last executing test programs: 12m11.92290375s ago: executing program 2 (id=114): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x22400) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081) close(r1) 12m11.555745727s ago: executing program 2 (id=117): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000400)=ANY=[@ANYBLOB="5402000017000100000000000040523ee83c00000000000000000000000000010000000000000000ac141400000000000000000000000000fc020000000000000003000000000000e000000200001000000000000000000000000000000000080a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1242ffff040000000000000000000037660b6aff000000000000000000000000000000000000000002000020", @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000e027030000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000065"], 0x254}}, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fcdbdf254400000008000300", @ANYRES32=r2, @ANYBLOB="0a001800030303030303000004005a8020005a8018000080140005"], 0x4c}}, 0x4040810) 12m11.317088128s ago: executing program 2 (id=120): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x3, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}, 0x1, 0x0, 0x0, 0x4000850}, 0x490) close_range(r0, 0xffffffffffffffff, 0x0) 12m11.006266251s ago: executing program 2 (id=123): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000340)=@abs={0x1, 0x0, 0x104e22}, 0x6e) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000002c0)=0x20) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 12m10.849079231s ago: executing program 2 (id=124): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$TCFLSH(r1, 0x400455c8, 0x1000000001) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0xfe) 12m10.445330166s ago: executing program 2 (id=129): openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x42, 0x0) r0 = syz_io_uring_setup(0x4169, &(0x7f0000000200)={0x0, 0x0, 0x10100, 0x0, 0x200000}, &(0x7f0000000480), &(0x7f0000000000)=0x0) syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x95b0, 0x1000}, &(0x7f0000000340)=0x0, &(0x7f0000000040)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x48e9, 0x0, 0x0, 0x0, 0x0) 12m9.90665744s ago: executing program 32 (id=129): openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x42, 0x0) r0 = syz_io_uring_setup(0x4169, &(0x7f0000000200)={0x0, 0x0, 0x10100, 0x0, 0x200000}, &(0x7f0000000480), &(0x7f0000000000)=0x0) syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x95b0, 0x1000}, &(0x7f0000000340)=0x0, &(0x7f0000000040)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x48e9, 0x0, 0x0, 0x0, 0x0) 11m39.218301877s ago: executing program 1 (id=343): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xb, 0x8, 0xc, 0x4, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x44f}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x4}, 0x48) 11m39.022595889s ago: executing program 1 (id=346): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='percpu_create_chunk\x00', r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, r0}, 0x50) 11m37.706850272s ago: executing program 1 (id=352): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8) sendto$inet6(r0, &(0x7f0000000140)="f4", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00'}, 0x1c) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x0, 0x2ce9}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={0x0, 0x9, 0x2ce8}, 0x8) 11m37.066262054s ago: executing program 1 (id=357): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f0000000340)='./file0\x00') mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0) 11m36.718379601s ago: executing program 1 (id=361): r0 = syz_usb_connect$hid(0x0, 0x90, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000105804125000000000000109022400010000c04009040000010300000009210900000122a00009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="0000d2"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/devices\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000740)=[{&(0x7f0000000440)=""/113, 0x71}], 0x1, 0x401, 0x0) 11m35.80572588s ago: executing program 1 (id=366): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt(r0, 0x200000000114, 0x2713, 0x0, &(0x7f0000000400)) 11m34.982895373s ago: executing program 33 (id=366): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt(r0, 0x200000000114, 0x2713, 0x0, &(0x7f0000000400)) 8m28.660656989s ago: executing program 6 (id=2173): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) msync(&(0x7f0000003000/0x1000)=nil, 0xffffffffdfffcfff, 0x0) 8m28.224208845s ago: executing program 6 (id=2174): r0 = syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000040)={0xc5, 0x3}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) r2 = syz_pidfd_open(r0, 0x0) pidfd_getfd(r2, r2, 0x0) 8m27.895856738s ago: executing program 6 (id=2177): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="8200000000000000f3000040"]) 8m27.894327694s ago: executing program 5 (id=2178): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prlimit64(0x0, 0xf, &(0x7f0000000180)={0x6, 0xa53c}, 0x0) r0 = socket$netlink(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000002011d0400000000000000000200000024000180140001"], 0x38}}, 0x0) 8m27.591683563s ago: executing program 5 (id=2182): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) socketpair$unix(0x1, 0x2, 0x0, 0x0) unshare(0x22020600) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)=@o_path={&(0x7f0000000040)='./file0\x00', r0, 0x4000, r1}, 0x18) 8m27.365188836s ago: executing program 6 (id=2184): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1a8584c, 0x0) 8m27.364741096s ago: executing program 5 (id=2185): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000008c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$unix(0x1, 0x2, 0x0) recvmsg$unix(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x40000002) bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 8m27.180972701s ago: executing program 6 (id=2188): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0x7) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0x10000) ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, "0400"}) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)) 8m26.897269988s ago: executing program 6 (id=2192): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000015c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) sendmsg$tipc(r0, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xd24}, {0x0, 0x4000}, {0x0, 0x21}, {0x0}, {&(0x7f00000020c0)}], 0x5}, 0x0) 8m26.640074704s ago: executing program 34 (id=2192): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000015c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) sendmsg$tipc(r0, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xd24}, {0x0, 0x4000}, {0x0, 0x21}, {0x0}, {&(0x7f00000020c0)}], 0x5}, 0x0) 8m26.393479235s ago: executing program 5 (id=2196): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00') 8m26.164746296s ago: executing program 5 (id=2199): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 8m25.49513602s ago: executing program 5 (id=2207): openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/bus/input/devices\x00', 0x0, 0x0) r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x100, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x75fa, 0xe475, 0x0, 0x0, 0x0) 8m24.925108144s ago: executing program 35 (id=2207): openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/bus/input/devices\x00', 0x0, 0x0) r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x100, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x75fa, 0xe475, 0x0, 0x0, 0x0) 8.137790756s ago: executing program 8 (id=7658): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d05c164a534308", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000004c00)=[{{0x0, 0x0, &(0x7f0000000240)}, 0x2ca998c3}], 0x4000032, 0x40000021, 0x0) r2 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0xc000200a}) 5.426517085s ago: executing program 3 (id=7683): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$dsp(r1, &(0x7f00000004c0)='\x00', 0x1) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000240)={0x1, 0x1fffffe, 0x2, 0x80000000006, 0x8000000000000000, 0x100000001, 0xfffdfffffffffffb, 0x0, 0x0, 0x1000000000004, 0x6, 0x1}) ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) 5.060011213s ago: executing program 0 (id=7686): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000300)=""/54, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000600)={0x1, 0x0, [{0xf07b50f87586d41a, 0x98, &(0x7f00000006c0)=""/152}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000500)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f00000002c0)=0x4000000) 4.808937349s ago: executing program 0 (id=7687): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000100)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f0000000240)="94", 0x1) vmsplice(r3, &(0x7f0000000380)=[{&(0x7f0000013580)="0dd2e7c8926dc6acd0ae6c178054e95986faff9544de5fc4c30adf404da41181a77466ac5075905ea5f50134fdd517a957fe2ee59b61f9fe8d7aabe595ea23de2723e437af0423a56686a4c2d957be1a0ab922fbbd3cb1d8c6ab0d58440a327c8eb05d445b4ac5f20abe449e4084f8b996268d0564f67980d3ed3479e0edfe5cec7b4f89bface391c9c4c58ad123b91c33173c72326d1df18804a9ea20f9ece48f784d8ca2318e3d2b316666b5dfb7295c4915989d5bcb120e8fedaa97b93a137c256ce4", 0x20013644}, {&(0x7f0000013680)="c578381bf5113dad8319d9ea5294285ae9a90384ce23866477bef9de4399237d8b3522c9c194e71edaf3332a2f169682f9d8fa271683d4d441b710409e506333e0c3b64e52e8720734b6787f4a84f5bebb046649c6c697d978affd349031b2cd874c7a8961a586a9f2d62f945e7a5bf2f5f7a31684c0503704881d2578a2a98ac3ef4e4a4b0dcdb70db735d5c1652eed3848b2dd4131bb0eb7cfadfaf5", 0x9d}], 0x2, 0x0) tee(r1, r3, 0x2, 0x100000000000003) 4.562002014s ago: executing program 3 (id=7689): r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x5b04, 0x0) syz_usb_disconnect(r0) pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="d6", 0x1}, {0x0}], 0x2, 0x7fff, 0x2) 4.56126753s ago: executing program 0 (id=7691): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000140)=0x39b0, 0x4) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000200)={{0x2, 0x4e20, @local}, {0x6, @remote}, 0x20, {0x2, 0x4e24, @broadcast}, 'xfrm0\x00'}) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) 4.3294705s ago: executing program 0 (id=7694): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x88000, 0xb2) prlimit64(0x0, 0x1, &(0x7f00000003c0)={0x6, 0xffff}, 0x0) r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff) write$binfmt_script(r2, &(0x7f00000003c0)={'#! ', './file1'}, 0xb) close(r2) execveat$binfmt(r0, r1, 0x0, 0x0, 0x0) 4.152466757s ago: executing program 0 (id=7697): r0 = io_uring_setup(0x2e34, &(0x7f0000000180)) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r2, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0xd6, 0x1c, 0xd, 0x5, 0x401, 0xfff5, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x9aa1, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r2, r3], 0x2, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000340)={0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b14fea7a1316b81525ccf0f8b91fd2eddb851ba62b00d87337407214ea270251"}}) close_range(r0, 0xffffffffffffffff, 0x0) 3.953822271s ago: executing program 0 (id=7699): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x4c) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d05c164a534308", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000004c00)=[{{0x0, 0x0, &(0x7f0000000240)}, 0x2ca998c3}], 0x4000032, 0x40000021, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4051}, 0x20008001) recvmsg$can_raw(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000340)=""/197, 0xc5}], 0x1}, 0x1) 2.726181621s ago: executing program 4 (id=7708): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000740)='hybla\x00', 0x6) sendto$inet6(r1, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x6}, 0x1c) 2.590409853s ago: executing program 7 (id=7709): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'}) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) 2.586702577s ago: executing program 4 (id=7710): pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r1, 0x0, r0, 0x0, 0x6, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3ff) fcntl$setstatus(r0, 0x4, 0x7c00) dup3(r1, r0, 0x0) sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0400"], 0x1c}, 0x1, 0x0, 0x0, 0x80000}, 0x4000000) 2.418809033s ago: executing program 7 (id=7711): syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2d, 0x0, 0x0, 0x6}]}, 0xfffffffffffffeea) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47bc, 0xfac7, 0x0, 0x0, 0x0) 2.31880013s ago: executing program 4 (id=7712): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) timer_settime(0x0, 0x1, 0x0, 0x0) r1 = syz_io_uring_setup(0xec5, &(0x7f0000000000), &(0x7f0000000080)=0x0, &(0x7f0000000340)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x4000, &(0x7f00000001c0), 0x1, 0x40}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r1, 0x2, 0x10a5, 0x3, 0x0, 0x0) 1.208055558s ago: executing program 8 (id=7713): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df}) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000000c0)={0x800080, 0x80, 0xffffffbc, 0x7, 0x0, 0x55a}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f0000000bc0)={0x800080, 0x858, 0x8, 0x7, 0x43, 0x558}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 1.207886249s ago: executing program 3 (id=7714): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x68, 0x18, &(0x7f00000004c0)={@flat=@weak_binder={0x77622a85, 0x1000, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x48, 0x2, 0x23}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0x48}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0}) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f0032"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0) 1.077559969s ago: executing program 3 (id=7715): r0 = socket$inet(0x2, 0x3, 0x2) r1 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="120000000a0000000400000002"], 0x48) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa00"], 0x1c) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2}}}}}, 0x0) 1.07701046s ago: executing program 4 (id=7716): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0)=0x6) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) read$dsp(r1, &(0x7f0000001380)=""/229, 0xe5) 1.065342921s ago: executing program 8 (id=7717): r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102) writev(r0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) ioctl$UFFDIO_CONTINUE(r1, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) 927.983728ms ago: executing program 3 (id=7718): syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), 0x0, 0x4000040}, 0x0) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}}) 881.437948ms ago: executing program 8 (id=7719): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0xfffffead, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000040000000c"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 868.125938ms ago: executing program 7 (id=7720): mkdir(&(0x7f0000000140)='./control\x00', 0x0) mkdir(&(0x7f0000002880)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0) chroot(&(0x7f00000001c0)='./file0/../file0/../file0\x00') pivot_root(&(0x7f0000000000)='./control\x00', &(0x7f0000000040)='./control\x00') 863.840044ms ago: executing program 4 (id=7721): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000140)={r1, 0x1, 0x6, @local}, 0x10) r2 = socket$phonet(0x23, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'hsr0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000200)={r3, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x10) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000580)={r1, 0x1, 0x6, @local}, 0x10) 601.930323ms ago: executing program 7 (id=7722): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@private2, @in=@multicast2, 0x0, 0x20, 0x1, 0x0, 0xa, 0x20, 0x0, 0x6, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x400000000, 0x40000008, 0x0, 0x7fffffffffffffff, 0x6, 0xffffffff}, {0x0, 0x0, 0x1, 0x1}, 0x0, 0x4}, {{@in=@private=0xa010101, 0xffffffff, 0x62}, 0x2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x3507, 0x0, 0x3, 0x0, 0xfffffffe, 0x6}}, 0xe8) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8d}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0xeeee0000, 0x20008, 0xba2, 0x8c5f, 0x0, [{0x46, 0x3, 0x1}, {0x0, 0xe, 0x6, '\x00', 0xf8}, {0x60, 0x3, 0x0, '\x00', 0xbd}, {0x7, 0x4, 0x9, '\x00', 0xd}, {0x5, 0x9, 0x4, '\x00', 0x5}, {0x3, 0x40, 0x71, '\x00', 0x5}, {0x7, 0xf, 0xfd, '\x00', 0xf9}, {0x7, 0xc6, 0x1, '\x00', 0x5}, {0x7, 0xfb, 0x7, '\x00', 0x2}, {0xfe, 0x1, 0x6, '\x00', 0x4}, {0x1, 0x4e, 0x0, '\x00', 0x2}, {0x9, 0x30, 0x5, '\x00', 0x3}, {0xfa, 0x2, 0x8, '\x00', 0x7}, {0x80, 0x2, 0x80, '\x00', 0x4}, {0x1, 0x8, 0x3, '\x00', 0x6}, {0x7, 0xf1, 0x8, '\x00', 0x4}, {0x2, 0x7, 0x8, '\x00', 0x3}, {0x5, 0x6, 0x9, '\x00', 0x48}, {0x90, 0x0, 0x81, '\x00', 0x26}, {0xa, 0xff, 0x5}, {0x0, 0x4, 0x3, '\x00', 0x6a}, {0x7, 0x35, 0x7a, '\x00', 0x7}, {0x4, 0x7, 0x5, '\x00', 0xf}, {0x8, 0x2, 0x0, '\x00', 0x2}]}}) 546.143469ms ago: executing program 8 (id=7723): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) io_setup(0x8, &(0x7f0000004200)=0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') io_submit(r1, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) umount2(&(0x7f0000000000)='./file0\x00', 0x0) 470.976737ms ago: executing program 3 (id=7724): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1}) r1 = dup(r0) mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r1, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x0) 282.335134ms ago: executing program 7 (id=7725): r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000240)={0x1, 0x0, 0x203, 0xfffd, 0xffffffffffffffff, 0x200000000000008, 0xfffffffffffffffd, 0x200, 0x8, 0x2c, 0x80000005, 0x1}) 128.195414ms ago: executing program 4 (id=7726): read$FUSE(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x408880, 0x40) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) mount(0x0, &(0x7f0000000080)='./cgroup\x00', 0x0, 0x10, 0x0) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8}) 17.649705ms ago: executing program 8 (id=7727): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) recvfrom(r2, 0x0, 0x600, 0x0, 0x0, 0x0) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0xfd45}}, 0x0) 0s ago: executing program 7 (id=7728): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) r2 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x80000000}) connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) kernel console output (not intermixed with test programs): get.8: fail, usb_ep_enable returned -22 [ 530.518371][ T24] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 530.527027][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 530.679081][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 530.724668][ T24] usb 9-1: USB disconnect, device number 16 [ 530.735488][ T30] audit: type=1326 audit(530.680:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16966 comm="syz.3.4252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6f3b18eb69 code=0x7fc00000 [ 531.242066][ T30] audit: type=1326 audit(531.190:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17025 comm="syz.4.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 531.292974][ T30] audit: type=1326 audit(531.220:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17025 comm="syz.4.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 531.343246][ T30] audit: type=1326 audit(531.220:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17025 comm="syz.4.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 531.394223][ T30] audit: type=1326 audit(531.220:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17025 comm="syz.4.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 531.480209][ T30] audit: type=1326 audit(531.220:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17025 comm="syz.4.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 531.515180][ T30] audit: type=1326 audit(531.220:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17025 comm="syz.4.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 531.574987][ T30] audit: type=1326 audit(531.220:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17025 comm="syz.4.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 531.642439][ T30] audit: type=1326 audit(531.220:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17025 comm="syz.4.4276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 531.809378][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 531.826979][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 531.960100][T17045] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 532.534331][T17061] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4288'. [ 532.552631][T17063] batadv_slave_1: entered promiscuous mode [ 532.761548][T17062] batadv_slave_1: left promiscuous mode [ 532.972554][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 533.178401][T17084] Invalid ELF header len 4 [ 533.290066][T17086] IPVS: Scheduler module ip_vs_sip not found [ 533.326109][T17088] IPVS: length: 8 != 1690580952 [ 533.874590][T17105] netlink: 104 bytes leftover after parsing attributes in process `syz.7.4303'. [ 534.135730][T12292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 534.394053][T17127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 534.605990][ T5928] usb 9-1: new high-speed USB device number 17 using dummy_hcd [ 534.776030][ T5928] usb 9-1: Using ep0 maxpacket: 16 [ 534.795021][ T5928] usb 9-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 534.818117][ T5928] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 534.845460][ T5928] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 534.882002][ T5928] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 534.901224][ T5928] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 534.928111][ T5928] usb 9-1: Product: syz [ 534.932548][ T5928] usb 9-1: Manufacturer: syz [ 534.955487][ T5928] usb 9-1: SerialNumber: syz [ 535.006924][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 535.016102][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 535.254401][T17151] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4320'. [ 535.328713][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 535.379510][ T5928] usb 9-1: 0:2 : does not exist [ 535.644049][ T1225] hid-generic 0000:0000:0000.002E: unknown main item tag 0x0 [ 535.670396][ T1225] hid-generic 0000:0000:0000.002E: hidraw0: HID v0.00 Device [syz1] on syz0 [ 536.215049][ T5928] usb 9-1: USB disconnect, device number 17 [ 536.286276][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 536.371647][T17186] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 536.491274][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 536.978231][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 537.201688][T17215] 9pnet_fd: Insufficient options for proto=fd [ 537.648512][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 538.777104][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 538.904353][T17267] ptrace attach of "./syz-executor exec"[17268] was attempted by "./syz-executor exec"[17267] [ 539.684477][ T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1) [ 539.950748][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 540.139809][T17299] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4380'. [ 540.523761][T17299] bridge_slave_1: left allmulticast mode [ 540.542911][T17299] bridge_slave_1: left promiscuous mode [ 540.587987][T17299] bridge0: port 2(bridge_slave_1) entered disabled state [ 540.670601][T17299] bridge_slave_0: left allmulticast mode [ 540.719297][T17299] bridge_slave_0: left promiscuous mode [ 540.747659][T17299] bridge0: port 1(bridge_slave_0) entered disabled state [ 540.766162][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 540.783419][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 541.168855][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 541.168877][ T30] audit: type=1326 audit(541.120:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17321 comm="syz.7.4393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bdf58eb69 code=0x7fc00000 [ 541.228860][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 541.525570][ T10] usb 9-1: new high-speed USB device number 18 using dummy_hcd [ 541.685559][ T10] usb 9-1: Using ep0 maxpacket: 8 [ 541.703247][ T10] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 541.775670][ T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 541.793443][ T30] audit: type=1326 audit(541.730:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17321 comm="syz.7.4393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6bdf58eb69 code=0x7fc00000 [ 541.849342][ T10] pvrusb2: Hardware description: Terratec Grabster AV400 [ 541.875566][ T10] pvrusb2: ********** [ 541.895134][ T10] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 541.993107][ T10] pvrusb2: Important functionality might not be entirely working. [ 542.042292][ T10] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 542.090809][ T10] pvrusb2: ********** [ 542.100857][ T2343] pvrusb2: Invalid write control endpoint [ 542.224629][ T2343] pvrusb2: Invalid write control endpoint [ 542.248310][ T2343] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 542.273213][ T2343] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 542.284407][ T2343] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 542.336291][T17346] Bluetooth: hci0: invalid length 0, exp 2 for type 16 [ 542.339926][ T2343] pvrusb2: Device being rendered inoperable [ 542.354125][ T10] usb 9-1: USB disconnect, device number 18 [ 542.377612][ T2343] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 542.401139][ T2343] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 542.449511][ T2343] pvrusb2: Attached sub-driver cx25840 [ 542.515532][ T2343] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 542.548531][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 542.557304][ T2343] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 542.671687][T17352] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4403'. [ 542.706004][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 543.133976][T17365] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 543.192273][T17370] fuse: Bad value for 'fd' [ 543.709216][T12292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 544.840070][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 546.117677][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 546.536087][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 546.544684][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 547.267668][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 548.137794][T17491] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4464'. [ 548.397967][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 548.446619][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 549.580914][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 549.705880][ T24] usb 4-1: new full-speed USB device number 48 using dummy_hcd [ 549.888059][ T24] usb 4-1: config 1 has an invalid descriptor of length 116, skipping remainder of the config [ 549.919556][ T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 549.943933][ T24] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 549.995630][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 550.042879][ T24] usb 4-1: Product: syz [ 550.052140][ T24] usb 4-1: Manufacturer: syz [ 550.067635][ T24] usb 4-1: SerialNumber: syz [ 550.298191][ T24] usb 4-1: 0:2 : does not exist [ 550.324897][ T24] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 550.367115][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 550.406819][ T24] usb 4-1: USB disconnect, device number 48 [ 550.687879][T17575] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4497'. [ 550.830867][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 551.731484][T17606] relay: one or more items not logged [item size (56) > sub-buffer size (10)] [ 551.976784][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 552.286246][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 552.296769][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 552.688781][T17642] use of bytesused == 0 is deprecated and will be removed in the future, [ 552.699328][T17642] use the actual size instead. [ 553.096983][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.498900][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.886852][T17679] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4544'. [ 554.205992][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 554.218307][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 555.370144][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 556.127455][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 556.471791][T17737] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4569'. [ 556.551428][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 556.827008][T17745] overlayfs: failed to clone lowerpath [ 557.138000][T17749] IPv6: addrconf: prefix option has invalid lifetime [ 557.224341][T17751] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 557.406173][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 557.723881][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 557.759719][T17757] mac80211_hwsim hwsim3 `ëÿÿ: renamed from wlan1 [ 558.049271][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 558.687229][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 558.925154][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 559.005915][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 559.015271][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 559.024330][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 559.774603][T17789] Invalid ELF header magic: != ELF [ 559.844154][T17789] Invalid ELF header magic: != ELF [ 560.896406][T17819] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4602'. [ 561.308077][T17829] netlink: 208424 bytes leftover after parsing attributes in process `syz.8.4607'. [ 561.340192][T17829] netlink: 'syz.8.4607': attribute type 1 has an invalid length. [ 561.361979][T17829] netlink: 'syz.8.4607': attribute type 2 has an invalid length. [ 561.385705][T17829] netlink: 'syz.8.4607': attribute type 3 has an invalid length. [ 561.410489][T17829] netlink: 'syz.8.4607': attribute type 4 has an invalid length. [ 562.386723][T12296] net_ratelimit: 103 callbacks suppressed [ 562.386746][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 562.533243][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 563.067317][T17882] IPv6: NLM_F_REPLACE set, but no existing node found! [ 563.173498][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.184848][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.571430][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 563.814507][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 563.985833][T17894] dummy0: entered promiscuous mode [ 564.013228][T17894] macsec1: entered promiscuous mode [ 564.018946][T12344] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 564.057249][T17894] macsec1: entered allmulticast mode [ 564.089261][T17894] dummy0: entered allmulticast mode [ 564.140871][T17894] dummy0: left allmulticast mode [ 564.157041][T17894] dummy0: left promiscuous mode [ 564.204616][T12344] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 564.235764][T12344] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 564.298680][T12344] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 564.323713][T12344] usb 4-1: config 0 descriptor?? [ 564.333966][T12344] pwc: Askey VC010 type 2 USB webcam detected. [ 564.454307][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 564.763222][T12344] pwc: recv_control_msg error -32 req 02 val 2b00 [ 564.782242][T12344] pwc: recv_control_msg error -32 req 02 val 2700 [ 564.792962][T12344] pwc: recv_control_msg error -32 req 02 val 2c00 [ 564.871566][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 564.873392][T17903] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4638'. [ 565.018145][T12344] pwc: recv_control_msg error -71 req 04 val 1300 [ 565.063750][T12344] pwc: recv_control_msg error -71 req 04 val 1400 [ 565.076706][T12344] pwc: recv_control_msg error -71 req 02 val 2000 [ 565.113530][T12344] pwc: recv_control_msg error -71 req 02 val 2100 [ 565.140023][T12344] pwc: recv_control_msg error -71 req 04 val 1500 [ 565.197292][T12344] pwc: recv_control_msg error -71 req 02 val 2500 [ 565.219811][T12344] pwc: recv_control_msg error -71 req 02 val 2400 [ 565.265679][T12344] pwc: recv_control_msg error -71 req 02 val 2600 [ 565.283281][T12344] pwc: recv_control_msg error -71 req 02 val 2900 [ 565.328034][T12344] pwc: recv_control_msg error -71 req 02 val 2800 [ 565.359656][T12344] pwc: recv_control_msg error -71 req 04 val 1100 [ 565.405909][T12344] pwc: recv_control_msg error -71 req 04 val 1200 [ 565.445758][T12344] pwc: Registered as video103. [ 565.453549][T12344] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input59 [ 565.506656][T12344] usb 4-1: USB disconnect, device number 49 [ 565.779231][T17917] netlink: 'syz.7.4644': attribute type 12 has an invalid length. [ 565.805783][T17917] netlink: 'syz.7.4644': attribute type 29 has an invalid length. [ 565.848325][T17917] netlink: 148 bytes leftover after parsing attributes in process `syz.7.4644'. [ 565.868311][T17917] netlink: 'syz.7.4644': attribute type 1 has an invalid length. [ 565.885741][T17917] netlink: 'syz.7.4644': attribute type 2 has an invalid length. [ 565.904027][T17917] netlink: 7 bytes leftover after parsing attributes in process `syz.7.4644'. [ 566.051243][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 566.110440][T17923] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 567.006528][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 567.207797][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 567.485586][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.236270][ T1225] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 568.289158][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.349240][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.446660][ T1225] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 568.491530][ T1225] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 568.556870][ T1225] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 568.595461][ T1225] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 568.638558][ T1225] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 568.671055][ T1225] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 568.700364][ T1225] usb 4-1: Manufacturer: syz [ 568.734821][ T1225] usb 4-1: config 0 descriptor?? [ 568.845962][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.854535][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.928734][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 569.180595][T17997] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4680'. [ 569.212504][ T1225] appleir 0003:05AC:8243.002F: unknown main item tag 0x0 [ 569.273885][ T1225] appleir 0003:05AC:8243.002F: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 569.528150][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 569.567262][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 570.062028][ T10] usb 4-1: USB disconnect, device number 50 [ 570.906033][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 571.011955][T18033] xt_hashlimit: size too large, truncated to 1048576 [ 571.955962][T12344] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0 [ 571.985881][T12344] hid-generic 0000:0000:0000.0030: hidraw0: HID v0.00 Device [syz1] on syz0 [ 572.039788][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 572.766329][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 573.165734][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.045496][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.056541][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.312485][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.686614][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.696456][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 575.325580][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 575.333935][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 575.446842][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 576.256252][T18161] netlink: 'syz.3.4749': attribute type 1 has an invalid length. [ 576.462429][T18161] 8021q: adding VLAN 0 to HW filter on device bond1 [ 576.592953][T18164] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.664566][T18164] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.705766][T18164] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.737187][T18164] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.762032][T18164] bond1: (slave geneve2): making interface the new active one [ 576.812396][T18164] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 577.367144][T18180] hsr0: entered allmulticast mode [ 577.405232][T18180] hsr_slave_0: entered allmulticast mode [ 577.446346][T18180] hsr_slave_1: entered allmulticast mode [ 577.485962][T18184] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4760'. [ 577.505892][T12344] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 577.534565][T18182] hsr_slave_0: left promiscuous mode [ 577.550740][T18182] hsr_slave_1: left promiscuous mode [ 577.666498][T18182] hsr0 (unregistering): left allmulticast mode [ 577.675557][T12344] usb 4-1: Using ep0 maxpacket: 16 [ 577.685780][T12344] usb 4-1: config 6 has an invalid interface number: 43 but max is 0 [ 577.700451][T12344] usb 4-1: config 6 has no interface number 0 [ 577.707686][T12344] usb 4-1: config 6 interface 43 altsetting 170 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 577.719899][T12344] usb 4-1: config 6 interface 43 has no altsetting 0 [ 577.734150][T12344] usb 4-1: string descriptor 0 read error: -71 [ 577.741204][T12344] usb 4-1: New USB device found, idVendor=2304, idProduct=023b, bcdDevice=7b.5c [ 577.777933][T12344] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 577.823703][T12344] usb 4-1: rejected 1 configuration due to insufficient available bus power [ 577.852680][T12344] usb 4-1: no configuration chosen from 1 choice [ 577.872155][T12344] usb 4-1: USB disconnect, device number 51 [ 578.211465][T18195] fuse: Bad value for 'fd' [ 578.434904][ T30] audit: type=1326 audit(834.380:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18200 comm="syz.3.4767" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x0 [ 578.525090][T18208] netlink: 'syz.8.4769': attribute type 1 has an invalid length. [ 578.537125][ T36] net_ratelimit: 2 callbacks suppressed [ 578.537147][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 578.592679][T18208] 8021q: adding VLAN 0 to HW filter on device bond2 [ 578.629721][T18208] bond2: (slave gretap1): making interface the new active one [ 578.642698][T18208] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 578.683774][T18208] syz.8.4769 (18208) used greatest stack depth: 19048 bytes left [ 578.848454][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 579.031364][ T30] audit: type=1326 audit(834.980:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18222 comm="syz.4.4776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 579.085805][ T10] usb 9-1: new high-speed USB device number 19 using dummy_hcd [ 579.095123][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 579.108798][ T30] audit: type=1326 audit(834.980:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18222 comm="syz.4.4776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 579.162214][ T30] audit: type=1326 audit(834.980:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18222 comm="syz.4.4776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 579.241688][ T30] audit: type=1326 audit(834.980:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18222 comm="syz.4.4776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 579.285767][ T10] usb 9-1: Using ep0 maxpacket: 16 [ 579.305479][ T10] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 579.337225][ T10] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 579.366969][ T10] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 579.375821][ T30] audit: type=1326 audit(834.980:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18222 comm="syz.4.4776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 579.378528][ T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 579.465461][ T30] audit: type=1326 audit(834.980:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18222 comm="syz.4.4776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 579.472173][ T10] usb 9-1: Product: syz [ 579.523984][ T10] usb 9-1: Manufacturer: syz [ 579.539295][ T10] usb 9-1: SerialNumber: syz [ 579.539589][ T30] audit: type=1326 audit(834.980:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18222 comm="syz.4.4776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 579.649555][ T30] audit: type=1326 audit(835.060:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18222 comm="syz.4.4776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 579.719579][ T30] audit: type=1326 audit(835.090:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18222 comm="syz.4.4776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 579.769789][ T10] usb 9-1: 0:2 : does not exist [ 579.790539][ T10] usb 9-1: 5:0: failed to get current value for ch 0 (-22) [ 579.848977][ T10] usb 9-1: USB disconnect, device number 19 [ 579.977462][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 580.446374][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 580.454802][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 580.467212][T18260] input: syz1 as /devices/virtual/input/input60 [ 581.096911][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 581.428202][T18285] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 581.472550][T18286] dvmrp0: entered allmulticast mode [ 581.489421][T18273] delete_channel: no stack [ 582.266075][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 583.635695][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 584.286396][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 584.295194][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 584.622655][T18379] overlayfs: failed to clone upperpath [ 584.779394][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 585.904090][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 586.205672][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 586.217977][T12292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 586.235834][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 586.581395][T18452] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 586.654746][T18456] netlink: 96 bytes leftover after parsing attributes in process `syz.7.4873'. [ 587.047317][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 587.631949][T18483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4884'. [ 588.760306][ T5928] kernel write not supported for file bpf-prog (pid: 5928 comm: kworker/1:4) [ 589.412827][T12315] net_ratelimit: 3 callbacks suppressed [ 589.412851][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 589.656225][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 590.051692][T18564] Invalid ELF header magic: != ELF [ 590.058564][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 590.448847][T18575] overlayfs: failed to clone lowerpath [ 590.825716][T18589] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4929'. [ 590.852154][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 590.852197][ T30] audit: type=1804 audit(846.800:958): pid=18591 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.4930" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="ramfs" ino=66224 res=1 errno=0 [ 590.928188][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 591.055835][ T10] usb 9-1: new high-speed USB device number 20 using dummy_hcd [ 591.240043][ T10] usb 9-1: Using ep0 maxpacket: 32 [ 591.284667][ T10] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 591.314794][ T10] usb 9-1: config 0 has no interface number 0 [ 591.331996][ T10] usb 9-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 591.355638][ T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 591.378043][ T10] usb 9-1: Product: syz [ 591.391502][ T10] usb 9-1: Manufacturer: syz [ 591.405543][ T10] usb 9-1: SerialNumber: syz [ 591.429327][ T10] usb 9-1: config 0 descriptor?? [ 591.477806][ T10] usb 9-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 591.493929][ T10] usb 9-1: selecting invalid altsetting 1 [ 591.507660][ T10] usb 9-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 591.563080][ T10] usb 9-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 591.597961][ T10] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 591.641952][ T10] usb 9-1: media controller created [ 591.762449][ T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 591.897751][ T10] usb 9-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 591.915252][ T10] zl10353_read_register: readreg error (reg=127, ret==-32) [ 591.965508][ T10] usb 9-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 591.975987][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 591.984797][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 592.116623][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 592.245497][ T10] usb 9-1: USB disconnect, device number 20 [ 593.259326][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 593.597834][T18657] input: syz0 as /devices/virtual/input/input61 [ 593.980202][T18667] sit0: entered promiscuous mode [ 594.031746][T18667] netlink: 'syz.8.4964': attribute type 1 has an invalid length. [ 594.092892][T18667] netlink: 1 bytes leftover after parsing attributes in process `syz.8.4964'. [ 594.319643][T18674] overlayfs: failed to clone upperpath [ 594.427576][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 594.499759][T18683] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 594.509345][T18683] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 594.518216][T18683] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 594.527153][T18683] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 594.560863][T18683] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 594.832705][ T30] audit: type=1800 audit(850.780:959): pid=18697 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.4978" name="nullb0" dev="tmpfs" ino=5599 res=0 errno=0 [ 594.930544][T18700] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 595.015251][T18704] overlayfs: failed to clone upperpath [ 595.056229][T18703] netlink: 'syz.0.4980': attribute type 3 has an invalid length. [ 595.168893][T12292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 595.177094][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 595.546400][T12292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 595.753268][T18744] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4997'. [ 596.666852][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 597.012122][T18789] 9pnet_fd: Insufficient options for proto=fd [ 597.045085][T18791] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 597.194941][T18799] Invalid ELF header len 8 [ 597.742901][T18816] 9pnet: p9_errstr2errno: server reported unknown error 1844674 [ 598.470015][T18847] veth1_to_bond: entered allmulticast mode [ 598.483244][T18847] veth1_to_bond: entered promiscuous mode [ 598.507109][T18847] bridge_slave_0: entered promiscuous mode [ 598.519469][T18846] bridge_slave_0: left promiscuous mode [ 598.533975][T18846] veth1_to_bond: left promiscuous mode [ 598.542184][T18846] veth1_to_bond: left allmulticast mode [ 600.048818][T12292] net_ratelimit: 6 callbacks suppressed [ 600.048843][T12292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 600.845904][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 600.926161][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 600.935450][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 601.183687][T18935] netlink: 'syz.3.5075': attribute type 10 has an invalid length. [ 601.260735][T18935] hsr0: entered promiscuous mode [ 601.266178][T18935] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 601.277029][T12292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 601.343061][T18935] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 601.386044][T18935] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 601.636812][T18954] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5082'. [ 602.429424][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 602.770741][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 602.846191][T12292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 603.566596][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 604.708557][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 604.775844][T19063] netlink: 'syz.3.5129': attribute type 1 has an invalid length. [ 605.117116][T19073] netlink: 'syz.0.5134': attribute type 30 has an invalid length. [ 605.627710][T19090] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5138'. [ 605.769749][T19093] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5140'. [ 605.897952][T12306] net_ratelimit: 1 callbacks suppressed [ 605.897968][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 606.337390][ T6004] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 606.498098][ T6004] usb 4-1: Using ep0 maxpacket: 32 [ 606.518163][ T6004] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 606.562998][ T6004] usb 4-1: config 0 has no interface number 0 [ 606.631604][ T6004] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 606.673788][ T6004] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 606.690649][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 606.702553][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 606.712431][ T6004] usb 4-1: Product: syz [ 606.718321][ T6004] usb 4-1: Manufacturer: syz [ 606.723426][ T6004] usb 4-1: SerialNumber: syz [ 606.737889][ T6004] usb 4-1: config 0 descriptor?? [ 606.759112][ T6004] smsc95xx v2.0.0 [ 607.045993][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 607.178806][ T6004] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 607.200541][ T6004] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 607.852609][ T6004] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000104: -71 [ 607.886074][ T6004] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71 [ 607.925975][ T6004] usb 4-1: USB disconnect, device number 52 [ 608.175036][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 608.606608][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 608.618881][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 609.164688][ T30] audit: type=1326 audit(865.110:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19191 comm="syz.4.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 609.240908][ T30] audit: type=1326 audit(865.110:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19191 comm="syz.4.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 609.270651][ T30] audit: type=1326 audit(865.110:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19191 comm="syz.4.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 609.299426][ T30] audit: type=1326 audit(865.110:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19191 comm="syz.4.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 609.323484][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 609.354166][ T30] audit: type=1326 audit(865.110:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19191 comm="syz.4.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 609.376848][T19195] syz.3.5183 (19195) used greatest stack depth: 15736 bytes left [ 609.421095][ T30] audit: type=1326 audit(865.150:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19191 comm="syz.4.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 609.490247][ T30] audit: type=1326 audit(865.170:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19191 comm="syz.4.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 609.502093][T19201] netlink: 277 bytes leftover after parsing attributes in process `syz.0.5185'. [ 609.545085][ T30] audit: type=1326 audit(865.180:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19191 comm="syz.4.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 609.582289][T19204] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5187'. [ 609.603900][ T30] audit: type=1326 audit(865.180:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19191 comm="syz.4.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 609.716322][ T30] audit: type=1326 audit(865.180:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19191 comm="syz.4.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x7ffc0000 [ 609.760507][T19208] netlink: 'syz.3.5190': attribute type 1 has an invalid length. [ 609.850546][T19208] bond2: entered promiscuous mode [ 609.875917][T19208] 8021q: adding VLAN 0 to HW filter on device bond2 [ 609.971513][T19214] 8021q: adding VLAN 0 to HW filter on device bond2 [ 610.011168][T19214] bond2: (slave vcan1): The slave device specified does not support setting the MAC address [ 610.067225][T19214] bond2: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 610.127902][T19214] bond2: (slave vcan1): making interface the new active one [ 610.185479][T19214] vcan1: entered promiscuous mode [ 610.237998][T19214] bond2: (slave vcan1): Enslaving as an active interface with an up link [ 610.491334][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 610.526277][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 611.489135][T19267] 9pnet_fd: Insufficient options for proto=fd [ 611.617645][ T9054] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 611.641070][T19272] dummy0: entered promiscuous mode [ 611.688417][T19272] dummy0: left promiscuous mode [ 611.805569][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 611.814158][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 612.453595][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 612.463909][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 612.759354][T12296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 613.303536][T19323] vti0: entered promiscuous mode [ 613.347385][T19323] vti0: entered allmulticast mode [ 613.910136][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 614.371593][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 614.381049][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 615.069452][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 616.530433][T19428] loop9: detected capacity change from 0 to 7 [ 616.558151][T19428] buffer_io_error: 311 callbacks suppressed [ 616.558174][T19428] Buffer I/O error on dev loop9, logical block 0, async page read [ 616.619211][T19428] Buffer I/O error on dev loop9, logical block 0, async page read [ 616.636317][T19428] Buffer I/O error on dev loop9, logical block 0, async page read [ 616.658855][T19428] Buffer I/O error on dev loop9, logical block 0, async page read [ 616.677256][T19428] Buffer I/O error on dev loop9, logical block 0, async page read [ 616.692877][T19428] Buffer I/O error on dev loop9, logical block 0, async page read [ 616.746308][T19428] Buffer I/O error on dev loop9, logical block 0, async page read [ 616.791077][T19428] ldm_validate_partition_table(): Disk read failed. [ 616.820256][T19428] Buffer I/O error on dev loop9, logical block 0, async page read [ 616.857564][T19428] Buffer I/O error on dev loop9, logical block 0, async page read [ 616.888391][T19428] Buffer I/O error on dev loop9, logical block 0, async page read [ 616.908220][T19428] Dev loop9: unable to read RDB block 0 [ 616.953564][T19428] loop9: unable to read partition table [ 616.978770][T19428] loop9: partition table beyond EOD, truncated [ 617.006891][T19428] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 617.006891][T19428] ) failed (rc=-5) [ 617.419982][ T36] net_ratelimit: 1 callbacks suppressed [ 617.420004][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 617.567186][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 617.816334][T19466] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(4) [ 617.823695][T19466] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 617.837025][T19466] vhci_hcd vhci_hcd.0: Device attached [ 617.860417][T19468] vhci_hcd: connection closed [ 617.864835][T12315] vhci_hcd: stop threads [ 617.908449][T12315] vhci_hcd: release socket [ 617.918927][T12315] vhci_hcd: disconnect device [ 618.218914][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 618.587169][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 619.706904][ T9054] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 620.048895][T12344] kernel read not supported for file /dsp (pid: 12344 comm: kworker/0:13) [ 620.126587][ T9054] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 620.135806][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 620.259642][T19558] loop9: detected capacity change from 0 to 7 [ 620.276087][T19558] Dev loop9: unable to read RDB block 7 [ 620.281924][T19558] loop9: unable to read partition table [ 620.289450][T19558] loop9: partition table beyond EOD, truncated [ 620.296278][T19558] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 620.857335][ T9054] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 621.102050][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 621.102071][ T30] audit: type=1326 audit(877.050:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19556 comm="syz.7.5332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bdf58eb69 code=0x7fc00000 [ 621.986124][ T9054] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 623.126857][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 623.326414][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 623.759195][T19690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 623.966700][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 624.266092][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 624.610232][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.617326][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.679878][T19710] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5395'. [ 624.692876][T19710] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5395'. [ 625.248694][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 625.399527][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 625.655508][ T10] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 625.831425][T19740] netlink: 'syz.4.5407': attribute type 10 has an invalid length. [ 625.848585][ T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 625.865496][ T10] usb 4-1: config 0 interface 0 has no altsetting 0 [ 625.868823][T19740] netlink: 'syz.4.5407': attribute type 4 has an invalid length. [ 625.881731][T19740] netlink: 152 bytes leftover after parsing attributes in process `syz.4.5407'. [ 625.894303][ T10] usb 4-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce [ 625.906887][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 625.907472][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 625.939174][ T10] usb 4-1: Product: syz [ 625.948909][ T10] usb 4-1: Manufacturer: syz [ 625.953597][ T10] usb 4-1: SerialNumber: syz [ 625.980714][ T10] usb 4-1: config 0 descriptor?? [ 625.986258][T19740] : renamed from bond0 (while UP) [ 625.990675][ T10] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state. [ 626.003756][ T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 626.014753][ T10] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0) [ 626.029695][ T10] usb 4-1: media controller created [ 626.069965][ T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 626.193505][ T10] DVB: Unable to find symbol tda10046_attach() [ 626.202333][ T10] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0' [ 626.219245][ T10] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected. [ 626.533599][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 627.262500][ T10] dvb_usb_m920x 4-1:0.0: probe with driver dvb_usb_m920x failed with error -71 [ 627.309456][ T10] usb 4-1: USB disconnect, device number 53 [ 627.657150][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 628.253353][T19822] serio: Serial port ttyS3 [ 628.449685][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 628.511632][T19835] overlayfs: failed to clone lowerpath [ 628.524268][T19835] overlayfs: failed to clone upperpath [ 628.788757][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 628.919215][ T30] audit: type=1326 audit(884.870:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19850 comm="syz.0.5454" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f04e938eb69 code=0x0 [ 629.725986][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 629.978370][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 631.007385][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 631.017713][ T9054] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 631.112112][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 631.330230][T19915] overlayfs: failed to clone lowerpath [ 631.609408][ T30] audit: type=1326 audit(887.560:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19918 comm="syz.3.5480" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6f3b18eb69 code=0x0 [ 632.242376][T12306] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 632.889359][ T5928] kernel write not supported for file bpf-prog (pid: 5928 comm: kworker/1:4) [ 633.130221][T19990] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5513'. [ 633.367900][ T9054] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 633.516161][ T6004] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 633.705542][ T6004] usb 4-1: Using ep0 maxpacket: 8 [ 633.716611][ T6004] usb 4-1: config 0 has an invalid interface number: 55 but max is 0 [ 633.735206][ T6004] usb 4-1: config 0 has no interface number 0 [ 633.746734][ T6004] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 633.772341][ T6004] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 633.800689][ T6004] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 633.832609][ T6004] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 633.856360][T20019] team0: Caught tx_queue_len zero misconfig [ 633.868325][ T6004] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 633.895194][ T6004] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 633.915466][ T6004] usb 4-1: config 0 descriptor?? [ 633.965153][ T6004] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 634.206286][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 634.258669][ T24] usb 4-1: USB disconnect, device number 54 [ 634.291215][ T24] ldusb 4-1:0.55: LD USB Device #0 now disconnected [ 634.298544][ T6004] usb 9-1: new high-speed USB device number 21 using dummy_hcd [ 634.484985][ T6004] usb 9-1: Using ep0 maxpacket: 8 [ 634.498765][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 634.519027][ T6004] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 634.533736][ T6004] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 32 [ 634.559744][ T6004] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 634.574316][ T6004] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 634.615303][ T6004] usb 9-1: Product: syz [ 634.620765][ T6004] usb 9-1: Manufacturer: syz [ 634.628993][ T6004] usb 9-1: SerialNumber: syz [ 634.866808][T20024] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 635.481029][T20024] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 635.625805][ T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 635.712120][ T6004] cdc_ncm 9-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 635.737147][ T6004] cdc_ncm 9-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048 [ 635.744628][ T6004] cdc_ncm 9-1:1.0: setting rx_max = 2048 [ 635.774883][T20060] overlayfs: failed to clone upperpath [ 635.919944][ T6004] cdc_ncm 9-1:1.0: setting tx_max = 184 [ 635.972461][ T6004] cdc_ncm 9-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.8-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 635.997726][ T6004] usb 9-1: USB disconnect, device number 21 [ 636.006307][ T6004] cdc_ncm 9-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.8-1, CDC NCM (NO ZLP) [ 636.090487][T20074] xt_hashlimit: max too large, truncated to 1048576 [ 636.112311][T20074] fuse: Unknown parameter 'fscontext' [ 636.252346][T20078] kvm: user requested TSC rate below hardware speed [ 636.272580][T20078] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 636.757180][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 636.765704][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 636.774030][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 636.786308][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 637.056760][T20108] xt_hashlimit: size too large, truncated to 1048576 [ 637.956250][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 638.021832][ T5923] kernel write not supported for file bpf-prog (pid: 5923 comm: kworker/0:6) [ 638.747410][T20150] binder: 20149:20150 ioctl 40046205 0 returned -22 [ 639.155379][T12291] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 639.332359][T12315] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 640.356707][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 640.685803][ T5923] usb 9-1: new full-speed USB device number 22 using dummy_hcd [ 640.866635][ T5923] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 640.893937][ T5923] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 640.931913][ T5923] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64 [ 641.001747][ T5923] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 641.056704][ T5923] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 641.084075][ T5923] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 641.114755][ T5923] usb 9-1: Product: syz [ 641.127309][ T5923] usb 9-1: Manufacturer: syz [ 641.132085][ T5923] usb 9-1: SerialNumber: syz [ 641.171267][T20182] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 641.422579][T20182] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 641.437422][T20182] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 641.487461][T12285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 641.625103][T20211] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5612'. [ 641.718420][ T1225] usb 4-1: new high-speed USB device number 55 using dummy_hcd [ 641.875861][ T1225] usb 4-1: Using ep0 maxpacket: 8 [ 641.886796][ T1225] usb 4-1: config 0 has no interfaces? [ 641.892356][ T1225] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 641.902446][ T1225] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 641.915176][ T1225] usb 4-1: config 0 descriptor?? [ 642.054997][T20182] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 642.063924][T20182] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 642.132199][ T1225] usb 4-1: USB disconnect, device number 55 [ 642.190880][T20228] netlink: 'syz.0.5619': attribute type 4 has an invalid length. [ 642.280099][ T5923] cdc_ncm 9-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 642.295717][ T5923] cdc_ncm 9-1:1.0: dwNtbInMaxSize=4 is too small. Using 2048 [ 642.305175][ T5923] cdc_ncm 9-1:1.0: setting rx_max = 2048 [ 642.507439][ T5923] cdc_ncm 9-1:1.0: setting tx_max = 88 [ 642.613661][ T5923] cdc_ncm 9-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.8-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 642.732689][ T5923] usb 9-1: USB disconnect, device number 22 [ 642.752082][ T5923] cdc_ncm 9-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.8-1, CDC NCM (NO ZLP) [ 643.131348][T20262] netlink: 9 bytes leftover after parsing attributes in process `syz.8.5632'. [ 643.148496][T20262] gretap0: entered promiscuous mode [ 643.211731][T20262] netlink: 5 bytes leftover after parsing attributes in process `syz.8.5632'. [ 643.223885][T20262] 0ªî{X¹¦: renamed from gretap0 [ 643.234341][T20262] 0ªî{X¹¦: left promiscuous mode [ 643.239728][T20262] 0ªî{X¹¦: entered allmulticast mode [ 643.248077][T20267] netlink: 'syz.4.5634': attribute type 1 has an invalid length. [ 643.256837][T20262] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 643.350918][T20269] bond0: (slave gretap1): making interface the new active one [ 643.362299][T20269] bond0: (slave gretap1): Enslaving as an active interface with an up link [ 643.871605][T20293] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5645'. [ 644.975708][T20320] overlayfs: failed to clone upperpath [ 645.418746][T20327] netlink: 200 bytes leftover after parsing attributes in process `syz.8.5658'. [ 645.435946][T20327] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5658'. [ 645.555762][T20336] netlink: 'syz.3.5662': attribute type 2 has an invalid length. [ 645.576242][T20336] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5662'. [ 645.612792][T20338] overlayfs: failed to clone upperpath [ 645.879487][T20353] netlink: 'syz.8.5670': attribute type 1 has an invalid length. [ 645.940201][T20353] bond3: entered promiscuous mode [ 645.953636][T20353] 8021q: adding VLAN 0 to HW filter on device bond3 [ 645.995756][T20356] bond3: (slave bridge1): making interface the new active one [ 646.009048][T20356] bridge1: entered promiscuous mode [ 646.026940][T20356] bond3: (slave bridge1): Enslaving as an active interface with an up link [ 647.451540][T20409] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5694'. [ 648.524588][ T30] audit: type=1326 audit(904.470:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.0.5696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04e938eb69 code=0x7fc00000 [ 649.940353][T20457] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5714'. [ 649.969543][T20457] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5714'. [ 650.073087][ T30] audit: type=1326 audit(906.020:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20470 comm="syz.7.5719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bdf58eb69 code=0x7ffc0000 [ 650.094549][ C1] vkms_vblank_simulate: vblank timer overrun [ 650.157302][ T30] audit: type=1326 audit(906.020:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20470 comm="syz.7.5719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bdf58eb69 code=0x7ffc0000 [ 650.184725][ T30] audit: type=1326 audit(906.020:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20470 comm="syz.7.5719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6bdf58eb69 code=0x7ffc0000 [ 650.213007][ T30] audit: type=1326 audit(906.050:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20470 comm="syz.7.5719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bdf58eb69 code=0x7ffc0000 [ 650.243068][ T30] audit: type=1326 audit(906.050:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20470 comm="syz.7.5719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bdf58eb69 code=0x7ffc0000 [ 650.265481][ T30] audit: type=1326 audit(906.080:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20470 comm="syz.7.5719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f6bdf58eb69 code=0x7ffc0000 [ 650.291347][ T30] audit: type=1326 audit(906.080:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20470 comm="syz.7.5719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bdf58eb69 code=0x7ffc0000 [ 650.340282][ T30] audit: type=1326 audit(906.080:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20470 comm="syz.7.5719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bdf58eb69 code=0x7ffc0000 [ 650.361460][ C1] vkms_vblank_simulate: vblank timer overrun [ 650.923163][T20502] Bluetooth: hci0: unsupported parameter 5148 [ 650.955527][T20502] Bluetooth: hci0: invalid len left 4, exp >= 118 [ 651.115279][T20511] netlink: 'syz.0.5737': attribute type 1 has an invalid length. [ 651.133782][T20511] netlink: 'syz.0.5737': attribute type 4 has an invalid length. [ 651.158210][ T5923] libceph: connect (1)[c::]:6789 error -101 [ 651.159964][T20511] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.5737'. [ 651.164493][ T5923] libceph: mon0 (1)[c::]:6789 connect error [ 651.194917][T20514] ceph: No mds server is up or the cluster is laggy [ 651.237583][T20523] netlink: 452 bytes leftover after parsing attributes in process `syz.4.5742'. [ 651.484977][T20533] overlayfs: failed to clone upperpath [ 651.544773][T20536] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5748'. [ 652.032070][T20552] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5755'. [ 652.072318][T20552] netlink: 'syz.0.5755': attribute type 15 has an invalid length. [ 652.093815][T20552] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5755'. [ 652.115634][T20552] netlink: 'syz.0.5755': attribute type 15 has an invalid length. [ 652.440020][T20563] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5760'. [ 652.723564][T20581] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.5768'. [ 653.057112][ T30] audit: type=1800 audit(909.010:984): pid=20595 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.5774" name="nullb0" dev="tmpfs" ino=5599 res=0 errno=0 [ 656.121031][T20688] ip6gre1: entered allmulticast mode [ 656.975143][T20719] netlink: 3 bytes leftover after parsing attributes in process `syz.4.5825'. [ 657.030638][T20719] batadv1: entered promiscuous mode [ 657.063456][T20719] batadv1: entered allmulticast mode [ 657.129356][T20726] IPVS: sed: UDP 224.0.0.2:0 - no destination available [ 657.743641][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 657.743660][ T30] audit: type=1326 audit(913.690:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20743 comm="syz.7.5836" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6bdf58eb69 code=0x0 [ 658.191381][T20752] xt_CT: No such helper "snmp" [ 658.798774][T20768] veth0_virt_wifi: renamed from veth0_vlan [ 659.291736][T20801] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5857'. [ 659.753594][T20823] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5865'. [ 659.766464][ T1225] usb 9-1: new high-speed USB device number 23 using dummy_hcd [ 659.925896][ T1225] usb 9-1: Using ep0 maxpacket: 32 [ 660.019512][ T1225] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 660.055208][ T1225] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 660.084867][ T1225] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 660.105068][ T1225] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 660.142030][ T1225] usb 9-1: config 0 descriptor?? [ 660.171102][T20831] syzkaller0: entered allmulticast mode [ 660.193069][ T1225] hub 9-1:0.0: USB hub found [ 660.246602][T20831] syzkaller0: entered promiscuous mode [ 660.292171][T20831] syzkaller0 (unregistering): left allmulticast mode [ 660.310078][T20831] syzkaller0 (unregistering): left promiscuous mode [ 660.425481][ T1225] hub 9-1:0.0: 1 port detected [ 660.852015][ T1225] usb 9-1: USB disconnect, device number 23 [ 664.947060][ T5928] usb 4-1: new high-speed USB device number 56 using dummy_hcd [ 665.126453][T20951] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5915'. [ 665.145002][T20951] netlink: 'syz.8.5915': attribute type 18 has an invalid length. [ 665.155392][ T5928] usb 4-1: Using ep0 maxpacket: 32 [ 665.163316][ T5928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 665.177092][T20951] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5915'. [ 665.192641][T20951] netlink: 'syz.8.5915': attribute type 18 has an invalid length. [ 665.199095][ T5928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 665.221543][ T5928] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 665.234089][ T5928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 665.276688][ T5928] usb 4-1: config 0 descriptor?? [ 665.283882][T20936] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 665.312975][ T5928] hub 4-1:0.0: USB hub found [ 665.513891][ T5928] hub 4-1:0.0: 1 port detected [ 665.694781][T20968] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 666.027452][T20977] netlink: 'syz.4.5929': attribute type 6 has an invalid length. [ 666.416004][T20985] syzkaller1: entered promiscuous mode [ 666.432726][T20985] syzkaller1: entered allmulticast mode [ 666.530884][ T6004] usb 4-1: USB disconnect, device number 56 [ 666.745826][ T5928] usb 4-1-port1: config error [ 667.279846][T21020] 8021q: adding VLAN 0 to HW filter on device bond3 [ 667.293529][T21020] team0: Failed to send options change via netlink (err -105) [ 667.335597][T21020] team0: Port device bond3 added [ 667.405573][ T5923] usb 9-1: new full-speed USB device number 24 using dummy_hcd [ 667.500916][T21035] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5954'. [ 667.561471][ T5923] usb 9-1: config 1 interface 0 has no altsetting 0 [ 667.576712][ T5923] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 667.614827][ T5923] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 667.631210][ T5923] usb 9-1: Product: syz [ 667.636277][ T5923] usb 9-1: Manufacturer: syz [ 667.641076][ T5923] usb 9-1: SerialNumber: syz [ 668.104254][ T5923] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 24 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 668.292572][T21056] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5959'. [ 668.315047][T21056] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5959'. [ 668.662313][ T1225] libceph: connect (1)[c::]:6789 error -101 [ 668.674100][ T1225] libceph: mon0 (1)[c::]:6789 connect error [ 668.706261][T21073] ceph: No mds server is up or the cluster is laggy [ 668.720536][T21077] netlink: 52 bytes leftover after parsing attributes in process `syz.7.5967'. [ 668.760699][T21077] unsupported nlmsg_type 40 [ 669.409924][T21104] gtp0: entered promiscuous mode [ 669.608571][T21109] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5982'. [ 669.928732][ T24] libceph: connect (1)[c::]:6789 error -1 [ 669.945302][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 669.960641][ T24] libceph: connect (1)[c::]:6789 error -1 [ 669.976757][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 670.215753][ T24] usb 9-1: USB disconnect, device number 24 [ 670.254075][ T24] usblp0: removed [ 670.260128][ T6004] libceph: connect (1)[c::]:6789 error -1 [ 670.290165][ T6004] libceph: mon0 (1)[c::]:6789 connect error [ 670.728364][T21128] ceph: No mds server is up or the cluster is laggy [ 670.816095][ T1225] usb 9-1: new high-speed USB device number 25 using dummy_hcd [ 670.988168][ T1225] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 671.009636][ T1225] usb 9-1: config 0 has no interface number 0 [ 671.028989][ T1225] usb 9-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 671.048780][ T1225] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 671.079992][ T1225] usb 9-1: Product: syz [ 671.098819][ T1225] usb 9-1: Manufacturer: syz [ 671.103621][ T1225] usb 9-1: SerialNumber: syz [ 671.120887][ T1225] usb 9-1: config 0 descriptor?? [ 671.377568][ T1225] usb 9-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 671.414807][ T1225] usb 9-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 671.427939][ T1225] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 671.438919][ T1225] usb 9-1: media controller created [ 671.469703][ T1225] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 671.578747][ T1225] i2c i2c-3: ec100: i2c rd failed=-32 reg=33 [ 671.639319][ T1225] usb 9-1: USB disconnect, device number 25 [ 674.939096][T21160] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6004'. [ 674.948434][T21172] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6006'. [ 675.022900][T21174] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6006'. [ 675.068553][T21174] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6006'. [ 675.662123][T21194] overlayfs: failed to clone upperpath [ 675.994376][T21182] netlink: 'syz.0.6007': attribute type 4 has an invalid length. [ 677.542314][T21218] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-61) [ 677.985971][T12344] usb 9-1: new high-speed USB device number 26 using dummy_hcd [ 678.051009][T21230] overlayfs: failed to clone upperpath [ 678.155789][T12344] usb 9-1: Using ep0 maxpacket: 8 [ 678.166734][T12344] usb 9-1: config 179 has an invalid interface number: 65 but max is 0 [ 678.181904][T12344] usb 9-1: config 179 has no interface number 0 [ 678.198989][T12344] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 678.211493][T12344] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 678.223219][T12344] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 678.236770][T21232] netlink: 'syz.4.6029': attribute type 1 has an invalid length. [ 678.245663][T12344] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 678.261675][T12344] usb 9-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 678.278824][T12344] usb 9-1: config 179 interface 65 has no altsetting 0 [ 678.286061][T12344] usb 9-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 678.305610][T12344] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 678.367149][T12344] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:179.65/input/input62 [ 678.448914][ T5190] input input62: unable to receive magic message: -110 [ 678.484351][ T5190] input input62: unable to receive magic message: -32 [ 678.557924][ T5190] input input62: unable to receive magic message: -32 [ 678.613893][ T5190] input input62: unable to receive magic message: -32 [ 678.779357][T12344] usb 9-1: USB disconnect, device number 26 [ 678.785698][ C0] xpad 9-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 681.088406][T21232] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 681.170589][T21239] kthread_run failed with err -4 [ 681.803873][T21259] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 683.204260][T21306] No such timeout policy "syz0" [ 683.279138][T21310] netlink: 552 bytes leftover after parsing attributes in process `syz.3.6056'. [ 683.310124][T21310] bridge0: the hash_elasticity option has been deprecated and is always 16 [ 685.136054][T21342] netlink: 'syz.8.6071': attribute type 4 has an invalid length. [ 685.214398][T21342] netlink: 'syz.8.6071': attribute type 4 has an invalid length. [ 686.052851][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.060062][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.593985][ T30] audit: type=1800 audit(942.540:1000): pid=21400 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.6096" name="nullb0" dev="tmpfs" ino=5599 res=0 errno=0 [ 687.186418][ T30] audit: type=1326 audit(943.140:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21393 comm="syz.8.6095" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc59918eb69 code=0x0 [ 689.515463][ T5923] usb 9-1: new high-speed USB device number 27 using dummy_hcd [ 689.665805][ T5923] usb 9-1: Using ep0 maxpacket: 8 [ 689.686863][ T5923] usb 9-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 689.717914][ T5923] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 689.746647][ T5923] usb 9-1: config 0 descriptor?? [ 689.975095][ T5923] asix 9-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 690.106679][T21481] netlink: 'syz.0.6128': attribute type 3 has an invalid length. [ 690.141711][T21481] netlink: 'syz.0.6128': attribute type 3 has an invalid length. [ 691.295502][ T5923] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 691.305829][ T5923] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9 [ 691.328412][ T5923] asix 9-1:0.0: probe with driver asix failed with error -71 [ 691.359520][ T5923] usb 9-1: USB disconnect, device number 27 [ 691.964423][T21511] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6142'. [ 692.679849][T21528] vlan2: entered allmulticast mode [ 692.699907][T21528] bridge_slave_0: entered allmulticast mode [ 693.068337][T21539] netlink: 52 bytes leftover after parsing attributes in process `syz.7.6153'. [ 695.093078][T21583] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6171'. [ 698.580085][T21663] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6202'. [ 698.580921][T21663] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6202'. [ 698.908754][ T30] audit: type=1800 audit(954.860:1002): pid=21671 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.6205" name="nullb0" dev="tmpfs" ino=5846 res=0 errno=0 [ 699.517429][T21680] overlayfs: failed to clone upperpath [ 699.877862][T21696] openvswitch: netlink: IPv4 tun info is not correct [ 700.705165][T21713] overlayfs: failed to clone upperpath [ 701.795776][T21735] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6231'. [ 703.795646][ T6004] usb 4-1: new full-speed USB device number 57 using dummy_hcd [ 704.088102][ T6004] usb 4-1: unable to get BOS descriptor or descriptor too short [ 704.098374][ T6004] usb 4-1: no configurations [ 704.103213][ T6004] usb 4-1: can't read configurations, error -22 [ 705.454128][T21646] Bluetooth: hci5: Frame reassembly failed (-84) [ 706.735988][T21813] netlink: 'syz.7.6259': attribute type 4 has an invalid length. [ 707.221352][T21822] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6260'. [ 707.485552][T14246] Bluetooth: hci5: command 0xfc11 tx timeout [ 707.485682][ T5843] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 708.577422][ T1225] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 708.765775][ T1225] usb 4-1: Using ep0 maxpacket: 8 [ 708.783767][ T1225] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 708.805585][ T1225] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 708.855499][ T1225] usb 4-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=44.b2 [ 708.883658][ T1225] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 708.911326][ T1225] usb 4-1: Product: syz [ 708.918650][ T1225] usb 4-1: Manufacturer: syz [ 708.923334][ T1225] usb 4-1: SerialNumber: syz [ 708.941447][ T1225] usb 4-1: config 0 descriptor?? [ 709.334588][T21870] 0ªî{X¹¦: left allmulticast mode [ 709.364662][T21870] sit0: left promiscuous mode [ 709.477082][T21870] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 709.588387][ T5890] usb 4-1: USB disconnect, device number 59 [ 709.977202][T21885] af_packet: tpacket_rcv: packet too big, clamped from 65253 to 4294967272. macoff=96 [ 710.236098][ T30] audit: type=1800 audit(966.180:1003): pid=21889 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.6288" name="nullb0" dev="tmpfs" ino=5599 res=0 errno=0 [ 710.872385][T21911] loop2: detected capacity change from 0 to 7 [ 710.887376][T21911] loop2: [ 710.891477][T21913] bond0: (slave team0): Releasing backup interface [ 710.913761][T21913] bridge_slave_0: left allmulticast mode [ 710.920911][T21911] loop2: partition table partially beyond EOD, truncated [ 710.925478][T21913] bridge_slave_0: left promiscuous mode [ 710.940090][T21913] bridge0: port 1(bridge_slave_0) entered disabled state [ 710.952918][T21913] bridge_slave_1: left allmulticast mode [ 710.962111][T21913] bridge_slave_1: left promiscuous mode [ 710.970735][T21913] bridge0: port 2(bridge_slave_1) entered disabled state [ 711.050543][T21913] bond0: (slave bond_slave_0): Releasing backup interface [ 711.082444][T21913] bond0: (slave bond_slave_1): Releasing backup interface [ 711.136681][T21913] team0: Port device team_slave_0 removed [ 711.164991][T21913] team0: Port device team_slave_1 removed [ 711.174949][T21913] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 711.183618][T21913] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 711.196125][T21913] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 711.204045][T21913] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 711.240366][T21913] bond1: (slave vti0): Releasing backup interface [ 711.274752][T21913] team0: Port device bond3 removed [ 711.435168][T21933] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 711.955528][T12344] usb 9-1: new high-speed USB device number 28 using dummy_hcd [ 712.048671][T21951] syzkaller0: entered promiscuous mode [ 712.054879][T21951] syzkaller0: entered allmulticast mode [ 712.159670][T12344] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 712.174085][T12344] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 712.184605][T12344] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 712.193974][T12344] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 712.207987][T21940] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 712.220019][T12344] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 712.448687][ T5928] usb 9-1: USB disconnect, device number 28 [ 716.643180][T21978] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6325'. [ 717.545702][ T5928] usb 9-1: new high-speed USB device number 29 using dummy_hcd [ 717.885567][ T5928] usb 9-1: Using ep0 maxpacket: 16 [ 717.892995][ T5928] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 717.905248][ T5928] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 717.935491][ T5928] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 717.953867][ T5928] usb 9-1: Product: syz [ 717.963995][ T5928] usb 9-1: Manufacturer: syz [ 717.983175][ T5928] usb 9-1: SerialNumber: syz [ 718.022028][ T5928] usb 9-1: config 0 descriptor?? [ 718.062288][ T5928] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected [ 718.104916][ T5928] usb 9-1: Detected FT232R [ 718.147639][ T30] audit: type=1326 audit(974.100:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22020 comm="syz.3.6342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 718.210151][ T30] audit: type=1326 audit(974.120:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22020 comm="syz.3.6342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 718.259941][ T30] audit: type=1326 audit(974.120:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22020 comm="syz.3.6342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 718.307844][ T5928] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 718.378664][ T30] audit: type=1326 audit(974.120:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22020 comm="syz.3.6342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 718.480354][ T30] audit: type=1326 audit(974.120:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22020 comm="syz.3.6342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 718.540682][ T30] audit: type=1326 audit(974.120:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22020 comm="syz.3.6342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 718.568186][ T5928] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 718.599814][ T30] audit: type=1326 audit(974.130:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22020 comm="syz.3.6342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 718.774667][ T5928] usb 9-1: USB disconnect, device number 29 [ 718.787693][ T5928] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 718.805992][ T5928] ftdi_sio 9-1:0.0: device disconnected [ 719.006083][ T5890] usb 4-1: new high-speed USB device number 60 using dummy_hcd [ 719.169951][ T5890] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 719.181868][ T5890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 719.200055][ T5890] usb 4-1: config 0 descriptor?? [ 719.215136][ T5890] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 719.619463][T22065] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6361'. [ 719.629897][ T5890] cpia1 4-1:0.0: unexpected state after lo power cmd: 00 [ 720.233871][ T5890] gspca_cpia1: usb_control_msg 05, error -71 [ 720.251322][ T5890] cpia1 4-1:0.0: unexpected systemstate: 00 [ 720.277814][ T5890] usb 4-1: USB disconnect, device number 60 [ 720.394762][ T5827] IPVS: starting estimator thread 0... [ 720.505491][T22093] IPVS: using max 24 ests per chain, 57600 per kthread [ 721.585531][T12344] usb 4-1: new full-speed USB device number 61 using dummy_hcd [ 721.751422][T12344] usb 4-1: config 0 has no interfaces? [ 721.765798][ T5890] usb 9-1: new high-speed USB device number 30 using dummy_hcd [ 721.798081][T12344] usb 4-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01 [ 721.817861][T12344] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 721.839785][T12344] usb 4-1: Product: syz [ 721.844118][T12344] usb 4-1: Manufacturer: syz [ 721.861130][T12344] usb 4-1: SerialNumber: syz [ 721.887703][T12344] usb 4-1: config 0 descriptor?? [ 721.935466][ T5890] usb 9-1: Using ep0 maxpacket: 8 [ 721.947908][T22142] overlayfs: failed to clone upperpath [ 721.950760][ T5890] usb 9-1: unable to get BOS descriptor or descriptor too short [ 721.979237][ T5890] usb 9-1: config 8 has an invalid interface number: 255 but max is 0 [ 722.003304][ T5890] usb 9-1: config 8 has no interface number 0 [ 722.025598][ T5890] usb 9-1: config 8 interface 255 has no altsetting 0 [ 722.052294][ T5890] usb 9-1: string descriptor 0 read error: -22 [ 722.059159][ T5890] usb 9-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf [ 722.073118][ T5890] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 722.111951][T12344] usb 4-1: USB disconnect, device number 61 [ 722.289605][ T5890] catc 9-1:8.255: Can't set altsetting 1. [ 722.295828][ T5890] catc 9-1:8.255: probe with driver catc failed with error -5 [ 722.317364][ T5890] usb 9-1: USB disconnect, device number 30 [ 724.313926][ T30] audit: type=1326 audit(980.260:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22184 comm="syz.3.6407" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x0 [ 724.732149][T22204] overlayfs: failed to clone upperpath [ 724.745894][ T5890] usb 9-1: new high-speed USB device number 31 using dummy_hcd [ 724.844352][T22206] netlink: 'syz.7.6416': attribute type 4 has an invalid length. [ 724.922496][ T5890] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 724.955798][ T5890] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 724.978988][ T5890] usb 9-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 725.002097][ T5890] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 725.051999][ T5890] usb 9-1: config 0 descriptor?? [ 725.471669][ T5890] playstation 0003:054C:0DF2.0031: unknown main item tag 0x0 [ 725.485479][ T5890] playstation 0003:054C:0DF2.0031: unknown main item tag 0x0 [ 725.492986][ T5890] playstation 0003:054C:0DF2.0031: unknown main item tag 0x0 [ 725.518192][ T5890] playstation 0003:054C:0DF2.0031: unknown main item tag 0x0 [ 725.527871][ T5890] playstation 0003:054C:0DF2.0031: unknown main item tag 0x0 [ 725.542587][ T5890] playstation 0003:054C:0DF2.0031: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.8-1/input0 [ 725.670930][ T5890] playstation 0003:054C:0DF2.0031: Invalid byte count transferred, expected 20 got 0 [ 725.677264][T22229] fuse: Bad value for 'fd' [ 725.690416][ T5890] playstation 0003:054C:0DF2.0031: Failed to retrieve DualSense pairing info: -22 [ 725.707550][ T5890] playstation 0003:054C:0DF2.0031: Failed to get MAC address from DualSense [ 725.720022][ T5890] playstation 0003:054C:0DF2.0031: Failed to create dualsense. [ 725.731313][ T5890] playstation 0003:054C:0DF2.0031: probe with driver playstation failed with error -22 [ 725.888152][ T5890] usb 9-1: USB disconnect, device number 31 [ 725.961786][T22242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6429'. [ 726.905413][ T5928] usb 4-1: new high-speed USB device number 62 using dummy_hcd [ 727.078663][ T5928] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 727.114371][ T5928] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 727.149735][ T5928] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 727.178922][ T5928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 727.210268][T22249] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 727.239820][ T5928] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 728.022738][T22274] netlink: 'syz.4.6443': attribute type 12 has an invalid length. [ 728.147570][ T5928] usb 4-1: USB disconnect, device number 62 [ 728.667185][T22287] overlayfs: failed to clone upperpath [ 730.208970][T22331] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 730.409462][T22339] netlink: 'syz.0.6469': attribute type 10 has an invalid length. [ 730.425621][ T5928] usb 4-1: new full-speed USB device number 63 using dummy_hcd [ 730.440956][T22339] 8021q: adding VLAN 0 to HW filter on device team0 [ 730.453194][T22339] team0: entered promiscuous mode [ 730.463818][T22339] team_slave_1: entered promiscuous mode [ 730.473307][T22339] bond0: (slave team0): Enslaving as an active interface with an up link [ 730.587954][ T5928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 730.599691][ T5928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 730.610901][ T5928] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 730.620455][ T5928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 730.630578][ T5928] usb 4-1: config 0 descriptor?? [ 730.639500][ T5928] hub 4-1:0.0: USB hub found [ 730.841457][ T5928] hub 4-1:0.0: 1 port detected [ 731.450685][ T5928] hub 4-1:0.0: activate --> -90 [ 731.534970][ T30] audit: type=1800 audit(1243.485:1012): pid=22379 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.6485" name="nullb0" dev="tmpfs" ino=5599 res=0 errno=0 [ 731.625920][ T5890] usb 9-1: new high-speed USB device number 32 using dummy_hcd [ 731.795634][ T5890] usb 9-1: Using ep0 maxpacket: 32 [ 731.810218][ T5890] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 731.843881][ T5890] usb 9-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 731.871908][ T5890] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 731.877190][ T5928] hub 4-1:0.0: hub_ext_port_status failed (err = -71) [ 731.888714][ T5827] usb 4-1: USB disconnect, device number 63 [ 731.905262][ T5890] usb 9-1: config 0 descriptor?? [ 732.343317][ T5890] hkems 0003:2006:0118.0032: unknown main item tag 0x0 [ 732.361664][ T5890] hkems 0003:2006:0118.0032: hidraw0: USB HID vda.6f Device [HID 2006:0118] on usb-dummy_hcd.8-1/input0 [ 732.373764][ T5890] hkems 0003:2006:0118.0032: no inputs found [ 732.380550][ T5890] hkems 0003:2006:0118.0032: force feedback init failed [ 732.557336][ T5928] usb 9-1: USB disconnect, device number 32 [ 733.367309][T22435] loop6: detected capacity change from 0 to 7 [ 733.381639][T22438] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6508'. [ 733.414404][T22435] Dev loop6: unable to read RDB block 7 [ 733.435195][T22435] loop6: AHDI p1 p2 [ 733.462088][T22435] loop6: partition table partially beyond EOD, truncated [ 733.500948][T22435] loop6: p1 start 926365495 is beyond EOD, truncated [ 733.548024][T22438] team1: entered promiscuous mode [ 733.570624][T22438] team1: entered allmulticast mode [ 734.669446][T22481] netlink: 'syz.0.6527': attribute type 58 has an invalid length. [ 734.786568][T22487] netlink: 'syz.0.6529': attribute type 12 has an invalid length. [ 734.795020][T22487] netlink: 'syz.0.6529': attribute type 29 has an invalid length. [ 734.803491][T22487] netlink: 148 bytes leftover after parsing attributes in process `syz.0.6529'. [ 734.813389][T22487] netlink: 'syz.0.6529': attribute type 2 has an invalid length. [ 736.568960][T22561] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6559'. [ 736.699134][T22564] xt_bpf: check failed: parse error [ 738.835614][ T5928] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 739.032686][ T5928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 739.049639][ T5928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 739.065160][ T5928] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 739.078690][ T5928] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 739.089065][ T5928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 739.136279][ T5928] usb 4-1: config 0 descriptor?? [ 739.294929][T22637] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6593'. [ 739.566665][ T5928] plantronics 0003:047F:FFFF.0033: reserved main item tag 0xd [ 739.586867][ T5928] plantronics 0003:047F:FFFF.0033: unknown main item tag 0x0 [ 739.633058][ T5928] plantronics 0003:047F:FFFF.0033: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 739.829830][ T5928] usb 4-1: USB disconnect, device number 64 [ 739.997156][T22653] syzkaller0: entered allmulticast mode [ 740.400483][T22673] netlink: 'syz.0.6607': attribute type 1 has an invalid length. [ 740.435826][T22673] netlink: 'syz.0.6607': attribute type 4 has an invalid length. [ 740.443692][T22673] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.6607'. [ 740.900062][T22688] IPVS: sed: UDP 224.0.0.2:0 - no destination available [ 741.783880][T22707] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 742.328344][T22729] netlink: 'syz.0.6632': attribute type 12 has an invalid length. [ 742.351796][T22729] netlink: 'syz.0.6632': attribute type 29 has an invalid length. [ 742.375937][T22729] netlink: 148 bytes leftover after parsing attributes in process `syz.0.6632'. [ 742.425554][T22729] netlink: 'syz.0.6632': attribute type 2 has an invalid length. [ 742.457882][T22729] netlink: 'syz.0.6632': attribute type 3 has an invalid length. [ 742.498493][T22733] netlink: 'syz.0.6632': attribute type 12 has an invalid length. [ 742.538496][T22733] netlink: 'syz.0.6632': attribute type 29 has an invalid length. [ 742.556335][T22733] netlink: 148 bytes leftover after parsing attributes in process `syz.0.6632'. [ 742.583987][T22733] netlink: 'syz.0.6632': attribute type 2 has an invalid length. [ 742.622868][T22733] netlink: 'syz.0.6632': attribute type 3 has an invalid length. [ 744.244456][T22779] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 744.594830][T22791] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6658'. [ 745.669708][T22826] overlayfs: failed to clone upperpath [ 746.051142][T22849] netlink: 240 bytes leftover after parsing attributes in process `syz.0.6678'. [ 746.394765][T22871] fuse: root generation should be zero [ 746.890558][T22888] netlink: set zone limit has 4 unknown bytes [ 747.492219][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.499190][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.228854][T22918] netlink: 'syz.3.6708': attribute type 4 has an invalid length. [ 749.017648][T22942] xt_hashlimit: size too large, truncated to 1048576 [ 749.074324][T22948] : renamed from bridge_slave_0 (while UP) [ 750.762889][T22993] overlayfs: failed to clone upperpath [ 752.197158][T23030] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 752.318061][T23030] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 752.524545][T23038] netlink: 'syz.0.6753': attribute type 39 has an invalid length. [ 752.836695][T23052] overlayfs: failed to clone upperpath [ 754.500853][T23122] ceph: No mds server is up or the cluster is laggy [ 754.948306][T23142] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6798'. [ 755.857269][T23170] overlayfs: failed to clone upperpath [ 755.904197][T23172] overlayfs: failed to clone upperpath [ 757.404727][T23199] syzkaller1: entered promiscuous mode [ 757.445665][T23199] syzkaller1: entered allmulticast mode [ 757.993162][T23211] netlink: 'syz.3.6826': attribute type 4 has an invalid length. [ 758.159730][T23216] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6828'. [ 758.186919][T23216] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6828'. [ 759.384409][T23253] netlink: 'syz.4.6842': attribute type 10 has an invalid length. [ 759.402270][T23253] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6842'. [ 759.434752][T23253] dummy0: entered promiscuous mode [ 759.447253][T23253] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 760.430588][T23292] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6855'. [ 760.949577][T23300] netlink: 'syz.4.6858': attribute type 29 has an invalid length. [ 760.961026][T23300] netlink: 'syz.4.6858': attribute type 29 has an invalid length. [ 760.970127][T23300] netlink: 500 bytes leftover after parsing attributes in process `syz.4.6858'. [ 761.222078][T23304] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 761.235210][T23304] batadv_slave_0: entered promiscuous mode [ 761.644086][ T30] audit: type=1326 audit(1274.591:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23319 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 761.715459][ T30] audit: type=1326 audit(1274.621:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23319 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 761.738717][ T30] audit: type=1326 audit(1274.621:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23319 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 761.760157][ T30] audit: type=1326 audit(1274.621:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23319 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 761.787087][ T30] audit: type=1326 audit(1274.621:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23319 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 761.809283][ T30] audit: type=1326 audit(1274.621:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23319 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 761.832413][ T30] audit: type=1326 audit(1274.621:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23319 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 761.854191][ T30] audit: type=1326 audit(1274.621:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23319 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 761.875995][ T30] audit: type=1326 audit(1274.621:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23319 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 761.951722][ T30] audit: type=1326 audit(1274.621:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23319 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3b18eb69 code=0x7ffc0000 [ 762.196771][T23338] netlink: 'syz.3.6875': attribute type 1 has an invalid length. [ 762.262434][T23338] 8021q: adding VLAN 0 to HW filter on device bond3 [ 764.692979][T23415] netlink: 'syz.0.6903': attribute type 10 has an invalid length. [ 764.715452][T23415] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6903'. [ 764.724678][T23415] dummy0: entered promiscuous mode [ 764.745130][T23415] bridge0: port 3(dummy0) entered blocking state [ 764.753498][T23415] bridge0: port 3(dummy0) entered disabled state [ 764.771492][T23415] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 764.817933][T23419] loop6: detected capacity change from 0 to 7 [ 764.827652][T23419] Dev loop6: unable to read RDB block 7 [ 764.836589][T23419] loop6: AHDI p1 p2 [ 764.840664][T23419] loop6: partition table partially beyond EOD, truncated [ 764.865513][T23419] loop6: p1 start 926365495 is beyond EOD, truncated [ 765.112656][T23431] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6912'. [ 765.172839][T23435] netlink: 'syz.3.6910': attribute type 58 has an invalid length. [ 765.204824][T23431] team1: entered promiscuous mode [ 765.215993][T23431] team1: entered allmulticast mode [ 765.507097][T23448] netlink: 'syz.3.6920': attribute type 10 has an invalid length. [ 765.519910][T23448] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6920'. [ 765.529538][T23448] dummy0: entered promiscuous mode [ 765.543998][T23448] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 767.283511][T23517] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6949'. [ 768.827663][T23542] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6955'. [ 769.299875][T23554] netlink: 35740 bytes leftover after parsing attributes in process `syz.4.6960'. [ 769.325419][T23554] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6960'. [ 769.461191][T23558] 9pnet_fd: Insufficient options for proto=fd [ 770.371172][T23576] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 770.662538][T23593] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6973'. [ 770.952878][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 770.952899][ T30] audit: type=1326 audit(1284.898:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23599 comm="syz.4.6977" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbd45f8eb69 code=0x0 [ 770.968629][T23598] sctp: [Deprecated]: syz.8.6976 (pid 23598) Use of int in max_burst socket option. [ 770.968629][T23598] Use struct sctp_assoc_value instead [ 771.438485][ T30] audit: type=1326 audit(1285.388:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23610 comm="syz.8.6982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc59918eb69 code=0x7ffc0000 [ 771.507373][ T30] audit: type=1326 audit(1285.398:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23610 comm="syz.8.6982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc59918eb69 code=0x7ffc0000 [ 771.577730][ T30] audit: type=1326 audit(1285.398:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23610 comm="syz.8.6982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fc59918eb69 code=0x7ffc0000 [ 771.609658][ T30] audit: type=1326 audit(1285.418:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23610 comm="syz.8.6982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc59918eb69 code=0x7ffc0000 [ 771.644216][ T30] audit: type=1326 audit(1285.418:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23610 comm="syz.8.6982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc59918eb69 code=0x7ffc0000 [ 771.664452][T23617] syzkaller0: entered allmulticast mode [ 771.700188][ T30] audit: type=1326 audit(1285.418:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23610 comm="syz.8.6982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fc59918eb69 code=0x7ffc0000 [ 771.778161][ T30] audit: type=1326 audit(1285.418:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23610 comm="syz.8.6982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc59918eb69 code=0x7ffc0000 [ 772.315822][T23635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6993'. [ 772.420108][T23635] team0: Port device syz_tun removed [ 772.458740][T23643] netlink: 20 bytes leftover after parsing attributes in process `syz.8.6994'. [ 772.971915][T23653] @: renamed from vlan0 (while UP) [ 773.675869][ T5890] usb 9-1: new high-speed USB device number 33 using dummy_hcd [ 773.837833][ T5890] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 773.855120][ T5890] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 773.870901][T23679] netlink: 'syz.7.7011': attribute type 2 has an invalid length. [ 773.885855][ T5890] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 773.899438][T23679] netlink: 199836 bytes leftover after parsing attributes in process `syz.7.7011'. [ 773.915341][ T5890] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 773.923601][T23679] nbd: must specify a device to reconfigure [ 773.942002][T23668] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 773.978676][ T5890] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 775.259032][T23712] overlayfs: failed to clone upperpath [ 775.284547][ T5890] usb 9-1: USB disconnect, device number 33 [ 778.526189][ T5843] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 779.067466][T23803] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7062'. [ 779.095456][ T30] audit: type=1326 audit(1293.028:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23804 comm="syz.0.7063" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f04e938eb69 code=0x0 [ 779.132706][T23803] netlink: 13740 bytes leftover after parsing attributes in process `syz.8.7062'. [ 781.922832][T23875] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7091'. [ 781.955705][T23875] netlink: 'syz.3.7091': attribute type 1 has an invalid length. [ 781.969460][T23875] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7091'. [ 783.037989][T23891] binder: 23890:23891 ioctl c0306201 200000000640 returned -22 [ 783.263177][T23899] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 783.738478][T23919] overlayfs: failed to clone upperpath [ 783.763787][T23916] netdevsim netdevsim7 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 783.783014][T23916] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.950324][T23916] netdevsim netdevsim7 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 783.963721][T23916] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 784.180979][T23916] netdevsim netdevsim7 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 784.206087][T23916] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 784.440019][T23916] netdevsim netdevsim7 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 784.465246][T23916] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 784.688180][T23916] Failed to register nexthop notifier [ 784.755430][ T5890] usb 9-1: new high-speed USB device number 34 using dummy_hcd [ 784.961728][ T5890] usb 9-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 784.978913][ T5890] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 785.018938][ T5890] usb 9-1: config 0 descriptor?? [ 785.039700][ T5890] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 786.290000][ T5890] usb 9-1: USB disconnect, device number 34 [ 787.732154][T24020] overlayfs: failed to clone upperpath [ 787.801236][T24024] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 788.191490][T24045] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 788.530855][T24045] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 788.875866][T24045] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 789.035503][T24045] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 789.983170][T24099] GUP no longer grows the stack in syz.3.7186 (24099): 200000004000-20000000a000 (200000002000) [ 790.030123][T24099] CPU: 1 UID: 0 PID: 24099 Comm: syz.3.7186 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 790.030164][T24099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 790.030178][T24099] Call Trace: [ 790.030186][T24099] [ 790.030196][T24099] dump_stack_lvl+0x189/0x250 [ 790.030231][T24099] ? __pfx_dump_stack_lvl+0x10/0x10 [ 790.030255][T24099] ? __pfx__printk+0x10/0x10 [ 790.030278][T24099] ? find_vma+0xe7/0x160 [ 790.030315][T24099] __get_user_pages+0x2a60/0x30b0 [ 790.030389][T24099] ? __pfx___get_user_pages+0x10/0x10 [ 790.030434][T24099] get_user_pages_remote+0x2f9/0xaa0 [ 790.030464][T24099] ? __pfx_mtree_load+0x10/0x10 [ 790.030496][T24099] ? __pfx_get_user_pages_remote+0x10/0x10 [ 790.030540][T24099] __access_remote_vm+0x215/0x5f0 [ 790.030576][T24099] ? __pfx___access_remote_vm+0x10/0x10 [ 790.030601][T24099] ? alloc_pages_noprof+0xbe/0x190 [ 790.030632][T24099] proc_pid_cmdline_read+0x440/0x840 [ 790.030655][T24099] ? __asan_memset+0x22/0x50 [ 790.030694][T24099] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 790.030724][T24099] ? rw_verify_area+0x258/0x650 [ 790.030786][T24099] vfs_readv+0x5aa/0x850 [ 790.030811][T24099] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 790.030836][T24099] ? __pfx_vfs_readv+0x10/0x10 [ 790.030882][T24099] ? __fget_files+0x2a/0x420 [ 790.030911][T24099] ? __fget_files+0x3a0/0x420 [ 790.030932][T24099] ? __fget_files+0x2a/0x420 [ 790.030969][T24099] __x64_sys_preadv+0x197/0x2a0 [ 790.030996][T24099] ? __pfx___x64_sys_preadv+0x10/0x10 [ 790.031016][T24099] ? rcu_is_watching+0x15/0xb0 [ 790.031046][T24099] ? do_syscall_64+0xbe/0x3b0 [ 790.031075][T24099] do_syscall_64+0xfa/0x3b0 [ 790.031097][T24099] ? lockdep_hardirqs_on+0x9c/0x150 [ 790.031120][T24099] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 790.031149][T24099] ? clear_bhb_loop+0x60/0xb0 [ 790.031176][T24099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 790.031196][T24099] RIP: 0033:0x7f6f3b18eb69 [ 790.031216][T24099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 790.031233][T24099] RSP: 002b:00007f6f3bfaa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 790.031254][T24099] RAX: ffffffffffffffda RBX: 00007f6f3b3b5fa0 RCX: 00007f6f3b18eb69 [ 790.031269][T24099] RDX: 0000000000000001 RSI: 00002000000003c0 RDI: 0000000000000003 [ 790.031282][T24099] RBP: 00007f6f3b211df1 R08: 0000000021000008 R09: 0000000000000000 [ 790.031294][T24099] R10: 0000000000000304 R11: 0000000000000246 R12: 0000000000000000 [ 790.031307][T24099] R13: 0000000000000000 R14: 00007f6f3b3b5fa0 R15: 00007fff27fa4e28 [ 790.031345][T24099] [ 790.676686][T24114] sch_tbf: burst 19872 is lower than device lo mtu (393234) ! [ 791.089780][T24120] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7193'. [ 791.186773][T24120] netlink: 24 bytes leftover after parsing attributes in process `syz.7.7193'. [ 791.710255][T24138] batadv_slave_0: entered promiscuous mode [ 791.732461][T24137] netlink: 182 bytes leftover after parsing attributes in process `syz.3.7199'. [ 791.904333][T24145] overlayfs: failed to clone upperpath [ 791.927753][T24148] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 792.206627][T24160] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7207'. [ 792.388743][T24160] netlink: 24 bytes leftover after parsing attributes in process `syz.8.7207'. [ 792.725736][ T5890] usb 4-1: new high-speed USB device number 65 using dummy_hcd [ 792.875440][ T5890] usb 4-1: Using ep0 maxpacket: 8 [ 792.875981][T24155] ceph: No mds server is up or the cluster is laggy [ 792.880745][T24150] ceph: No mds server is up or the cluster is laggy [ 793.010822][ T5890] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 793.030047][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 793.067291][ T5890] usb 4-1: Product: syz [ 793.083028][ T5890] usb 4-1: Manufacturer: syz [ 793.090473][ T5890] usb 4-1: SerialNumber: syz [ 793.145590][ T5890] usb 4-1: config 0 descriptor?? [ 793.357024][ T5890] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 794.408427][ T5890] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 794.427852][ T5890] usb 4-1: USB disconnect, device number 65 [ 794.831370][ T30] audit: type=1800 audit(1308.788:1041): pid=24194 uid=0 auid=4294967295 ses=4294967295 subj=_ op=set_data cause=unavailable-hash-algorithm comm="syz.0.7229" name="/" dev="tmpfs" ino=1176 res=0 errno=0 [ 795.143440][T24208] sctp: [Deprecated]: syz.0.7224 (pid 24208) Use of int in max_burst socket option. [ 795.143440][T24208] Use struct sctp_assoc_value instead [ 795.152736][T24211] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 795.417353][T24220] overlayfs: failed to clone upperpath [ 795.873630][T24244] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 795.979263][T24249] netlink: 140 bytes leftover after parsing attributes in process `syz.0.7242'. [ 796.835558][ T5827] usb 9-1: new high-speed USB device number 35 using dummy_hcd [ 796.997609][ T5827] usb 9-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 797.013868][ T5827] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 797.042786][ T5827] usb 9-1: config 0 descriptor?? [ 797.321953][T24301] veth0_to_bridge: entered promiscuous mode [ 797.330672][T24300] veth0_to_bridge: left promiscuous mode [ 797.959036][T24313] sctp: [Deprecated]: syz.3.7269 (pid 24313) Use of int in max_burst socket option. [ 797.959036][T24313] Use struct sctp_assoc_value instead [ 798.473342][ T5827] usb 9-1: Cannot set autoneg [ 798.484059][ T5827] MOSCHIP usb-ethernet driver 9-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 798.511419][ T5827] usb 9-1: USB disconnect, device number 35 [ 799.761738][T24361] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7292'. [ 799.986467][T24361] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 801.435536][T24409] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7310'. [ 801.521167][T24409] 8021q: adding VLAN 0 to HW filter on device bond3 [ 801.748527][T24409] 8021q: adding VLAN 0 to HW filter on device bond3 [ 801.759772][T24409] bond3: (slave vti1): The slave device specified does not support setting the MAC address [ 801.792022][T24409] bond3: (slave vti1): Error -95 calling set_mac_address [ 802.631732][T12344] libceph: connect (1)[c::]:6789 error -101 [ 802.642582][T12344] libceph: mon0 (1)[c::]:6789 connect error [ 802.698949][ T5928] libceph: connect (1)[c::]:6789 error -101 [ 802.723253][ T5928] libceph: mon0 (1)[c::]:6789 connect error [ 802.906291][T12344] libceph: connect (1)[c::]:6789 error -101 [ 802.912570][T12344] libceph: mon0 (1)[c::]:6789 connect error [ 802.987959][ T5928] libceph: connect (1)[c::]:6789 error -101 [ 802.998823][ T5928] libceph: mon0 (1)[c::]:6789 connect error [ 803.106029][T24451] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7323'. [ 803.174873][T24451] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7323'. [ 803.202179][T24451] netlink: 'syz.7.7323': attribute type 19 has an invalid length. [ 803.442496][ T5890] libceph: connect (1)[c::]:6789 error -101 [ 803.449093][ T5890] libceph: mon0 (1)[c::]:6789 connect error [ 803.462978][T24437] ceph: No mds server is up or the cluster is laggy [ 803.495800][T24442] ceph: No mds server is up or the cluster is laggy [ 803.521344][ T5928] libceph: connect (1)[c::]:6789 error -101 [ 803.527798][ T5928] libceph: mon0 (1)[c::]:6789 connect error [ 804.545880][T24473] netlink: 'syz.8.7333': attribute type 15 has an invalid length. [ 804.754971][T24479] usb usb8: usbfs: process 24479 (syz.8.7336) did not claim interface 0 before use [ 806.335479][T24500] tipc: Failed to remove unknown binding: 66,1,1/0:2496051202/2496051204 [ 806.345153][T24500] tipc: Failed to remove unknown binding: 66,1,1/0:2496051202/2496051204 [ 807.308366][ T5890] kernel write not supported for file bpf-prog (pid: 5890 comm: kworker/0:3) [ 808.646579][T24451] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7323'. [ 808.669364][T24451] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7323'. [ 808.685565][T24451] netlink: 'syz.7.7323': attribute type 19 has an invalid length. [ 808.931378][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.938446][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.177289][T24529] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7357'. [ 809.507562][T24537] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7363'. [ 809.936536][T24552] loop3: detected capacity change from 0 to 1 [ 809.953062][T24552] Dev loop3: unable to read RDB block 1 [ 809.979177][T24552] loop3: unable to read partition table [ 809.991600][T24552] loop3: partition table beyond EOD, truncated [ 810.015735][T24552] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 813.751828][T24661] tipc: Started in network mode [ 813.760586][T24661] tipc: Node identity 7, cluster identity 4711 [ 813.768759][T24661] tipc: Node number set to 7 [ 816.071150][T24714] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7436'. [ 818.325409][ T5890] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 818.518993][ T5890] usb 4-1: Using ep0 maxpacket: 32 [ 818.543710][ T5890] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 818.557684][ T5890] usb 4-1: config 0 has no interface number 0 [ 818.570994][ T5890] usb 4-1: config 0 interface 184 has no altsetting 0 [ 818.593243][ T5890] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 818.614234][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 818.636658][ T5890] usb 4-1: Product: syz [ 818.644965][ T5890] usb 4-1: Manufacturer: syz [ 818.655061][ T5890] usb 4-1: SerialNumber: syz [ 818.674193][ T5890] usb 4-1: config 0 descriptor?? [ 818.682950][ T5890] smsc75xx v1.0.0 [ 820.147799][ T5890] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71 [ 820.175393][ T5890] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 820.193469][ T5890] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 820.224785][ T5890] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 820.245376][ T5890] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 820.265453][ T5890] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 820.278291][ T5890] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71 [ 820.290708][ T5890] usb 4-1: USB disconnect, device number 66 [ 821.367586][ T5890] usb 4-1: new high-speed USB device number 67 using dummy_hcd [ 821.530691][ T5890] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 821.569080][ T5890] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 821.602774][ T5890] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 821.620068][ T5890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 821.637157][ T5890] usb 4-1: SerialNumber: syz [ 821.879492][ T5890] usb 4-1: 0:2 : does not exist [ 821.916441][ T5890] usb 4-1: unit 2 not found! [ 821.966037][ T5890] usb 4-1: USB disconnect, device number 67 [ 823.233969][T24863] netlink: 'syz.4.7502': attribute type 1 has an invalid length. [ 823.449765][T24870] bond1: (slave bridge0): making interface the new active one [ 823.546349][T24870] bond1: (slave bridge0): Enslaving as an active interface with an up link [ 823.700390][T24878] 9pnet_fd: Insufficient options for proto=fd [ 823.930395][T24883] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 824.162517][ T5890] hid-generic 0000:0000:0000.0034: unknown main item tag 0x0 [ 824.208497][ T5890] hid-generic 0000:0000:0000.0034: hidraw0: HID v0.00 Device [syz0] on syz0 [ 824.902947][T24919] overlayfs: failed to decode file handle (len=6, type=0, flags=0, err=-22) [ 825.247338][T24927] 9pnet_fd: Insufficient options for proto=fd [ 825.262007][T24924] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 826.589946][T24939] netlink: 36 bytes leftover after parsing attributes in process `syz.7.7529'. [ 826.611662][T24939] netlink: 'syz.7.7529': attribute type 4 has an invalid length. [ 828.273394][T24995] netlink: 'syz.8.7549': attribute type 10 has an invalid length. [ 829.097229][T25016] loop2: detected capacity change from 0 to 7 [ 829.132028][T25016] Dev loop2: unable to read RDB block 7 [ 829.165614][T25016] loop2: unable to read partition table [ 829.175710][T25016] loop2: partition table beyond EOD, truncated [ 829.201268][T25016] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 829.271156][T25023] netlink: 240 bytes leftover after parsing attributes in process `syz.4.7561'. [ 830.100716][T25045] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7571'. [ 832.623330][T25141] tipc: Failed to remove unknown binding: 66,3,3/0:91355181/91355182 [ 832.815443][ T5890] usb 4-1: new high-speed USB device number 68 using dummy_hcd [ 832.992332][ T5890] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 833.013796][ T5890] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 833.057674][ T5890] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 833.075641][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 833.104170][ T5890] usb 4-1: Product: syz [ 833.112605][ T5890] usb 4-1: Manufacturer: syz [ 833.125506][ T5890] usb 4-1: SerialNumber: syz [ 833.359242][T25139] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 833.990739][T25139] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 834.328517][ T5890] cdc_mbim 4-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 834.365640][ T5890] cdc_mbim 4-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 834.373300][ T5890] cdc_mbim 4-1:1.0: setting rx_max = 2048 [ 834.517851][T25182] netlink: 'syz.7.7627': attribute type 11 has an invalid length. [ 834.534902][ T5890] cdc_mbim 4-1:1.0: setting tx_max = 184 [ 834.545814][T25182] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7627'. [ 834.556903][ T5890] cdc_mbim 4-1:1.0: cdc-wdm0: USB WDM device [ 834.568537][T25182] netlink: 'syz.7.7627': attribute type 11 has an invalid length. [ 834.586458][ T5890] wwan wwan0: port wwan0mbim0 attached [ 834.592199][T25182] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7627'. [ 834.629704][ T5890] cdc_mbim 4-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, 42:42:42:42:42:42 [ 834.761931][ T5928] usb 4-1: USB disconnect, device number 68 [ 834.769869][ T5928] cdc_mbim 4-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM [ 834.902137][ T5928] wwan wwan0: port wwan0mbim0 disconnected [ 836.425973][T25233] bond_slave_1: entered promiscuous mode [ 836.446025][T25233] veth0_to_bridge: entered promiscuous mode [ 836.455913][T25232] veth0_to_bridge: left promiscuous mode [ 836.461883][T25232] bond_slave_1: left promiscuous mode [ 837.958350][T25297] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7660'. [ 838.211806][T25301] gtp0: entered promiscuous mode [ 838.577563][T25310] 9pnet_fd: Insufficient options for proto=fd [ 838.830278][T25319] 9pnet_fd: Insufficient options for proto=fd [ 839.087641][T25331] netlink: 16 bytes leftover after parsing attributes in process `syz.7.7674'. [ 839.148104][T25332] netlink: 16 bytes leftover after parsing attributes in process `syz.7.7674'. [ 839.396556][T25337] aoe: error packet from 2806.99@lo; ecode=101 'no such error' [ 839.404522][T25337] aoe: error packet from 2806.99@lo; ecode=101 'no such error' [ 839.412578][T25337] aoe: error packet from 2806.99@lo; ecode=101 'no such error' [ 839.420698][T25337] aoe: error packet from 2806.99@lo; ecode=101 'no such error' [ 839.428542][T25337] aoe: error packet from 2806.99@lo; ecode=101 'no such error' [ 839.436296][T25337] aoe: error packet from 2806.99@lo; ecode=101 'no such error' [ 839.444111][T25337] aoe: error packet from 2806.99@lo; ecode=101 'no such error' [ 839.452141][T25337] aoe: error packet from 2806.99@lo; ecode=101 'no such error' [ 839.459810][T25337] aoe: error packet from 2806.99@lo; ecode=101 'no such error' [ 839.499040][T25337] aoe: error packet from 2806.99@lo; ecode=101 'no such error' [ 840.817932][T25359] netlink: 'syz.7.7685': attribute type 10 has an invalid length. [ 840.826392][T25359] netlink: 40 bytes leftover after parsing attributes in process `syz.7.7685'. [ 840.856802][T25359] team0: Port device geneve0 added [ 841.555489][ T5928] usb 4-1: new full-speed USB device number 69 using dummy_hcd [ 841.718110][ T5928] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 841.735456][ T5928] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 841.765469][ T5928] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 841.795079][ T5928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 842.053026][ T5928] usb 4-1: usb_control_msg returned -32 [ 842.068487][ T5928] usbtmc 4-1:16.0: can't read capabilities [ 844.326239][T12344] usb 4-1: USB disconnect, device number 69 [ 844.981073][T25438] loop2: detected capacity change from 0 to 7 [ 845.004735][T25438] Dev loop2: unable to read RDB block 7 [ 845.046025][T25438] loop2: unable to read partition table [ 845.101101][T25438] loop2: partition table beyond EOD, truncated [ 845.145642][T25438] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 950.779345][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 950.786560][ C1] rcu: (detected by 1, t=10502 jiffies, g=138345, q=602 ncpus=2) [ 950.794407][ C1] rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4295032170-4295021668), jiffies_till_next_fqs=1, root ->qsmask 0x0 [ 950.808151][ C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g138345 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 950.819745][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 950.830056][ C1] rcu: RCU grace-period kthread stack dump: [ 950.836089][ C1] task:rcu_preempt state:R running task stack:27192 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 950.850100][ C1] Call Trace: [ 950.853415][ C1] [ 950.856396][ C1] __schedule+0x16aa/0x4c90 [ 950.861044][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 950.866466][ C1] ? schedule+0x165/0x360 [ 950.870925][ C1] ? __lock_acquire+0xab9/0xd20 [ 950.876233][ C1] ? __pfx___schedule+0x10/0x10 [ 950.881427][ C1] ? schedule+0x91/0x360 [ 950.885905][ C1] schedule+0x165/0x360 [ 950.890451][ C1] schedule_timeout+0x12b/0x270 [ 950.895467][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 950.901734][ C1] ? __pfx_process_timeout+0x10/0x10 [ 950.907149][ C1] ? prepare_to_swait_event+0x341/0x380 [ 950.912942][ C1] rcu_gp_fqs_loop+0x301/0x1540 [ 950.918359][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 950.923412][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 950.928640][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 950.934123][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 950.939455][ C1] ? finish_swait+0xcd/0x1f0 [ 950.944264][ C1] rcu_gp_kthread+0x99/0x390 [ 950.948975][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 950.954410][ C1] ? __kthread_parkme+0x7b/0x200 [ 950.959486][ C1] ? __kthread_parkme+0x1a1/0x200 [ 950.964770][ C1] kthread+0x70e/0x8a0 [ 950.969041][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 950.974503][ C1] ? __pfx_kthread+0x10/0x10 [ 950.979505][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 950.984742][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 950.990068][ C1] ? __pfx_kthread+0x10/0x10 [ 950.994877][ C1] ret_from_fork+0x3fc/0x770 [ 950.999511][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 951.004660][ C1] ? __switch_to_asm+0x39/0x70 [ 951.009545][ C1] ? __switch_to_asm+0x33/0x70 [ 951.014368][ C1] ? __pfx_kthread+0x10/0x10 [ 951.018994][ C1] ret_from_fork_asm+0x1a/0x30 [ 951.023905][ C1] [ 951.027097][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 951.033614][ C1] Sending NMI from CPU 1 to CPUs 0: [ 951.039036][ C0] NMI backtrace for cpu 0 [ 951.039052][ C0] CPU: 0 UID: 0 PID: 11902 Comm: syz-executor Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 951.039070][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 951.039080][ C0] RIP: 0010:kasan_byte_accessible+0x16/0x30 [ 951.039116][ C0] Code: 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df 0f b6 04 07 <3c> 08 0f 92 c0 e9 c0 6b 49 09 cc 66 66 66 66 66 66 2e 0f 1f 84 00 [ 951.039130][ C0] RSP: 0018:ffffc90000007b40 EFLAGS: 00000802 [ 951.039146][ C0] RAX: 0000000000000000 RBX: ffffffff8b691347 RCX: acdb2924b42a0f00 [ 951.039158][ C0] RDX: 0000000000000000 RSI: ffffffff8b691347 RDI: 1ffffffff33a43a4 [ 951.039175][ C0] RBP: ffffffff84bf861a R08: 0000000000000001 R09: 0000000000000000 [ 951.039185][ C0] R10: ffffc90000007cb0 R11: fffff52000000f98 R12: 0000000000000000 [ 951.039196][ C0] R13: ffffffff99d21d20 R14: ffffffff99d21d20 R15: 0000000000000001 [ 951.039207][ C0] FS: 000055557976d500(0000) GS:ffff888125c57000(0000) knlGS:0000000000000000 [ 951.039221][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 951.039232][ C0] CR2: 00005555797885c8 CR3: 000000004b7fa000 CR4: 00000000003526f0 [ 951.039248][ C0] DR0: 0000000000000001 DR1: 0000000000000006 DR2: 0200000000000001 [ 951.039259][ C0] DR3: 0000000000000003 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 951.039269][ C0] Call Trace: [ 951.039279][ C0] [ 951.039285][ C0] __kasan_check_byte+0x12/0x40 [ 951.039305][ C0] lock_acquire+0x8d/0x360 [ 951.039324][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 951.039347][ C0] _raw_spin_lock_irqsave+0xa7/0xf0 [ 951.039370][ C0] ? debug_object_deactivate+0x9a/0x250 [ 951.039393][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 951.039422][ C0] debug_object_deactivate+0x9a/0x250 [ 951.039449][ C0] debug_deactivate+0x1d/0x200 [ 951.039468][ C0] __hrtimer_run_queues+0x2b0/0xc60 [ 951.039495][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 951.039509][ C0] ? read_tsc+0x9/0x20 [ 951.039536][ C0] hrtimer_interrupt+0x45b/0xaa0 [ 951.039567][ C0] __sysvec_apic_timer_interrupt+0x108/0x410 [ 951.039587][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 951.039604][ C0] [ 951.039610][ C0] [ 951.039616][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 951.039633][ C0] RIP: 0010:prepend_path+0x862/0x970 [ 951.039655][ C0] Code: 74 24 68 49 ff ce 4c 89 74 24 68 4c 89 f0 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 fd 00 00 00 41 c6 06 2f eb 05 e8 3e a0 7f ff <48> 8d 74 24 68 ba 10 00 00 00 48 8b 7c 24 08 e8 1a 8b df ff 65 48 [ 951.039668][ C0] RSP: 0018:ffffc9000b43f818 EFLAGS: 00000293 [ 951.039681][ C0] RAX: ffffffff82408582 RBX: 0000000000000002 RCX: ffff88807c888000 [ 951.039692][ C0] RDX: 0000000000000000 RSI: 0000000000000ffd RDI: 0000000000000fe9 [ 951.039702][ C0] RBP: 0000000000000fe9 R08: ffffffff8fa0b3f7 R09: 1ffffffff1f4167e [ 951.039712][ C0] R10: dffffc0000000000 R11: fffffbfff1f4167f R12: ffffc9000b43fc80 [ 951.039723][ C0] R13: dffffc0000000000 R14: 0000000000000ffd R15: 0000000000000000 [ 951.039738][ C0] ? prepend_path+0x862/0x970 [ 951.039762][ C0] ? prepend_path+0x862/0x970 [ 951.039782][ C0] ? prepend_path+0x4b/0x970 [ 951.039807][ C0] d_absolute_path+0xa1/0x140 [ 951.039829][ C0] tomoyo_realpath_from_path+0x2c8/0x5d0 [ 951.039856][ C0] tomoyo_path_perm+0x213/0x4b0 [ 951.039873][ C0] ? tomoyo_path_perm+0x1e3/0x4b0 [ 951.039888][ C0] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 951.039924][ C0] ? __might_fault+0xb0/0x130 [ 951.039942][ C0] security_inode_getattr+0x12f/0x330 [ 951.039959][ C0] vfs_statx+0x18e/0x550 [ 951.039981][ C0] ? __pfx_vfs_statx+0x10/0x10 [ 951.039997][ C0] ? strncpy_from_user+0x150/0x290 [ 951.040022][ C0] ? getname_flags+0x1e5/0x540 [ 951.040042][ C0] vfs_fstatat+0x118/0x170 [ 951.040061][ C0] __x64_sys_newfstatat+0x116/0x190 [ 951.040082][ C0] ? __pfx___x64_sys_newfstatat+0x10/0x10 [ 951.040120][ C0] ? __pfx___x64_sys_umount+0x10/0x10 [ 951.040138][ C0] ? do_syscall_64+0xbe/0x3b0 [ 951.040157][ C0] do_syscall_64+0xfa/0x3b0 [ 951.040174][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.040189][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 951.040204][ C0] ? clear_bhb_loop+0x60/0xb0 [ 951.040222][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.040237][ C0] RIP: 0033:0x7f6bdf58d37a [ 951.040252][ C0] Code: 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 0b 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 90 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 [ 951.040264][ C0] RSP: 002b:00007fff3549afe8 EFLAGS: 00000286 ORIG_RAX: 0000000000000106 [ 951.040279][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6bdf58d37a [ 951.040290][ C0] RDX: 00007fff3549b010 RSI: 00007fff3549b0a0 RDI: 00000000ffffff9c [ 951.040300][ C0] RBP: 00007fff3549b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 951.040310][ C0] R10: 0000000000000100 R11: 0000000000000286 R12: 00007fff3549c130 [ 951.040320][ C0] R13: 00007f6bdf611bdd R14: 00000000000ce74c R15: 00007fff3549c170 [ 951.040340][ C0]