconnect, device number 42 [ 1076.323093][T30456] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.29784'. [ 1076.447841][T30454] lo speed is unknown, defaulting to 1000 [ 1076.589688][T30503] input: syz0 as /devices/virtual/input/input151 [ 1076.666305][ T34] usb 10-1: new high-speed USB device number 43 using dummy_hcd [ 1076.845305][ T34] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1076.848799][ T34] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1076.852892][ T34] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1076.856769][ T34] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1076.861346][ T34] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1076.868403][ T34] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1076.872133][ T34] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1076.875990][ T34] usb 10-1: Product: syz [ 1076.878011][ T34] usb 10-1: Manufacturer: syz [ 1076.885579][ T34] cdc_wdm 10-1:1.0: skipping garbage [ 1076.890881][ T34] cdc_wdm 10-1:1.0: skipping garbage [ 1076.895003][ T34] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 1076.897859][ T34] cdc_wdm 10-1:1.0: Unknown control protocol [ 1077.405059][ T24] net_ratelimit: 3 callbacks suppressed [ 1077.405078][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1077.754290][ T50] usb 10-1: USB disconnect, device number 43 [ 1078.453364][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1078.544085][ T50] usb 14-1: new high-speed USB device number 8 using dummy_hcd [ 1078.707414][ T50] usb 14-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1078.712683][ T50] usb 14-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1078.722974][ T50] usb 14-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1078.726616][ T50] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1078.731996][ T50] usb 14-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1078.736723][ T50] usb 14-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1078.740351][ T50] usb 14-1: Product: syz [ 1078.742195][ T50] usb 14-1: Manufacturer: syz [ 1078.759962][ T50] cdc_wdm 14-1:1.0: skipping garbage [ 1078.761895][ T50] cdc_wdm 14-1:1.0: skipping garbage [ 1078.766645][ T50] cdc_wdm 14-1:1.0: cdc-wdm0: USB WDM device [ 1078.769216][ T50] cdc_wdm 14-1:1.0: Unknown control protocol [ 1078.923787][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1078.958535][ C1] wdm_int_callback: 5 callbacks suppressed [ 1078.958550][ C1] cdc_wdm 14-1:1.0: nonzero urb status received: -71 [ 1078.962285][ C1] wdm_int_callback: 5 callbacks suppressed [ 1078.962301][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - 0 bytes [ 1078.967303][ C1] cdc_wdm 14-1:1.0: nonzero urb status received: -71 [ 1078.969669][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - 0 bytes [ 1078.972081][ C1] cdc_wdm 14-1:1.0: nonzero urb status received: -71 [ 1078.974697][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - 0 bytes [ 1078.977842][ C1] cdc_wdm 14-1:1.0: nonzero urb status received: -71 [ 1078.980414][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - 0 bytes [ 1078.984028][ C1] cdc_wdm 14-1:1.0: nonzero urb status received: -71 [ 1078.986833][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - 0 bytes [ 1078.989319][ C1] cdc_wdm 14-1:1.0: nonzero urb status received: -71 [ 1078.991597][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - 0 bytes [ 1078.994629][ C1] cdc_wdm 14-1:1.0: nonzero urb status received: -71 [ 1078.996918][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - 0 bytes [ 1078.999353][ C1] cdc_wdm 14-1:1.0: nonzero urb status received: -71 [ 1079.001657][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - 0 bytes [ 1079.004607][ C1] cdc_wdm 14-1:1.0: nonzero urb status received: -71 [ 1079.006894][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - 0 bytes [ 1079.009303][ C1] cdc_wdm 14-1:1.0: nonzero urb status received: -71 [ 1079.011566][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - 0 bytes [ 1079.040060][T30584] netlink: 32 bytes leftover after parsing attributes in process `syz.2.29808'. [ 1079.047286][ T50] usb 14-1: USB disconnect, device number 8 [ 1079.049388][ C1] cdc_wdm 14-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 1079.306667][T30622] netlink: 8 bytes leftover after parsing attributes in process `syz.2.29814'. [ 1079.485187][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1079.546004][T30648] netlink: 68 bytes leftover after parsing attributes in process `syz.2.29822'. [ 1079.872312][T30688] lo speed is unknown, defaulting to 1000 [ 1079.893303][ T844] usb 10-1: new high-speed USB device number 44 using dummy_hcd [ 1079.917405][T30698] netlink: 5 bytes leftover after parsing attributes in process `syz.2.29833'. [ 1079.926227][T30698] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1080.053654][ T844] usb 10-1: Using ep0 maxpacket: 8 [ 1080.053724][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1080.064220][ T844] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1080.067694][ T844] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1080.070788][ T844] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1080.077838][ T844] usb 10-1: config 0 descriptor?? [ 1080.188258][T30736] netlink: 44 bytes leftover after parsing attributes in process `syz.8.29842'. [ 1080.199205][T30736] bridge0: port 2(bridge_slave_1) entered disabled state [ 1080.205522][T30736] bridge0: port 1(bridge_slave_0) entered disabled state [ 1080.250100][T30740] netlink: 44 bytes leftover after parsing attributes in process `syz.8.29842'. [ 1080.308975][ T844] iowarrior 10-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 1080.523249][T19308] usb 10-1: USB disconnect, device number 44 [ 1080.535469][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1081.573137][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1082.283226][ T844] usb 14-1: new high-speed USB device number 9 using dummy_hcd [ 1082.455047][ T844] usb 14-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1082.458580][ T844] usb 14-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1082.461986][ T844] usb 14-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1082.465538][ T844] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1082.473281][T30834] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22 [ 1082.492026][ T844] usb 14-1: Quirk or no altset; falling back to MIDI 1.0 [ 1082.603602][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1082.695712][T24903] usb 14-1: USB disconnect, device number 9 [ 1082.912145][ T34] kernel read not supported for file /sequencer (pid: 34 comm: kworker/3:0) [ 1083.063692][T30897] overlayfs: failed to clone upperpath [ 1083.084143][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1083.488161][T30928] netlink: 4 bytes leftover after parsing attributes in process `syz.8.29889'. [ 1083.645809][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1084.052663][ T24] IPVS: starting estimator thread 0... [ 1084.055045][T31030] tipc: Enabling of bearer rejected, already enabled [ 1084.143341][T31032] IPVS: using max 28 ests per chain, 67200 per kthread [ 1084.533986][T18305] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1084.693786][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1084.765013][ T40] audit: type=1326 audit(2000001921.161:22481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31017 comm="syz.9.29905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8f7c code=0x7fc00000 [ 1085.103444][T31090] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29924'. [ 1085.441251][T31114] loop8: detected capacity change from 0 to 8 [ 1085.452411][T31114] Dev loop8: unable to read RDB block 8 [ 1085.455267][T31114] loop8: unable to read partition table [ 1085.458218][T31114] loop8: partition table beyond EOD, truncated [ 1085.460958][T31114] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 1085.546111][T31120] syzkaller1: entered promiscuous mode [ 1085.547911][T31120] syzkaller1: entered allmulticast mode [ 1085.742707][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1085.767027][T31140] netlink: 20 bytes leftover after parsing attributes in process `syz.9.29937'. [ 1086.076579][T31158] loop8: detected capacity change from 0 to 8 [ 1086.079374][T31158] Dev loop8: unable to read RDB block 8 [ 1086.081236][T31158] loop8: unable to read partition table [ 1086.083331][T31158] loop8: partition table beyond EOD, truncated [ 1086.085659][T31158] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 1086.123457][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1086.763011][T18305] usb 10-1: new high-speed USB device number 45 using dummy_hcd [ 1086.766563][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1086.923045][T18305] usb 10-1: Using ep0 maxpacket: 8 [ 1086.929531][T18305] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1086.934578][T18305] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1086.938721][T18305] usb 10-1: config 0 interface 0 has no altsetting 0 [ 1086.941197][T18305] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 1086.944588][T18305] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1086.948940][T18305] usb 10-1: config 0 descriptor?? [ 1087.096574][T31222] netlink: 20 bytes leftover after parsing attributes in process `syz.2.29960'. [ 1087.381221][T18305] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0 [ 1087.386000][T18305] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0 [ 1087.388320][T18305] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0 [ 1087.390727][T18305] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0 [ 1087.398248][T18305] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0 [ 1087.401061][T18305] mcp2221 0003:04D8:00DD.0027: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 1087.414535][T27772] udevd[27772]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 1087.442318][ T34] usb 14-1: new full-speed USB device number 10 using dummy_hcd [ 1087.547996][T31264] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1087.550731][T31264] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1087.570769][T31192] i2c i2c-2: unsupported multi-msg i2c transaction [ 1087.576299][T18305] usb 10-1: USB disconnect, device number 45 [ 1087.607270][ T34] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1087.622866][ T34] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1087.628662][ T34] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1087.635078][ T34] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1087.681229][T31282] net_ratelimit: 1 callbacks suppressed [ 1087.681246][T31282] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1087.689256][T31282] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1087.752772][T24903] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 1087.803292][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1087.812002][T24152] kernel write not supported for file bpf-prog (pid: 24152 comm: kworker/1:4) [ 1087.856977][ T34] usb 14-1: usb_control_msg returned -32 [ 1087.862250][ T34] usbtmc 14-1:16.0: can't read capabilities [ 1088.842468][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1089.162634][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1089.883018][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1090.216043][ T34] usb 14-1: USB disconnect, device number 10 [ 1090.922077][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1091.962168][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1092.206879][T26037] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1093.002278][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1094.041907][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1094.122675][ T5436] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1095.081860][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1095.241652][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1096.131486][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1097.161672][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1098.134641][T31362] overlayfs: failed to resolve './cgroup': -2 [ 1098.214287][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1098.282483][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1098.337974][T31371] netlink: 'syz.9.29985': attribute type 58 has an invalid length. [ 1098.751726][T31407] overlay: filesystem on ./bus not supported as upperdir [ 1098.977888][T31427] sctp: [Deprecated]: syz.5.30003 (pid 31427) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1098.977888][T31427] Use struct sctp_sack_info instead [ 1098.986420][T31427] sctp: [Deprecated]: syz.5.30003 (pid 31427) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1098.986420][T31427] Use struct sctp_sack_info instead [ 1099.242019][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1099.474939][T31460] netlink: 9 bytes leftover after parsing attributes in process `syz.2.30015'. [ 1099.478089][T31460] gretap0: entered promiscuous mode [ 1099.485247][T31460] netlink: 5 bytes leftover after parsing attributes in process `syz.2.30015'. [ 1099.487994][T31460] 0ªî{X¹¦: renamed from gretap0 [ 1099.499175][T31460] 0ªî{X¹¦: left promiscuous mode [ 1099.501878][T31460] 0ªî{X¹¦: entered allmulticast mode [ 1099.504549][T31460] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 1099.871826][T31478] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1100.281934][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1100.901795][T31560] batadv_slave_0 (unregistering): left promiscuous mode [ 1101.113159][T31572] syzkaller1: entered promiscuous mode [ 1101.120688][T31572] syzkaller1: entered allmulticast mode [ 1101.321017][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.323613][T19308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1102.194543][T31665] overlayfs: failed to clone upperpath [ 1102.362214][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1102.522103][T31697] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1102.750481][T24903] usb 10-1: new full-speed USB device number 46 using dummy_hcd [ 1102.908434][T24903] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1102.912643][T24903] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1102.918241][T24903] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1102.922975][T24903] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1103.045774][T31718] block nbd2: Receive control failed (result -32) [ 1103.048441][ T62] block nbd2: Receive control failed (result -32) [ 1103.050393][ T5767] block nbd2: Receive control failed (result -32) [ 1103.163836][T24903] usb 10-1: usb_control_msg returned -32 [ 1103.168974][T24903] usbtmc 10-1:16.0: can't read capabilities [ 1103.205582][ T40] audit: type=1326 audit(2000001939.603:22482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31730 comm="syz.8.30106" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24f7c code=0x7ffc0000 [ 1103.217112][ T40] audit: type=1326 audit(2000001939.603:22483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31730 comm="syz.8.30106" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24f7c code=0x7ffc0000 [ 1103.227327][ T40] audit: type=1326 audit(2000001939.603:22484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31730 comm="syz.8.30106" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f24f7c code=0x7ffc0000 [ 1103.236941][ T40] audit: type=1326 audit(2000001939.603:22485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31730 comm="syz.8.30106" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24f7c code=0x7ffc0000 [ 1103.246790][ T40] audit: type=1326 audit(2000001939.603:22486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31730 comm="syz.8.30106" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24f7c code=0x7ffc0000 [ 1103.256115][ T40] audit: type=1326 audit(2000001939.603:22487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31730 comm="syz.8.30106" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f24f7c code=0x7ffc0000 [ 1103.400810][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1103.560945][ T40] audit: type=1326 audit(2000001939.963:22488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31730 comm="syz.8.30106" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24f7c code=0x7ffc0000 [ 1103.578579][ T40] audit: type=1326 audit(2000001939.963:22489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31730 comm="syz.8.30106" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24f7c code=0x7ffc0000 [ 1103.731234][ T5436] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1103.800415][ T5767] Bluetooth: hci4: command 0x1003 tx timeout [ 1103.800454][T18775] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 1104.105558][T31755] openvswitch: netlink: Message has 4 unknown bytes. [ 1104.108548][T31755] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1104.362271][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1104.443304][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1104.703931][T31797] [ 1104.704939][T31797] ====================================================== [ 1104.707627][T31797] WARNING: possible circular locking dependency detected [ 1104.710562][T31797] syzkaller #0 Tainted: G L [ 1104.713548][T31797] ------------------------------------------------------ [ 1104.716815][T31797] syz.9.30125/31797 is trying to acquire lock: [ 1104.719619][T31797] ffffffff8e9b0d20 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc_node_noprof+0x53/0x6f0 [ 1104.723857][T31797] [ 1104.723857][T31797] but task is already holding lock: [ 1104.726868][T31797] ffff888063015360 (sk_lock-AF_INET6){+.+.}-{0:0}, at: tcp_close+0x1d/0x110 [ 1104.730428][T31797] [ 1104.730428][T31797] which lock already depends on the new lock. [ 1104.730428][T31797] [ 1104.734861][T31797] [ 1104.734861][T31797] the existing dependency chain (in reverse order) is: [ 1104.739222][T31797] [ 1104.739222][T31797] -> #6 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 1104.743399][T31797] lock_sock_nested+0x41/0xf0 [ 1104.746257][T31797] inet_shutdown+0x67/0x410 [ 1104.748628][T31797] nbd_mark_nsock_dead+0xae/0x5c0 [ 1104.751046][T31797] sock_shutdown+0x16b/0x200 [ 1104.753473][T31797] nbd_config_put+0x1eb/0x750 [ 1104.756002][T31797] nbd_genl_connect+0xaf8/0x1a40 [ 1104.758377][T31797] genl_family_rcv_msg_doit+0x214/0x300 [ 1104.760809][T31797] genl_rcv_msg+0x560/0x800 [ 1104.763062][T31797] netlink_rcv_skb+0x159/0x420 [ 1104.765656][T31797] genl_rcv+0x28/0x40 [ 1104.768006][T31797] netlink_unicast+0x585/0x850 [ 1104.770665][T31797] netlink_sendmsg+0x8b0/0xda0 [ 1104.772877][T31797] ____sys_sendmsg+0x9e1/0xb70 [ 1104.775224][T31797] ___sys_sendmsg+0x190/0x1e0 [ 1104.777446][T31797] __sys_sendmsg+0x170/0x220 [ 1104.779621][T31797] __do_fast_syscall_32+0xe7/0x970 [ 1104.781986][T31797] do_fast_syscall_32+0x32/0x70 [ 1104.784291][T31797] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1104.787084][T31797] [ 1104.787084][T31797] -> #5 (&nsock->tx_lock){+.+.}-{4:4}: [ 1104.790404][T31797] __mutex_lock+0x1a4/0x1b10 [ 1104.792752][T31797] nbd_queue_rq+0x428/0x1080 [ 1104.795019][T31797] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 1104.797844][T31797] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 1104.800653][T31797] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 1104.803280][T31797] blk_mq_run_hw_queue+0x23c/0x670 [ 1104.805562][T31797] blk_mq_dispatch_list+0x51d/0x1360 [ 1104.807941][T31797] blk_mq_flush_plug_list+0x130/0x600 [ 1104.810248][T31797] __blk_flush_plug+0x2c4/0x4b0 [ 1104.812545][T31797] __submit_bio+0x584/0x6c0 [ 1104.814740][T31797] submit_bio_noacct_nocheck+0x543/0xbf0 [ 1104.817378][T31797] submit_bio_noacct+0xd18/0x2000 [ 1104.819628][T31797] submit_bh_wbc+0x681/0x890 [ 1104.821695][T31797] block_read_full_folio+0x264/0x8e0 [ 1104.824085][T31797] filemap_read_folio+0xfc/0x3b0 [ 1104.826656][T31797] do_read_cache_folio+0x2d7/0x6b0 [ 1104.828932][T31797] read_part_sector+0xd1/0x370 [ 1104.831126][T31797] adfspart_check_ICS+0x91/0x7d0 [ 1104.833367][T31797] bdev_disk_changed+0x7a3/0x1250 [ 1104.835644][T31797] blkdev_get_whole+0x187/0x290 [ 1104.837848][T31797] bdev_open+0x2c7/0xe40 [ 1104.839800][T31797] blkdev_open+0x34e/0x4f0 [ 1104.841826][T31797] do_dentry_open+0x6ab/0x14d0 [ 1104.843989][T31797] vfs_open+0x82/0x3f0 [ 1104.845911][T31797] path_openat+0x208c/0x31a0 [ 1104.847999][T31797] do_file_open+0x20e/0x430 [ 1104.850255][T31797] do_sys_openat2+0x10d/0x1e0 [ 1104.852657][T31797] __x64_sys_openat+0x12d/0x210 [ 1104.855001][T31797] do_syscall_64+0x115/0x840 [ 1104.857164][T31797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1104.859817][T31797] [ 1104.859817][T31797] -> #4 (&cmd->lock){+.+.}-{4:4}: [ 1104.862798][T31797] __mutex_lock+0x1a4/0x1b10 [ 1104.865089][T31797] nbd_queue_rq+0xba/0x1080 [ 1104.867437][T31797] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 1104.870391][T31797] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 1104.873566][T31797] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 1104.876184][T31797] blk_mq_run_hw_queue+0x23c/0x670 [ 1104.878502][T31797] blk_mq_dispatch_list+0x51d/0x1360 [ 1104.880921][T31797] blk_mq_flush_plug_list+0x130/0x600 [ 1104.883513][T31797] __blk_flush_plug+0x2c4/0x4b0 [ 1104.885719][T31797] __submit_bio+0x584/0x6c0 [ 1104.887815][T31797] submit_bio_noacct_nocheck+0x543/0xbf0 [ 1104.890520][T31797] submit_bio_noacct+0xd18/0x2000 [ 1104.892807][T31797] submit_bh_wbc+0x681/0x890 [ 1104.894989][T31797] block_read_full_folio+0x264/0x8e0 [ 1104.897448][T31797] filemap_read_folio+0xfc/0x3b0 [ 1104.899866][T31797] do_read_cache_folio+0x2d7/0x6b0 [ 1104.902339][T31797] read_part_sector+0xd1/0x370 [ 1104.904734][T31797] adfspart_check_ICS+0x91/0x7d0 [ 1104.907029][T31797] bdev_disk_changed+0x7a3/0x1250 [ 1104.909353][T31797] blkdev_get_whole+0x187/0x290 [ 1104.911624][T31797] bdev_open+0x2c7/0xe40 [ 1104.913631][T31797] blkdev_open+0x34e/0x4f0 [ 1104.915848][T31797] do_dentry_open+0x6ab/0x14d0 [ 1104.918069][T31797] vfs_open+0x82/0x3f0 [ 1104.920040][T31797] path_openat+0x208c/0x31a0 [ 1104.922168][T31797] do_file_open+0x20e/0x430 [ 1104.924793][T31797] do_sys_openat2+0x10d/0x1e0 [ 1104.927498][T31797] __x64_sys_openat+0x12d/0x210 [ 1104.929785][T31797] do_syscall_64+0x115/0x840 [ 1104.931941][T31797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1104.934661][T31797] [ 1104.934661][T31797] -> #3 (set->srcu){.+.+}-{0:0}: [ 1104.937510][T31797] __synchronize_srcu+0xa2/0x300 [ 1104.939673][T31797] blk_mq_quiesce_queue+0x149/0x1c0 [ 1104.941933][T31797] elevator_switch+0x17b/0x7e0 [ 1104.944173][T31797] elevator_change+0x352/0x530 [ 1104.946417][T31797] elevator_set_default+0x29e/0x360 [ 1104.948745][T31797] blk_register_queue+0x48e/0x630 [ 1104.951134][T31797] __add_disk+0x73f/0xe40 [ 1104.953286][T31797] add_disk_fwnode+0x118/0x5c0 [ 1104.955541][T31797] nbd_dev_add+0x77a/0xb10 [ 1104.957625][T31797] nbd_init+0x291/0x2b0 [ 1104.959562][T31797] do_one_initcall+0x121/0x750 [ 1104.961668][T31797] kernel_init_freeable+0x6ea/0x7b0 [ 1104.963840][T31797] kernel_init+0x1f/0x1e0 [ 1104.965648][T31797] ret_from_fork+0x72b/0xd50 [ 1104.967572][T31797] ret_from_fork_asm+0x1a/0x30 [ 1104.969362][T31797] [ 1104.969362][T31797] -> #2 (&q->elevator_lock){+.+.}-{4:4}: [ 1104.972008][T31797] __mutex_lock+0x1a4/0x1b10 [ 1104.973910][T31797] elevator_change+0x1bc/0x530 [ 1104.975877][T31797] elevator_set_none+0x92/0xf0 [ 1104.977556][T31797] blk_mq_update_nr_hw_queues+0x4c1/0x15f0 [ 1104.979509][T31797] nbd_start_device+0x1a6/0xbd0 [ 1104.981162][T31797] nbd_genl_connect+0xff2/0x1a40 [ 1104.982843][T31797] genl_family_rcv_msg_doit+0x214/0x300 [ 1104.984920][T31797] genl_rcv_msg+0x560/0x800 [ 1104.986495][T31797] netlink_rcv_skb+0x159/0x420 [ 1104.988468][T31797] genl_rcv+0x28/0x40 [ 1104.990291][T31797] netlink_unicast+0x585/0x850 [ 1104.992402][T31797] netlink_sendmsg+0x8b0/0xda0 [ 1104.994536][T31797] ____sys_sendmsg+0x9e1/0xb70 [ 1104.996676][T31797] ___sys_sendmsg+0x190/0x1e0 [ 1104.998824][T31797] __sys_sendmsg+0x170/0x220 [ 1105.000966][T31797] __do_fast_syscall_32+0xe7/0x970 [ 1105.003373][T31797] do_fast_syscall_32+0x32/0x70 [ 1105.005860][T31797] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1105.009389][T31797] [ 1105.009389][T31797] -> #1 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 1105.013071][T31797] blk_alloc_queue+0x610/0x790 [ 1105.015417][T31797] blk_mq_alloc_queue+0x174/0x290 [ 1105.017469][T31797] __blk_mq_alloc_disk+0x29/0x120 [ 1105.019611][T31797] nbd_dev_add+0x492/0xb10 [ 1105.021655][T31797] nbd_init+0x291/0x2b0 [ 1105.023651][T31797] do_one_initcall+0x121/0x750 [ 1105.025847][T31797] kernel_init_freeable+0x6ea/0x7b0 [ 1105.028235][T31797] kernel_init+0x1f/0x1e0 [ 1105.030372][T31797] ret_from_fork+0x72b/0xd50 [ 1105.032928][T31797] ret_from_fork_asm+0x1a/0x30 [ 1105.035573][T31797] [ 1105.035573][T31797] -> #0 (fs_reclaim){+.+.}-{0:0}: [ 1105.038783][T31797] __lock_acquire+0x14b8/0x2630 [ 1105.041025][T31797] lock_acquire+0x1b1/0x370 [ 1105.043108][T31797] fs_reclaim_acquire+0xc4/0x100 [ 1105.045373][T31797] kmem_cache_alloc_node_noprof+0x53/0x6f0 [ 1105.047934][T31797] __alloc_skb+0x140/0x710 [ 1105.049719][T31797] tcp_send_active_reset+0x8b/0xa50 [ 1105.051837][T31797] __tcp_close+0x41e/0x1110 [ 1105.053893][T31797] tcp_close+0x28/0x110 [ 1105.055806][T31797] inet_release+0xed/0x200 [ 1105.057882][T31797] inet6_release+0x4f/0x70 [ 1105.059935][T31797] __sock_release+0xb3/0x260 [ 1105.062049][T31797] sock_close+0x1c/0x30 [ 1105.064028][T31797] __fput+0x3ff/0xb50 [ 1105.066067][T31797] task_work_run+0x150/0x240 [ 1105.068132][T31797] exit_to_user_mode_loop+0x157/0x670 [ 1105.070398][T31797] __do_fast_syscall_32+0x701/0x970 [ 1105.072488][T31797] do_fast_syscall_32+0x32/0x70 [ 1105.074491][T31797] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1105.077055][T31797] [ 1105.077055][T31797] other info that might help us debug this: [ 1105.077055][T31797] [ 1105.080332][T31797] Chain exists of: [ 1105.080332][T31797] fs_reclaim --> &nsock->tx_lock --> sk_lock-AF_INET6 [ 1105.080332][T31797] [ 1105.084390][T31797] Possible unsafe locking scenario: [ 1105.084390][T31797] [ 1105.086814][T31797] CPU0 CPU1 [ 1105.088542][T31797] ---- ---- [ 1105.090265][T31797] lock(sk_lock-AF_INET6); [ 1105.091881][T31797] lock(&nsock->tx_lock); [ 1105.094487][T31797] lock(sk_lock-AF_INET6); [ 1105.097408][T31797] lock(fs_reclaim); [ 1105.099077][T31797] [ 1105.099077][T31797] *** DEADLOCK *** [ 1105.099077][T31797] [ 1105.102653][T31797] 2 locks held by syz.9.30125/31797: [ 1105.104558][T31797] #0: ffff8880132bef80 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 1105.107805][T31797] #1: ffff888063015360 (sk_lock-AF_INET6){+.+.}-{0:0}, at: tcp_close+0x1d/0x110 [ 1105.110613][T31797] [ 1105.110613][T31797] stack backtrace: [ 1105.112444][T31797] CPU: 1 UID: 0 PID: 31797 Comm: syz.9.30125 Tainted: G L syzkaller #0 PREEMPT(full) [ 1105.112461][T31797] Tainted: [L]=SOFTLOCKUP [ 1105.112465][T31797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 1105.112472][T31797] Call Trace: [ 1105.112478][T31797] [ 1105.112485][T31797] dump_stack_lvl+0x100/0x190 [ 1105.112499][T31797] print_circular_bug.cold+0x178/0x1c7 [ 1105.112519][T31797] check_noncircular+0x146/0x160 [ 1105.112535][T31797] ? inet6_release+0x4f/0x70 [ 1105.112550][T31797] __lock_acquire+0x14b8/0x2630 [ 1105.112570][T31797] lock_acquire+0x1b1/0x370 [ 1105.112587][T31797] ? kmem_cache_alloc_node_noprof+0x53/0x6f0 [ 1105.112606][T31797] ? lock_acquire+0x1b1/0x370 [ 1105.112624][T31797] fs_reclaim_acquire+0xc4/0x100 [ 1105.112637][T31797] ? kmem_cache_alloc_node_noprof+0x53/0x6f0 [ 1105.112655][T31797] kmem_cache_alloc_node_noprof+0x53/0x6f0 [ 1105.112673][T31797] ? __alloc_skb+0x140/0x710 [ 1105.112684][T31797] __alloc_skb+0x140/0x710 [ 1105.112693][T31797] ? __alloc_skb+0x5b7/0x710 [ 1105.112703][T31797] ? __pfx___alloc_skb+0x10/0x10 [ 1105.112712][T31797] ? skb_attempt_defer_free+0x310/0x830 [ 1105.112728][T31797] tcp_send_active_reset+0x8b/0xa50 [ 1105.112744][T31797] __tcp_close+0x41e/0x1110 [ 1105.112756][T31797] tcp_close+0x28/0x110 [ 1105.112767][T31797] inet_release+0xed/0x200 [ 1105.112783][T31797] inet6_release+0x4f/0x70 [ 1105.112796][T31797] __sock_release+0xb3/0x260 [ 1105.112808][T31797] ? __pfx_sock_close+0x10/0x10 [ 1105.112819][T31797] sock_close+0x1c/0x30 [ 1105.112829][T31797] __fput+0x3ff/0xb50 [ 1105.112845][T31797] ? _raw_spin_unlock_irq+0x23/0x50 [ 1105.112860][T31797] task_work_run+0x150/0x240 [ 1105.112871][T31797] ? __pfx_task_work_run+0x10/0x10 [ 1105.112882][T31797] ? rcu_is_watching+0x12/0xc0 [ 1105.112895][T31797] exit_to_user_mode_loop+0x157/0x670 [ 1105.112913][T31797] ? rcu_is_watching+0x12/0xc0 [ 1105.112925][T31797] __do_fast_syscall_32+0x701/0x970 [ 1105.112943][T31797] do_fast_syscall_32+0x32/0x70 [ 1105.112959][T31797] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1105.112974][T31797] RIP: 0023:0xf7fa8f7c [ 1105.112984][T31797] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 1105.112994][T31797] RSP: 002b:00000000fff56b2c EFLAGS: 00000202 ORIG_RAX: 00000000000001b4 [ 1105.113005][T31797] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e [ 1105.113016][T31797] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1105.113023][T31797] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1105.113029][T31797] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1105.113036][T31797] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1105.113046][T31797] [ 1105.285096][T26702] usb 10-1: USB disconnect, device number 46 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1105.484508][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1105.571766][T18472] bond0: (slave syz_tun): Releasing backup interface [ 1105.574655][T18472] bond0: (slave syz_tun): the permanent HWaddr of slave - aa:aa:aa:aa:aa:aa - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 1105.582658][T18472] syz_tun (unregistering): left promiscuous mode [ 1105.618277][ T13] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1105.717619][ T13] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1105.775743][ T13] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1105.857569][ T13] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1105.939211][ T13] bridge_slave_1: left allmulticast mode [ 1105.941720][ T13] bridge_slave_1: left promiscuous mode [ 1105.944224][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 1105.948518][ T13] bridge_slave_0: left allmulticast mode [ 1105.951232][ T13] bridge_slave_0: left promiscuous mode [ 1105.953639][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 1106.064377][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1106.070606][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1106.075793][ T13] bond0 (unregistering): Released all slaves [ 1106.237657][ T5460] 8021q: adding VLAN 0 to HW filter on device eth22 [ 1106.354026][ T13] hsr_slave_0: left promiscuous mode [ 1106.358628][ T13] hsr_slave_1: left promiscuous mode [ 1106.363365][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1106.366523][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1106.370464][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1106.373673][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1106.383078][ T13] veth1_macvtap: left promiscuous mode [ 1106.385307][ T13] veth0_macvtap: left promiscuous mode [ 1106.387643][ T13] veth1_vlan: left promiscuous mode [ 1106.389745][ T13] veth0_vlan: left promiscuous mode [ 1106.497446][ T13] team0 (unregistering): Port device team_slave_1 removed [ 1106.536886][T24903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1106.579898][ T5460] 8021q: adding VLAN 0 to HW filter on device eth23 [ 1106.745419][ T5460] 8021q: adding VLAN 0 to HW filter on device eth24 [ 1106.910049][ T5460] 8021q: adding VLAN 0 to HW filter on device eth25 [ 1107.121493][ T13] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1107.193102][ T13] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1107.265191][ T13] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1107.343073][ T13] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1107.400647][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1107.442010][ T13] bridge_slave_1: left allmulticast mode [ 1107.444439][ T13] bridge_slave_1: left promiscuous mode [ 1107.446954][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 1107.452096][ T13] bridge_slave_0: left allmulticast mode [ 1107.454744][ T13] bridge_slave_0: left promiscuous mode [ 1107.457496][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 1107.672790][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1107.677766][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1107.682426][ T13] bond0 (unregistering): Released all slaves [ 1107.686789][ T13] bond1 (unregistering): Released all slaves [ 1107.693001][ T13] bond2 (unregistering): Released all slaves [ 1107.848765][ T5460] 8021q: adding VLAN 0 to HW filter on device eth26 [ 1107.966024][ T13] hsr_slave_0: left promiscuous mode [ 1107.968582][ T13] hsr_slave_1: left promiscuous mode [ 1107.971223][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1107.974174][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1107.977578][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1107.982796][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1107.988757][ T13] veth1_macvtap: left promiscuous mode [ 1107.991420][ T13] veth0_macvtap: left promiscuous mode [ 1107.993686][ T13] veth1_vlan: left promiscuous mode [ 1108.133897][ T13] team0 (unregistering): Port device team_slave_1 removed [ 1108.152521][ T13] team0 (unregistering): Port device team_slave_0 removed [ 1108.277714][ T5460] 8021q: adding VLAN 0 to HW filter on device eth27 [ 1108.451078][ T5460] 8021q: adding VLAN 0 to HW filter on device eth28 [ 1108.622221][ T5460] 8021q: adding VLAN 0 to HW filter on device eth29