last executing test programs: 2m36.376790741s ago: executing program 3 (id=1774): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00') fchdir(r0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000001400)={0x1, &(0x7f00000013c0)=[{0x6, 0x10, 0x6, 0x1ff}]}) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', 0x0, 0x8, 0x0) 2m35.523999926s ago: executing program 3 (id=1783): r0 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0xa9d7, 0x800, 0x1, 0x3a6}, &(0x7f00000001c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4) r3 = socket$phonet_pipe(0x23, 0x5, 0x2) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0) 2m35.455309483s ago: executing program 3 (id=1787): r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x300000f, 0x12, r0, 0x0) mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x0) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) 2m35.441354608s ago: executing program 3 (id=1790): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x110) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240), 0x50, 0x0) 2m35.354445768s ago: executing program 3 (id=1794): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000100)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @broadcast, @val={@val={0x88a8, 0x0, 0x0, 0x3}, {0x8100, 0x5, 0x0, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x68, 0x2000, 0xfc, 0x2f, 0x0, @local, @broadcast}, {0x8000, 0x6558, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x9, 0x100, @val=0x80}}}}}}}}, 0x3e) 2m35.066664031s ago: executing program 3 (id=1804): pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) fcntl$setstatus(r0, 0x4, 0x2c00) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) close_range(r1, 0xffffffffffffffff, 0x0) 2m35.013923406s ago: executing program 32 (id=1804): pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) fcntl$setstatus(r0, 0x4, 0x2c00) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) close_range(r1, 0xffffffffffffffff, 0x0) 1m15.313010361s ago: executing program 0 (id=3510): io_setup(0x5, &(0x7f0000000240)=0x0) r1 = inotify_init() io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) inotify_add_watch(r1, &(0x7f0000000340)='.\x00', 0xa50003d1) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000040)=""/182, 0xb6}], 0x1) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) 1m15.072204315s ago: executing program 0 (id=3512): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c) r1 = fcntl$dupfd(r0, 0x406, r0) write$cgroup_pid(r1, &(0x7f0000000240), 0xfdef) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, 0x0) 1m15.070305873s ago: executing program 0 (id=3514): r0 = syz_open_dev$loop(&(0x7f0000000100), 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000040)={{0x1, 0x1, 0x18}, './file0\x00'}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)="180c4552", 0x4) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000400)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x800000000000208, 0x0, 0x0, 0x2, 0xc, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100000000020000ffffffffff00", "2809e8dbe108598948224ad54afac11d875397bd3c5240f45f819e01177d2d458dd4992861ac00", "90be8b1c55080000000c547d03d8a0f4bd00", [0x0, 0x6]}}) 1m15.016309588s ago: executing program 0 (id=3516): ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000040)={"250b91ba475c9a6d6f1c158740d47427", 0x0, 0x0, {0xffffffff, 0x6}, {0x400, 0xe44}, 0xc0000, [0x2, 0x1200000, 0x3e1, 0x8, 0x3, 0xb, 0x5, 0x9, 0x43a2, 0xfffffffffffffffd, 0x0, 0xa4e, 0x9, 0x9, 0x5, 0xeae3]}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000238bd7000f8dbdf2502000d00000000000000000008003f"], 0x24}, 0x1, 0x0, 0x0, 0x4008091}, 0x41) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}}, 0x28}}, 0x0) 1m14.963975695s ago: executing program 0 (id=3518): r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=' '], 0x40}}], 0x1, 0x40000) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) r1 = syz_create_resource$binfmt(&(0x7f0000000400)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') openat$binfmt(0xffffffffffffff9c, r1, 0x41, 0x1ff) renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) 1m14.911691997s ago: executing program 0 (id=3520): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x10, 0x0, 0x7fff7ffc}]}) close_range(r0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r1, 0x2f, 0x0, 0xffffffffffffffff, @void, @value=0x0}, 0x20) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@fallback, 0xffffffffffffffff, 0x7}, 0x20) 59.676142177s ago: executing program 33 (id=3520): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x10, 0x0, 0x7fff7ffc}]}) close_range(r0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r1, 0x2f, 0x0, 0xffffffffffffffff, @void, @value=0x0}, 0x20) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@fallback, 0xffffffffffffffff, 0x7}, 0x20) 1.583238089s ago: executing program 1 (id=5261): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x7, 0xfff, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b8000000190001000000001300000001e00000020000080000200000000000000000000000000000000002000000000000000000000000000a00200000100000", @ANYRES32=r1, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000089d400000000020000000000000000000000000000000000000000000000000000000000000000000000000000ecff000000000000000000feffffffffffff"], 0xb8}}, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x7}}, 0xb8}}, 0x10) 1.581414574s ago: executing program 1 (id=5262): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000000)=0x80000002, 0x4) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000000)=0x80000002, 0x4) sendmmsg$inet(r1, &(0x7f0000006a80)=[{{&(0x7f0000000340)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000380)="9b", 0x1}], 0x1}}], 0x1, 0xc804) listen(r0, 0x9) 1.293897267s ago: executing program 5 (id=5273): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1) 1.29345218s ago: executing program 5 (id=5274): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$UFFDIO_MOVE(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000bb6000/0x4000)=nil, &(0x7f0000591000/0x1000)=nil, 0x4000, 0x2}) 784.602362ms ago: executing program 5 (id=5276): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x2c}, 0x94) r1 = socket$inet6(0xa, 0x3, 0x3) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'bond_slave_1\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r0, r2, 0x25, 0x0, @void}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r0}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) 710.474074ms ago: executing program 1 (id=5280): pipe(&(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x2, 0x7fff8000}]}) close_range(r2, 0xffffffffffffffff, 0x0) 693.771816ms ago: executing program 5 (id=5281): mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) llistxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) syz_fuse_handle_req(r0, &(0x7f00000021c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b16413b6139c84d300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbd2d00900", 0x2000, &(0x7f00000041c0)={&(0x7f0000000140)={0x50, 0x0, 0x1000000000, {0x7, 0x2b, 0x0, 0x20, 0x0, 0xfffc, 0x8, 0x0, 0x0, 0x0, 0x10, 0x100}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000004300)="c1b0ad27d26172a2282808a63b3666a169a53df2d890fb5a415426c6ff9bb87f8efb6ea14cfe80e636e7de7e2b18b78f80a1e4c84f02ecfed07902492c1d761451483d0b9c75d1bce9e4a0d1f8a9bb1a22b951653bbce82561c6ac0fc2eaeb3fcd942b78b746455913dbea328ce1088f52d7cb35aefac657784f2cdd576c15bb8db65205430d6a1cd094d749955b73eacfddece7cb849c1554eebb88d05d597b840ebac50de06d2efcc88cb3bbdaf6388332964078936c035bd3e3f56e545ba683f4523df2d6034d5086890db8e3922638a6196fe0a1a026ef632f8c6c6ac3e66228e9c15abaa010f956968240f31f97ef8da03d671ad3d48e135c880c8e096e0f39cdaf38d0203a20362c985b38cefac182d22fb4b709c8c1b5dea4eb5e6dde7af7793b120ba2eadcb892c53de7ce0ab712ef33721121fcf841fa1d35f7a2e9ff1b054adf64e6e2261e015c9a0dd0b8d8fd363ae1bd8ffc28d41b681ece5c4568cf6adf2815b618e8308dbd1c2e664c178a4504e0a362291ac5dfa1115709d42fe8bfc92f109d60c12d43fc204a8f3458b199adab770d51eacae9eeaa4cd1569f05dde2f71e2819dc64c2c62441e4cf281acc54f88741ed1329343e0dbfb356ab7fd3732a93b2a15fac46ef120745cd49b7e65421595fd81fabaee29a28bab508c95fa74d8884c4edd6bdea3c71e8d230c8e666aeaadf6f4c67846ad43a3f458123508c77df0b13c25b3414220600e35dd2d44bbd78d7902f767dfcfb6001674106a6a952f3a47e78758893cae3bfff8d053842642c3f9eb512e12ef09313b2a823e1c31dd45b236824b057992101016204d48e1d3f7f42503b20f549371f92688624089b5460b724307b569f8570c5eba6c243702370f76c0ef78d59d5aef447852c9102618a9811f8440abac9e78a7613b00ecc1b0f6dd9c477701a975fe07c95bc35237d33f7368b9be2986566f310f16a189fe0438ae0887384b10f80b2635493839b3de154c8fe5bc020164e062d77b4826df0eb2af18c8a9e5b28c3d2849bbd29628c76306cf7f4433e0d128a93f5b12a2bea9ed9b3a85e8e4896ec6ce0ea8ef4471cd9db37d91b3f45cb72c2781864c820e4e267e6a650a3687eac83d7b010c621c1c52717b98335df8e87390e5a76874bf31993e1a801f4fe8dc9222877c693fc043d38f54b9422210f2a023f496149def0a9e936c4adbce6a290113b2fb40c5e3e79a0797cd37c2e1731e0143bb5d8bfa51c226d02d567b50c63ebbc64e1d44e120e4cb0fed4347528df660736b99ea3235e83da0c167a015cb3e7a57c5e9072b2fd358cdb20127deb4f37deb2d09ef2b2795ccb52f3bab0f5abcfc37bd0932e55f92cba6e468fb3175b983ca8597327fe67fc1aa89f6d1829ea7eeeec41e3920a51ac583489abe8eb5c1c841d4969a06fde61fa56e59f8f0f64b19071d8a84853047a3d766e82cf2c651586ac3f877c8909ed056b1828fff9211e414b8b8f5cd38542132d9562abae4bf63bbd0532208199e4d2c59b1e5d9a438f026d01c40fd0b8076a9e933e65e65ff9ea0fde753edc738aa079b6695c6055ac2690d6d928e9046c446bd9d0c3e685eee30f7a718436cfa917f678cfdc2f7f72e7bbe508cc64239597f5969f4a750cf1f0f5a646018eb1c35f912cc4c888da888ae8fad773fe47c6a78a63af9b035e15eb790a7ccff2f44d70acd069499d7db8bd02bb6bf252699d8d46a8923f21ba967585be41b79e4d653ab2fba065610ca31e683a5cd5b29678f45eb2593700b361919efb0dffa1782b70d0a4a34247cbd9b240536ce6d46615ec96387e05f60375a2fb8977898cdee503b1fa20924fdec96a1930dac55dddd2eb612c383e4eff4e95f6cdf88047fe76ce9dcbf18a6f81d091f8e767be97b105dbc709d92c6f25d785b4972cafaea96bafc82cdbd4525340e37903259117b8ab63bbb9fb34cf23cdc48b59f7bd0b50ea12950e424e706a5d9ef4d69b334a5de6629b2b585d64688dcd5d4230fbe6f8043e99e9942d13973568b789a34a3ec7a70ff4b34ed4f28a1ad2eb31d8c81ce77d8b554749522c149944a08669ba48926dca4429fe817a7d91f373db7a100f74d6a062ad5e9ea20c77fb575a0c54c5eafd640ee770c844c813d9d807dd80333571840bd8b4b6eae859ddef2f6dbffcd7040691e2228f927faa8c82de451e60303267df50e973b0c6c7f0738eb8cc82b899534a41ae37ede81b72c38d57d82c59f87a8acf456229cced3bd6da6003d1f456ab5849b4dce78b05eddb6188d69cf8ac5bc16799e99021b5485d5ce080b328e7e11e4bfc083a68d9ec22007fae9b04bd167ce4b8f455ed6419501ab6ca434d6418a8f8baf09a66a51ba426f61ccc2f30acfeb988f3a1f36bface215200b3ed62a3d2d74f7b8c0c8244472cc77fbec96721c55d10ae299fb1aba8c45ac1cc882ce964250b30d81bf8a8be110b9f8af1aa644313052e00ed644dd87ca7df34a50ccc3602f7d3ab93fd6ca19d5b9a06894a8f91d3aff8a3cd52fcd3af7adcc7f9ddfce8bb74b714ffd4d2e76cfe60b44a47b1d7fb2bbf0c4a3dac47edd09888fdbe781071900a2e473b4daeb545561ae8f34b4eeaa60f44900684ac1f620a6fa54e562de40645158a5d8c36e3d9027bfc65274ffc8bfca8c03d464047485c3db1e54294406d90ed05c3b0d2d4e66d5e992b99dc3ede4be703d2f31dfdc5dc8c6ef01f43b42306f4a4825be7499afdc8ba1c02e3998329726af89e030be58ecdd20bf8b5d7e5f81878791f92fbd000aa1f9c2bd0aeaba2cecdeffb476dbedf37692d23dac191dfd2f7633d04a0826512b79bc1f8a6737b9b36baec7f5a4555fc7054458f9c7169968ebac29009778dd739e3a5b6cb2f0a6ae0fcb4f545e89a61ad993e42dfa7a283bd9f3d2eac7797c345843244320da0ccad437458512747f321158cdad67ca63d9e3eb187c2fee00d5f9e20266e103317a54293a7ba090b40174d0232bfb2ebd8576adf8c8a9f963fe12a592fe19af02d6f684dbba4a2d6d98003f60a728b1e7b524cbf248666a88d6f19c4937db31e56b4f5373f8aa16926f7ec75da8a76cc340376958175d6f23585e97bee88164cd2e2df5835474c6cf21f65754b98766ab47857d3008be18186792ecc604fc17519cec1d67c727c84299201ba77ccb7e60aa7b912fcc61b5ae4f580a90892b6e7cc3610b357ba6ac5b377cf43bab2970ee240525e12767611842d1d52fe188f125d018889e3e2092b7a39ddb57c0546bb17ec2443e1bdc5a763c9ce5f9b528ed14134694802886d4420f02ee9574f62e6bcc456028663f0b1399d86599fe0047d93a2eb162d2fa13385192bd4221e41bcc61511e43103550f958ba6dfd5e1b855b82a543e8e0766678f1cdd1214a399aeef014150baba0556212132dbf135319868b9ff93adf51eefa64be829362388e2659101a3ec85e0bb5119423b60819aba5c3b8823b5e37f469783db165ff4cd2cd7306f163c0e4ac8695747b571d7941e2bf1be981a48e71f336bbcc20ccddfae7bdc7f94ab62dfda1d552bdef955189eeadc9bd710c2a3a8c9d414c45d2b99ab8b4e92f8fcf2b83380d079b3dd3ddb0978dadf5569f70444e48f26d32ae410a88bd7201a84b4e3b44a1764ad6428a8148907e86bb0a09cfc1191eda8202d3160c8a4716de885ee80fbbbb2278fcbcbfd1c76b1d55ccbb9ed228de215f5104a9a0b4d647b1fa4bc786c68bee29f5229ab9cc3ca0729199eb7bd2ec9e9be7d833b13586882ea069e2aac144f22442244655c33759aa1e101f87836ad0cb16ddc6e36a66a8755acd52b4e446c0e974756a087a725a95ef59121d39f1c75fa136d7212c71a14ad5579be27c1dd0af8f9e4fb9b407e2bbbdee423486c4d5127fcf5107177b1e21e81f1758f4c304f40c0eb35627113be1e4dcb06d209ca06696f214ca260721c4ce7b4d82db24f024c74786c8d6ba7c73f495eab53e545c44b53a78f82d0aedfe04b798bbe125c8622eb5a2a764cae9c8d01380d464bd2dc7a1b0eb2bc431ae432ccfa81f2913af53bd714fe97d958c928534aa2f7caff6cd926daad3e6ed4c44bd3dd3e1a3fe0e12e8423a79c93d7475e29d036b2491e3ae7e50e4098c107abc4eec102808c8d643c4d4ec5707ca06a0b584bbf1bdbfda771a708002ab235fbfe91923b95fe8f4decb6ea6f1022bd98b6f7df5b457a198f2dd8031db5998c56acb30526ac7a7ef157b269259d6606a91b13bc09db05d4f1ae91a8d4fddd9038e5c03506447a483f8759945ec9700b5ed83c7097c177756773c8a250c76415ff43ff091d2015452b8803297e882a832700cb2d4c5c09c9aff61aa04f9cfc81e3d68911c7029a9ab79bdf72d2814068c828c86aadf77bd56953019ad507f5e059ff6ddb5562722acb3193baf88f571a2aa6d575c35506569720d4829f4d29d155bbe186cb72707eddaab43052871ec43dbc5018c1ce41120bc53f2cae7ebcae5bfb42dd1a4d17f782638ffa9747802cb74c61ebd2936d35ae926dae166ae2ea88effad9467bcd028d733da52576db8892c7b77fb5c97814845e3651f5bd759edd3c72704cc3035cb9e15684a0e17fa0b5704a6ac35576643d6fdbee7c7d05e9f0b0ba3e691e2a281913f2f705077277311ae7b8ae3cf287faac63c8cb0534f8610aae68bfdc2e860dafca682af8ec0d73f5d521dcbd3c8b403ef5763c46a23f307c798a550d3a14c1a9db153c8f1b273cc2bbad5a3450ebc2b391f0e44a3223864a193df9fa27ca15293e36fd461bb4ffa6ca73ae5f2d79933b53e05c59017367125aaea376a509a20c9840100af4f1119f1a8cdab0b835c9315144b22335fda48835dbd7d32ac735f71f69a3fb2c593b5c344f23661ff3729e7142b6da61645f8446e2de64cd637186a66c45efc3ab13db3a9cd0117a3adbb44deae4944a9fd466a4f69af5a959430981deed8994bdfd060da92395e23e449eef961d61e82a65a4314ceb4fe3daa08bbda05ef91d70f549fb7959441cd19ac01cf221b83d6e75c3ad224eadcc3f74b097d2d9edc2ccae58ea09ad3af5bdb3e6b3e81ec38542b927fbfcce573b2ee2f2a71b14a24c4b5a443983665be22bc25251af121920540dfcf8c1f2d57d8f721b48efb9555690fbc3bab0fe71708f3edecc8ffd615b1af7feb0e893c3a458019764d16887dc2973333fa70aac3f5400bcace8dd0c8cd8c79bb1e28e744b6fd1a9a424c5f38cfe256df3e3d252a8941a3691f57098dc8658a93889b29690eb2406586ad10df48c0a34f90a37e5ba6583450946b96fc01867f462050f419058e490e5a0720258885b247f65c4db08b41f8236305daa37f0b83fe327f73a8d65a1d49986de9d8ea076c69003df5984926d0e39d30a41e4a660ef2242f42747a944d7664169fd41d0352d4362ebc6c2519dab028d904e8ca00921c936cdb197ae9f096a53c99d643ab30492be5144bb799dbde12499198c3cfb1483a2a29083fb3fb54957b68590526ef4b5a7fde45c773cd5e414f4ee4db79ba92c7a8c2cf77d3e0847f788ea6fcf10cd208ca5d04ee496f70ea0170bc60da6edbd95b444c100fddbd2e878f934c89b82480b16df600d236299886ff71612493eaaedddfa1dbebe596c8e3b8b4cdc2d231ce7e8df0f242677e6b5c3d2815b9e65e29c80ddee5c711c861950ae60d1b882803cb6c776598936d498c3a800fd1091005638efa23dab3eecd92c8a03734dec8f078e172d000313164f613f02ee24bda86e67adbcf618137a7ec3cdecf7829a8bf2546f62235d92c14ad5b39c1536d923dd579520055b1f89ef17240b89a616caeccbaff0db4d8fa087b5b2c7cadfe4507e0d351f5b045a5e401db68a8186f78edce6be621dbc5ba76b0ff3f406161b170354ca24d128d3a8bd02b7bafc1085b3dab482eaab63f1f165bb0d2d28f70bc9eee4e1fe31d73d12224363562152df7123f1977083534f8ae502984d41c593433be1936ed3296c5153dec58811d603efa95e4d895b9c8ae96af097a644dbdd0bb0aa8d3711bb8b494f3da0fcf48ede0ced49c031ee191e056426dd86276d69640fb1013747022d5b998b4fa7256a0474d2a9e183bd733d335d7208105b1c8676419d1f0252065c7de75c55cb0d221dc8e0532112403c215933ee84e654ebe4a09b34e4c747b34232344c2d3bf83ab53ee7b85f4a3f88914fe79a4f15c4c98a3ec126591591b0e6167e2544523e9070e830d792c78c693d2e6981015dea70a83982042d67a7f5229d106851c32933597e03ca171bc27c2a61380b8e58c41dd9bb808b4b308ab5ce45ba022048e02d89ca1a329f5a9cefb861ab3cd0a05236d58113b47592b0389ca6416b92ebbb367a3a41203d0baba90e8046412b7c23bb027e7cd656cbc864e38272545f66b712fb6ab080f972cd09c92c615a04ada2e24c74c1320ac02fc9ec077e5d5ba621aab5747bee120f5aaa9cb6ca91a162f06415f152cdc79f4117e0cc6fe9bfe53e7e396d5f21ad4328caec1141baddb16a7305ba49bd427e835dc23baae24e559ed66c215662ab3d517d87daf6dc4d2b4c8a3a0c77d65a9df67e756b7b719dc262b15891ccd9545919a5c63577be273276fc39df50dd9388e09fe3bcf1366df9df85fc9b8ef26651c439b76d73c40566fa035736d598ea1d77e1051a785d1717fedae7c687307b277e195555fa6ccaea28c57e07d84f51fb5ef64df87f62c651264ac4b268d116924f0ce008b6355f9901d74d7e8f0b440f337e51cb83fefc278da96edc32fec1012eb955493d8081885ec3dbe94e927f2b490b1bec6fc4b125008153706559a38e147e54d20917ab9d6bb5edf0550f5de539c7fbef949019b339f454be50a056223ccb014bbc078f04c01c8aea18ec58befeb4143c4fe2b6d23f487ff30309ef3098a2632761876876c2073b7cd3589af3407ed921654683739551fe0cb65959181033b2d2de8482f9dfe9279a2febdba75f7523ae92cd89345494c41a3371f0d4c501f817aa751dc2e4c42597cf72baad04076cebbaa100fea0b0423eee35e32aa60831edb4c772dbe08918a9ede0450dd76430d47b3ebe097b99adaedf6b17dd649c25b77a81c0b1c1cf8447b69638be8872a9f17007f988cc5a555048a727078b5de08ad71156c0446764ef687e2f4bb6fcfe104c5dc862b5e78df61beeec1b1a026dc7283f65035cd5026624daec53c7b025953d9c0266d3e6f02f11931a088e47484230c00c3d6f3b72d095a66b1f87204e739f1b6d4716bb863b6b125e26c7c8e07596538f59b48cbd41250eca1efa85a9e185bc2d8a20787cb66be568f59ddc34a3b207a874d7aa4351da7df89a2ff1ff22bb9d69c177195686bcdc2f04724c8764696f7ef4a75a4e0dd875f07431883da3f9f9cbbc9950e57cfa7bb00b2b8ce162c807cc4d88dabdb91549d2d9a91b74ad5e518ad58c391be582423a5fb29e9aa792a2703505b578fd8c73f4f77c485916ede77a9f36be6a12391de7fdf73fdf1db6766ef38c23902be933c49ee8917858e8ee29559a2c2dec20e4a5ad650c52f97d1648f12733ef65466ce94b1268fbec2aef918c4d20886a373b6d3b5fa8b9dcca9c35033e2165803b55a34d87e012cb402ce79ae6de18a4cf57a89ad8dc698bf321a4cb0af1a4d5cdea3da832e3b44f3a47798fda07fc229ac89dde9d4f57b2f8305999400e69d2c5c8caa1bc98ccc833ccbae1682c6993f131a03466303cbc294ba22add02036f73149b2db98688d6462041be3d274d5217c7a6891694af9e2a626f8ec4d4ccb8d4946ef18904ad47a84c7a619e87e773126f61e30d5ced5232e14b6abfb4d44ad05ee999d4d54d2c751cd7c5c9cacfac6f7d47b9f97560038b0baa5e635b553a84f3cbeb04632a9abeb6740ea4ce627f60cd5e6aa71a7e2c205bc90adeb3d61bcd66f17d1296e0cd383b1fc38ad4e2cfd05d4a4ee7371f756eeaa0525bd1673f0070f9f5ae099a29e4c325015d9372ae27635d2eab686be9dd96ec2c014acd8123fea35f97d7ecb5e9bc8359b397e8c0c3b90658aa9fabdc8f9f4bd565dd6e20fc871b658fc3e5944efa972d80303d7a66dfd159e904dbfd894009291ddafdfe3a5c502755b5a3dbd89792b8e5633d6f81d23b63f599fc1f29d679f64afa697260e1e6a10ec075355b58ed9007408a379d3c890bcdbea8604e51c0520be1d8c1f10b0a91d40d7ea9ef9ca2c283153b902700635ce65c3ab69cf3107e2017d8a72160f1794136185afd57c743af49d84fb535fef777e6c6f2a18a04fce9618778c832a608861bc7dd7eab315644f998595d07c5a41bac3e7270a871257802d26f42c454c797414e0d5de88ad611c5e3a05ce76df1348e26509f52b7b125eebe5ce1ec0245bf23c153d807ec87592f37ed65c8ac086be9d169cc31adab8da3fc2e2dad0519c0a68cd6cb202c99f5ee48a65c6ac27b0d489faf3083fed64ee5b078d0092d5939fcd01b2a71dbf007367fcc56e2f62904be4097fd7c639caa8a390a59be7a6e46aae93667a26654fe461c043bfec083f065726e66b5f12d9e7013500068de45a49a87dc2d0933287e7575c9f3914071c110c9a8f492c67fc48784aea5c22d1ce26f3281d6deb14da66d69ef6ec8e9080ef0d543bc6ce58b177c01ade4232688fb252d6f3e1ceba283d1d59ae82a15b464746df9bec915f00a184469b846a19a7968d9b38e476e3aef47ae41ed8a7d4d3cf744da190747ee3266ff689428d372545f28e40713615b7f886e1f294056a95f3e50e1afa211ca3a2f4a04535646bf9f4cb709a5ecf437807072cc8b77fbed51e01bfac16c73876a5d2d4916555f7084a772847356855c69c193d8db2d37d8c1a5e6adb2169ddd3bd5b7a2cbf9418d00f174295381d51733924bfdc46017250df28679d6b378cc316c67198b57634f46d5f9c169fde3715ddbeb792fd2c1c74a7f97101d373351037c73af2643b8952665eca13f874aace302f60681e12523b6de8f5c5750d4fb480fe0cad1546af7c88426319baafceccca2b49fe96d2ff446a4867cc0ff6ef7845c93c6a6f2bbeac1e31d5d95618c990646a86b691ba387f6b31f75a69fc68e52c7efd0a1de03be8455514231e04bf7370ab6b49d931f4b581b52ca6e0b104bbd07013651d048dcc5271bce8de0f855c4d289a70b19fa616cddbe27b217116d3a52dfb590df3f932e9fee79e34b42844d4efe8a31844694ffaaf811d72b07ab4a281d75c4dd73f7fc82f9beb49e9ef70c72c31c6b7802ad77d25b405a002d63ba30c078aac97ad8cb9ac85299024c6dba7912c3844ed27097e6852a4567d332560e54bb835d2bfbc31a9bc181f8273b878349c9921c6cbd5466fdea1da224f5361c0c50c5fb4f6ccd9f15f6febea4d24265131cc991d85a5d3bf28ce78dd79a5ddff2b507c8b3d38ece81b386f428ed6cf9258657e7647dfa8a8b12ef5ce051208bf44e2d973885f72835f55458ed6cfcbcb75d998be711af59990eae176c637439b79ad8c41b1b71858a90e65aae941d92a2e9616784ad513321da97a2d1036d083c41eeacb374ca45904d6f205101b5e894cd3f0e2d7b8a737a07802a3a74eb4db792b204f69bf3278fff2538878634b84746b51a87d3364c64a860c568d82757761773b137a1f92fdb012c4f38add32dfd4cf0a6b6ccb8e7958abf0d8ab7cbe7c32919e3bf5618096af980cac33df3eae62fe9bb36eda0aac74dd81fd562113e2515c3d4aa6daec990506bf3b958888119d0b1dc215d5e5418eba9778bd53faa7e9f732ce01f3056fd5b89cafe357648592287c990fd5326df9eebb9452b69e0a94cca107d8ae2e72bca993a08c3531791762f52baef6486848d462854357cdd8788b20383b095d58a35b9ab04380629d8a10707b862bff7024b90555233f0b05848dc1c5145906e90b63b243bd7491673a55d9234a928e9bb37ed35afa3c9a4b936ac42ccb1d1dcb5abe7cc21717fa1025525d24f4eb745f1fe0b3584448e35ef9916fef74cfa511bf189591b2cabb0ff81306d13a37eb8578d183ebc7200b3e28d2c2f39e56ba76078d60192d806c972f4ad6077be01111b412587760e65105faa0d5cb2326f99687ceb7617e2d4d45b918dc581223f0909eb519856748849fac49a2bb4edf727a7b2edf6e4454f526d02ed459d7805b68142c25dfc5544ca04dc7fb3c45418eee7609712f5cdaeb3aa3c6936cdd1f1e0d1486dbe2f3ee05f6856727ebe888e797d834beafb969a90f950198b5ee0ec876172c290466118f8dee069bbdb463040ab8840b842bf2d1637b03040994ccf1b8180131c755c623e65a03c96172bd15ddf0f90dba2ac60800252c193547b0b6beb63c3542f95aa373bda1941edc0d441d6d758bac9a1d7301f51009aab487f1b2cb3935a5c8935e8f2ee2ee3e2dee90f06c6ae693f715b9480219c59abc458e6aee1a210767d26bd5c24f8a4fc6be59011417aac0eaac7ad5715c5942fe87fd341c842544f3e394bebce42c5667a511a0a363a89462aa18595ea6b51f86dd48db166c078adaf2d127b87e6ac9cb6826fb0010d869bf03f2afaee97b6a064fedf3cc0806d75060cd4c86d1014a47b9b81303d3c2716b8c0fa30193393dc1ddda76426fad6c03a41192f6c7cfaaa8e37e9e3eb3cc0c6bdaa721b66a9fab82e6c0fdf964286e4aca0d66201c0adca7c33fae61bba1be0c874f3b495f3f7857cb156ea2538e4101f89e708b4554444e95096a0a40fc78c35be82d843e2d2a3adb8d78d662cabedba523079fb6d52df3bb710d268d7cf32a6a0a88d4f80628c0ac8a447f3fc5e0d091514ca2c64680b7da00d9196adc481f61e281381f748f3b3b0d78f1c77fef19ce0b7466e14bde12a3a9bc5cb225d81fbef39cc1b3c5668e533a8a82375f6fb46dd8413c119a4366314350587685250b3799f0629e75e6a9ec79db0d589849401019fd5074a4ae910fd665c2736974f4ada686655329136e385a46c82d6929b9e01babecb45e780d444855a521ddf1c0f8dae1c1db21a72af45b82ca64939150a87af4e9b1a6d4ed11d547076a93853935f4a12cb388d7fbc5c054353d9ea5ac028dc4a2613b28014f52eda3610347babb083372240b4253071b20862355629a52e9d6342febd19d4ed645fcd1e6f6a1ad089e0a93c079eaf573890e5844d2c94e40549cae5988d5e68a7b4d7ce9f0a6d8917678cc0b9e416e88c7155eadd5a2b2d5a032dc2e409c7f587aee7d641a0c9cdff084708c0066045674e59267ee7b6e3e127fbfe1f3451f4396f568cb46856da5ea6af1bc5698e49c216a897dfd07771d5c4ffcee4ca502fd8df2b81972e5cae58b59b9c7a3368e43f2f9e7c86d68995c536a91b990c87fe90dba70b1cbd3d2396a4291c3d555561f5ec1acbca8f4922083603c94fd0f41ef5b9392ce42a5535829de651bad14cb05914f0e31e3e606728b823dfdc091a3d8d427f7aefa21bbb59f67dbaf0d05ebb5a55d50dd06fbcc5dfefb41cea425c19559d4423fb13d3174a040c3cb7ec86e4cdfaa253031c0af1328ba1570684d2aa3d534a016416a188", 0x2000, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18, 0x0, 0x4, {0x200dd}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 636.425048ms ago: executing program 1 (id=5282): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x18) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0) ioctl$RTC_UIE_ON(r2, 0x7003) ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000040)={0x2b, 0x13, 0x0, 0x2, 0x0, 0x63, 0x3, 0x2, 0x1}) 610.733831ms ago: executing program 4 (id=5283): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x40840) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000009c0)=""/82, 0x52}], 0x1}, 0x0) 602.045207ms ago: executing program 1 (id=5284): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0e00000004000000defbffff02"], 0x50) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 554.789173ms ago: executing program 5 (id=5285): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x1cba8c72}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x177ffb498171ed1, 0x8040010) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2, 0x0, 0x0, 0xf5000000}, 0x0) 554.578499ms ago: executing program 1 (id=5286): r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10) listen(r0, 0xda90) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x2}) accept4(r0, 0x0, 0x0, 0x0) 554.363047ms ago: executing program 4 (id=5288): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) write$P9_RVERSION(r0, &(0x7f0000000140)=ANY=[@ANYRESHEX], 0x13) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40) 490.301ms ago: executing program 5 (id=5289): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0) syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') 486.629826ms ago: executing program 4 (id=5290): mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000500)={0x8, 0xfffffffffffffffd}) 414.845077ms ago: executing program 4 (id=5292): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x6}, @IFLA_BR_VLAN_STATS_ENABLED={0x5, 0x29, 0x1}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000) 344.684932ms ago: executing program 4 (id=5294): r0 = socket(0x28, 0x5, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94) close(r1) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff0001}, [@call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r1}, 0x18) connect$vsock_stream(r0, &(0x7f0000000180)={0x28, 0x0, 0x0, @local}, 0x10) 269.883938ms ago: executing program 2 (id=5296): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) r0 = io_uring_setup(0xd71, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x2}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='clear_refs\x00') writev(r1, &(0x7f0000000100)=[{&(0x7f00000000c0)='4', 0x1}], 0x1) 268.246783ms ago: executing program 4 (id=5297): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x458}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000000000/0xc00000)=nil, 0xc00000}, 0x3}) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) madvise(&(0x7f0000069000/0x2000)=nil, 0x2000, 0x8) 191.608493ms ago: executing program 2 (id=5298): r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0x4}}, 0x20) ioctl$SNDRV_PCM_IOCTL_DROP(r2, 0x4143, 0x0) 189.851613ms ago: executing program 2 (id=5299): syz_open_procfs$userns(0x0, &(0x7f0000000240)) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x20842, 0x2) write$P9_RLERRORu(r0, &(0x7f0000000240)=ANY=[], 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1, 0x1}}, 0x40) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) 44.363593ms ago: executing program 2 (id=5300): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth0_macvtap\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0xa, 0x1, 0x7fff, 0x1, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb69, 0xc1, 0x4, 0x1, 0x3, 0x5, 0x101, 0x1000, 0x9, 0x3, 0xffffffff, 0x1, 0xfffffffa, 0x0, 0x6, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0xd, 0xc, 0x2b12, 0x100, 0x6, 0x1c00, 0xb, 0x7, 0xbed4, 0x8, 0x8000100, 0x3, 0x0, 0x1, 0x8, 0x5, 0x79b, 0x2, 0x1, 0x7f, 0x7, 0xa, 0x7, 0xf, 0x101, 0xd7, 0x1fa0860a, 0x7, 0x10000aa, 0x81, 0x2, 0x7f, 0x4007, 0x8b, 0x5, 0x2af, 0x8f7, 0x5, 0x2, 0x2, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x8, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10001, 0x2, 0xffffffff, 0x6, 0x3, 0x9, 0x80000000, 0xfdfffffe, 0x75, 0x3, 0x84, 0x100, 0x5, 0x252, 0x81, 0xb, 0x4, 0x220006, 0x5, 0x2, 0xb, 0x1, 0xe0, 0x5, 0x2a2, 0xfffffffd, 0x3, 0x8, 0x5, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x7, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x1, 0x1fc, 0xc5c, 0x1]}}) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 44.209158ms ago: executing program 2 (id=5301): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x18) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0) ioctl$RTC_UIE_ON(r2, 0x7003) ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000040)={0x2b, 0x13, 0x0, 0x2, 0x0, 0x63, 0x3, 0x2, 0x1}) 0s ago: executing program 2 (id=5302): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002480), 0x0, &(0x7f0000000380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xc000}}) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf) kernel console output (not intermixed with test programs): tions, error -71 [ 181.922301][ T40] audit: type=1326 audit(1765603911.847:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.1.2961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 181.930469][ T40] audit: type=1326 audit(1765603911.847:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.1.2961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 181.937183][ T40] audit: type=1326 audit(1765603911.857:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.1.2961" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 181.944702][ T40] audit: type=1326 audit(1765603911.857:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.1.2961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 181.952050][ T40] audit: type=1326 audit(1765603911.857:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.1.2961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 181.959465][ T40] audit: type=1326 audit(1765603911.857:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.1.2961" exe="/syz-executor" sig=0 arch=40000003 syscall=434 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 181.967930][ T40] audit: type=1326 audit(1765603911.857:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.1.2961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 181.974966][ T40] audit: type=1326 audit(1765603911.857:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.1.2961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 181.982510][ T40] audit: type=1326 audit(1765603911.857:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.1.2961" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 182.401929][T12778] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2982'. [ 182.405964][T12778] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2982'. [ 182.720449][T12805] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2994'. [ 182.804976][T12813] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2998'. [ 182.808817][T12813] hsr_slave_0: left promiscuous mode [ 182.813019][T12813] hsr_slave_1: left promiscuous mode [ 182.927481][T12819] batadv_slave_1: entered promiscuous mode [ 182.930731][T12818] batadv_slave_1: left promiscuous mode [ 182.948875][T12821] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 183.042666][T12831] netlink: 'syz.1.3007': attribute type 19 has an invalid length. [ 183.078481][T12835] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.3008'. [ 183.080325][ T9] kernel write not supported for file /vbi7 (pid: 9 comm: kworker/0:0) [ 183.279937][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880125f7c00: rx timeout, send abort [ 183.284460][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880125f7c00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 183.320696][T12849] overlayfs: failed to clone upperpath [ 183.324077][T12849] overlayfs: failed to clone lowerpath [ 183.613825][T12866] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3020'. [ 183.750581][T12876] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 183.801418][T12876] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 183.813893][T12878] syzkaller0 speed is unknown, defaulting to 1000 [ 183.816215][T12878] syzkaller0 speed is unknown, defaulting to 1000 [ 183.820051][T12878] syzkaller0 speed is unknown, defaulting to 1000 [ 183.828127][T12878] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 183.841303][T12878] syzkaller0 speed is unknown, defaulting to 1000 [ 183.844833][T12878] syzkaller0 speed is unknown, defaulting to 1000 [ 183.848421][T12878] syzkaller0 speed is unknown, defaulting to 1000 [ 183.852528][T12878] syzkaller0 speed is unknown, defaulting to 1000 [ 183.855326][T12878] syzkaller0 speed is unknown, defaulting to 1000 [ 183.918029][ T1331] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 183.964934][T12889] bridge1: entered promiscuous mode [ 184.067210][ T1331] usb 5-1: Using ep0 maxpacket: 8 [ 184.070524][ T1331] usb 5-1: config 0 interface 0 has no altsetting 0 [ 184.072713][ T1331] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 184.076483][ T1331] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.080504][ T1331] usb 5-1: config 0 descriptor?? [ 184.427185][ T6641] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 184.495334][ T1331] mcp2221 0003:04D8:00DD.0028: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 184.597132][ T6641] usb 6-1: Using ep0 maxpacket: 16 [ 184.600498][ T6641] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0 [ 184.603764][ T6641] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0 [ 184.606965][ T6641] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 184.611397][ T6641] usb 6-1: config 1 interface 0 has no altsetting 0 [ 184.615630][ T6641] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 184.618842][ T6641] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.621614][ T6641] usb 6-1: Product: syz [ 184.622965][ T6641] usb 6-1: Manufacturer: syz [ 184.624511][ T6641] usb 6-1: SerialNumber: syz [ 184.692891][T12872] i2c i2c-2: unsupported multi-msg i2c transaction [ 184.696473][ T6004] usb 5-1: USB disconnect, device number 24 [ 185.037229][T12908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.041335][T12908] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.048237][ T6641] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8 [ 185.052802][ T6641] usb 6-1: USB disconnect, device number 22 [ 185.056393][ T6641] usblp0: removed [ 185.867150][ T6002] usb 6-1: new full-speed USB device number 23 using dummy_hcd [ 185.955877][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 185.955893][ T40] audit: type=1326 audit(1765604171.880:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12927 comm="syz.4.3047" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0 [ 186.029191][ T6002] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 186.033271][ T6002] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 186.038738][ T6002] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 186.042427][ T6002] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.254331][ T6002] usb 6-1: usb_control_msg returned -32 [ 186.257893][ T6002] usbtmc 6-1:16.0: can't read capabilities [ 186.523684][T12943] syzkaller0 speed is unknown, defaulting to 1000 [ 186.900981][T12962] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.3060'. [ 188.306596][T13024] netlink: 84 bytes leftover after parsing attributes in process `syz.0.3089'. [ 188.311325][T13024] netlink: 84 bytes leftover after parsing attributes in process `syz.0.3089'. [ 188.625796][ T6004] usb 6-1: USB disconnect, device number 23 [ 188.663057][T13044] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3099'. [ 189.101370][T13060] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3106'. [ 190.265152][T13118] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3133'. [ 190.270696][T13118] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3133'. [ 190.419472][T13135] netlink: 'syz.0.3141': attribute type 1 has an invalid length. [ 190.525318][T13149] gre0: entered promiscuous mode [ 190.527117][T13149] gre0: entered allmulticast mode [ 190.535484][ T6031] kernel read not supported for file /snd/midiC2D0 (pid: 6031 comm: kworker/1:5) [ 190.917164][ T6002] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 191.078629][ T6002] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 191.082157][ T6002] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 191.085486][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.090601][ T6002] usb 5-1: config 0 descriptor?? [ 191.301424][ T6002] usbhid 5-1:0.0: can't add hid device: -71 [ 191.303494][ T6002] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 191.308876][ T6002] usb 5-1: USB disconnect, device number 25 [ 191.757134][ T6004] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 191.907263][ T6004] usb 5-1: Using ep0 maxpacket: 32 [ 191.911409][ T6004] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 191.915865][ T6004] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 191.921042][ T6004] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.925671][ T6004] usb 5-1: config 0 descriptor?? [ 191.931745][ T6004] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 191.938270][ T6004] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 192.135530][ T6004] usb 5-1: USB disconnect, device number 26 [ 192.139559][ T6004] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 192.852537][T13267] dummy0: Caught tx_queue_len zero misconfig [ 193.061917][T13282] pimreg: entered allmulticast mode [ 193.209759][T13301] ip6gre1: entered promiscuous mode [ 193.211491][T13301] ip6gre1: entered allmulticast mode [ 193.254839][ T40] audit: type=1326 audit(1765604179.180:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13302 comm="syz.2.3199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 193.269177][ T40] audit: type=1326 audit(1765604179.180:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13302 comm="syz.2.3199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 193.276225][ T40] audit: type=1326 audit(1765604179.180:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13302 comm="syz.2.3199" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 193.283266][ T40] audit: type=1326 audit(1765604179.180:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13302 comm="syz.2.3199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 193.288509][T13305] overlayfs: overlapping lowerdir path [ 193.290705][ T40] audit: type=1326 audit(1765604179.180:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13302 comm="syz.2.3199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 193.310310][T13305] overlayfs: failed to verify upper root origin [ 193.400640][T13307] syzkaller0 speed is unknown, defaulting to 1000 [ 193.740787][ T12] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 193.744554][ T12] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.804570][ T40] audit: type=1326 audit(1765604179.730:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13318 comm="syz.0.3205" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f35579 code=0x0 [ 193.865900][ T12] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 193.871546][ T12] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.922516][ T12] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 193.925734][ T12] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.041961][ T12] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 194.046195][T13329] overlayfs: failed to clone upperpath [ 194.047237][ T12] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.094347][T13336] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3212'. [ 194.143710][ T12] bridge_slave_1: left allmulticast mode [ 194.145818][ T12] bridge_slave_1: left promiscuous mode [ 194.150212][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.155437][ T12] bridge_slave_0: left allmulticast mode [ 194.159519][ T12] bridge_slave_0: left promiscuous mode [ 194.161462][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.293377][ T12] dvmrp8 (unregistering): left allmulticast mode [ 194.405817][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 194.412243][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 194.418047][ T12] bond0 (unregistering): Released all slaves [ 194.682342][ T6584] Bluetooth: hci4: Frame reassembly failed (-84) [ 194.834971][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 194.837463][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 194.840581][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 194.842934][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 194.854327][ T12] veth1_macvtap: left promiscuous mode [ 194.856292][ T12] veth0_macvtap: left promiscuous mode [ 195.437857][T13365] Invalid ELF header magic: != ELF [ 195.707723][T13383] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.3232'. [ 196.016808][T13405] Invalid ELF header magic: != ELF [ 196.172651][ T5945] Bluetooth: hci3: unexpected event for opcode 0x2027 [ 196.426848][T13438] netlink: 'syz.4.3253': attribute type 21 has an invalid length. [ 196.430004][T13438] netlink: 128 bytes leftover after parsing attributes in process `syz.4.3253'. [ 196.432898][T13438] netlink: 'syz.4.3253': attribute type 4 has an invalid length. [ 196.435387][T13438] netlink: 'syz.4.3253': attribute type 3 has an invalid length. [ 196.439028][T13438] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3253'. [ 196.687209][ T6641] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 196.698482][T13458] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3263'. [ 196.701385][T13458] netlink: 'syz.2.3263': attribute type 1 has an invalid length. [ 196.704022][T13458] netlink: 'syz.2.3263': attribute type 2 has an invalid length. [ 196.706621][T13458] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3263'. [ 196.757167][ T5949] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 196.757424][ T5945] Bluetooth: hci4: command 0x1003 tx timeout [ 196.840576][ T6641] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 196.844956][ T6641] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 196.849808][ T6641] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 196.853301][ T6641] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.858778][T13440] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 196.864021][ T6641] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 197.066822][ T6031] usb 6-1: USB disconnect, device number 24 [ 197.207217][ T6641] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 197.369067][ T6641] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.373363][ T6641] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.376415][ T6641] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 197.381645][ T6641] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 197.385807][ T6641] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.389969][ T6641] usb 5-1: config 0 descriptor?? [ 197.504289][ T40] audit: type=1800 audit(1765604183.430:1156): pid=13475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3271" name="nullb0" dev="tmpfs" ino=1934 res=0 errno=0 [ 197.804016][ T6641] plantronics 0003:047F:FFFF.0029: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 198.317174][ T6641] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 198.468512][ T6641] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 198.472722][ T6641] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 198.476916][ T6641] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 198.480614][ T6641] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.485629][T13499] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 198.490451][ T6641] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 198.700600][ T6641] usb 6-1: USB disconnect, device number 25 [ 198.839477][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 198.841656][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.913457][ T6031] usb 5-1: USB disconnect, device number 27 [ 200.499407][T13557] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3304'. [ 200.512768][T13557] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3304'. [ 201.180436][T13573] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3312'. [ 201.322678][T13539] Set syz1 is full, maxelem 65536 reached [ 201.819193][T13609] "syz.4.3326" (13609) uses obsolete ecb(arc4) skcipher [ 202.327239][ T6031] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 202.487094][ T6031] usb 6-1: Using ep0 maxpacket: 16 [ 202.489828][ T6031] usb 6-1: too many configurations: 123, using maximum allowed: 8 [ 202.495444][ T6031] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.499780][ T6031] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.505154][ T6031] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.510923][ T6031] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.516526][ T6031] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.522292][ T6031] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.527384][ T6031] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.532942][ T6031] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.548259][ T6031] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 202.551344][ T6031] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45 [ 202.564824][ T6031] usb 6-1: SerialNumber: syz [ 202.568883][ T6031] usb 6-1: config 0 descriptor?? [ 202.575170][ T6031] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input36 [ 202.741824][T13641] lo: Caught tx_queue_len zero misconfig [ 202.786605][ T5331] bcm5974 6-1:0.0: could not read from device [ 202.792705][ T5331] bcm5974 6-1:0.0: could not read from device [ 202.794264][ T6031] usb 6-1: USB disconnect, device number 26 [ 202.799154][ T5331] bcm5974 6-1:0.0: could not read from device [ 202.847640][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.889988][T13650] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.893649][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.951169][T13656] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3347'. [ 203.237490][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.375284][T13678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.378675][T13678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.381507][T13678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.384399][T13678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.387166][T13678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.427525][T13684] netlink: 'syz.4.3359': attribute type 9 has an invalid length. [ 203.430078][T13684] netlink: 'syz.4.3359': attribute type 11 has an invalid length. [ 203.432662][T13684] netlink: 'syz.4.3359': attribute type 12 has an invalid length. [ 203.435166][T13684] netlink: 210020 bytes leftover after parsing attributes in process `syz.4.3359'. [ 203.447637][ T40] audit: type=1326 audit(1765604189.380:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13685 comm="syz.0.3360" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.454004][ T40] audit: type=1326 audit(1765604189.380:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13685 comm="syz.0.3360" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.461511][ T40] audit: type=1326 audit(1765604189.390:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13685 comm="syz.0.3360" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.469028][ T40] audit: type=1326 audit(1765604189.390:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13685 comm="syz.0.3360" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.477864][ T40] audit: type=1326 audit(1765604189.390:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13685 comm="syz.0.3360" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.486486][ T40] audit: type=1326 audit(1765604189.400:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13685 comm="syz.0.3360" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.493445][ T40] audit: type=1326 audit(1765604189.400:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13685 comm="syz.0.3360" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.499642][ T40] audit: type=1326 audit(1765604189.400:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13685 comm="syz.0.3360" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.509749][ T40] audit: type=1326 audit(1765604189.400:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13685 comm="syz.0.3360" exe="/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.517870][ T40] audit: type=1326 audit(1765604189.400:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13685 comm="syz.0.3360" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 204.138695][T13709] netlink: 'syz.2.3369': attribute type 9 has an invalid length. [ 204.141440][T13709] netlink: 'syz.2.3369': attribute type 11 has an invalid length. [ 204.144011][T13709] netlink: 'syz.2.3369': attribute type 12 has an invalid length. [ 204.146593][T13709] netlink: 210020 bytes leftover after parsing attributes in process `syz.2.3369'. [ 204.149803][T13709] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3369'. [ 204.298825][T13718] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3372'. [ 204.302104][T13718] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3372'. [ 204.311076][T13718] erspan0: entered promiscuous mode [ 204.313385][T13718] gretap0: entered promiscuous mode [ 204.315389][T13718] hsr2: Slave A (erspan0) is not up; please bring it up to get a fully working HSR network [ 204.319253][T13718] hsr2: Slave B (gretap0) is not up; please bring it up to get a fully working HSR network [ 204.438283][T13721] block nbd2: shutting down sockets [ 204.488426][T13725] bond1: entered promiscuous mode [ 204.490664][T13725] bond1: entered allmulticast mode [ 204.493092][T13725] 8021q: adding VLAN 0 to HW filter on device bond1 [ 204.517809][T13731] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3374'. [ 204.521551][T13731] netlink: 'syz.1.3374': attribute type 15 has an invalid length. [ 204.534316][T13731] vxlan2: entered promiscuous mode [ 204.539720][ T1196] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 256 - 0 [ 204.542529][ T1196] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 256 - 0 [ 204.545842][ T1196] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 256 - 0 [ 204.551405][ T1196] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 256 - 0 [ 205.747149][T13781] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 205.748242][T13783] syz.1.3398: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 205.755542][T13783] CPU: 0 UID: 0 PID: 13783 Comm: syz.1.3398 Tainted: G L syzkaller #0 PREEMPT(full) [ 205.755572][T13783] Tainted: [L]=SOFTLOCKUP [ 205.755577][T13783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 205.755585][T13783] Call Trace: [ 205.755590][T13783] [ 205.755594][T13783] dump_stack_lvl+0x16c/0x1f0 [ 205.755614][T13783] warn_alloc+0x248/0x3a0 [ 205.755629][T13783] ? __pfx_warn_alloc+0x10/0x10 [ 205.755648][T13783] ? kasan_save_stack+0x42/0x60 [ 205.755664][T13783] ? kasan_save_stack+0x33/0x60 [ 205.755678][T13783] ? kasan_save_track+0x14/0x30 [ 205.755693][T13783] ? xskq_create+0xfb/0x1d0 [ 205.755704][T13783] __vmalloc_node_range_noprof+0x12c2/0x16b0 [ 205.755721][T13783] ? xskq_create+0xfb/0x1d0 [ 205.755735][T13783] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 205.755752][T13783] ? xskq_create+0xfb/0x1d0 [ 205.755763][T13783] vmalloc_user_noprof+0x9e/0xe0 [ 205.755774][T13783] ? xskq_create+0xfb/0x1d0 [ 205.755783][T13783] xskq_create+0xfb/0x1d0 [ 205.755794][T13783] xsk_setsockopt+0x8d2/0xc00 [ 205.755811][T13783] ? __pfx_xsk_setsockopt+0x10/0x10 [ 205.755832][T13783] ? aa_sock_opt_perm+0xfd/0x1b0 [ 205.755848][T13783] ? __pfx_xsk_setsockopt+0x10/0x10 [ 205.755866][T13783] do_sock_setsockopt+0xf3/0x1d0 [ 205.755882][T13783] __sys_setsockopt+0x120/0x1a0 [ 205.755908][T13783] __ia32_sys_setsockopt+0xbc/0x160 [ 205.755918][T13783] ? __do_fast_syscall_32+0x9a/0x680 [ 205.755933][T13783] ? lockdep_hardirqs_on+0x7c/0x110 [ 205.755946][T13783] __do_fast_syscall_32+0xe8/0x680 [ 205.755962][T13783] do_fast_syscall_32+0x32/0x80 [ 205.755978][T13783] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 205.755992][T13783] RIP: 0023:0xf703d579 [ 205.756002][T13783] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 205.756012][T13783] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 205.756023][T13783] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b [ 205.756030][T13783] RDX: 0000000000000002 RSI: 0000000080000900 RDI: 0000000000000004 [ 205.756036][T13783] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 205.756042][T13783] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 205.756049][T13783] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 205.756107][T13783] [ 205.756228][T13783] Mem-Info: [ 205.836719][T13783] active_anon:7826 inactive_anon:197 isolated_anon:0 [ 205.836719][T13783] active_file:7356 inactive_file:35052 isolated_file:0 [ 205.836719][T13783] unevictable:1768 dirty:417 writeback:0 [ 205.836719][T13783] slab_reclaimable:8316 slab_unreclaimable:58133 [ 205.836719][T13783] mapped:23287 shmem:2402 pagetables:1279 [ 205.836719][T13783] sec_pagetables:312 bounce:0 [ 205.836719][T13783] kernel_misc_reclaimable:0 [ 205.836719][T13783] free:32216 free_pcp:19106 free_cma:0 [ 205.850527][T13783] Node 0 active_anon:1052kB inactive_anon:24kB active_file:2876kB inactive_file:40kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:280kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9384kB pagetables:1724kB sec_pagetables:1136kB all_unreclaimable? yes Balloon:0kB [ 205.860550][T13783] Node 1 active_anon:30352kB inactive_anon:764kB active_file:26548kB inactive_file:140168kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:92868kB dirty:1660kB writeback:0kB shmem:6072kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:3728kB pagetables:3392kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB [ 205.870991][T13783] Node 0 DMA free:2556kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:52kB local_pcp:52kB free_cma:0kB [ 205.880380][T13783] lowmem_reserve[]: 0 289 289 289 289 [ 205.882130][T13783] Node 0 DMA32 free:20700kB boost:4096kB min:17428kB low:20760kB high:24092kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1052kB inactive_anon:24kB active_file:2876kB inactive_file:40kB unevictable:3536kB writepending:8kB zspages:0kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:12028kB local_pcp:3604kB free_cma:0kB [ 205.892602][T13783] lowmem_reserve[]: 0 0 0 0 0 [ 205.893310][T13789] 9pnet: p9_errstr2errno: server reported unknown error 0x0000 [ 205.894134][T13783] Node 1 DMA32 free:105480kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:30352kB inactive_anon:764kB active_file:26548kB inactive_file:140168kB unevictable:3536kB writepending:1660kB zspages:2580kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:64020kB local_pcp:22372kB free_cma:0kB [ 205.908330][T13783] lowmem_reserve[]: 0 0 0 0 0 [ 205.909897][T13783] Node 0 DMA: 9*4kB (U) 1*8kB (U) 3*16kB (UM) 17*32kB (UM) 2*64kB (U) 0*128kB 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2556kB [ 205.914474][T13783] Node 0 DMA32: 447*4kB (UE) 18*8kB (UE) 67*16kB (UE) 159*32kB (UME) 83*64kB (UME) 31*128kB (UME) 9*256kB (UME) 2*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 20700kB [ 205.919999][T13783] Node 1 DMA32: 654*4kB (U) 1971*8kB (UME) 1567*16kB (UE) 49*32kB (UE) 36*64kB (UME) 22*128kB (UE) 30*256kB (UME) 14*512kB (UME) 13*1024kB (UM) 7*2048kB (UM) 3*4096kB (M) = 104928kB [ 205.925650][T13783] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 205.928946][T13783] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 205.931946][T13783] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 205.935283][T13783] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 205.939066][T13783] 45552 total pagecache pages [ 205.940594][T13783] 743 pages in swap cache [ 205.941979][T13783] Free swap = 117548kB [ 205.943295][T13783] Total swap = 124996kB [ 205.944631][T13783] 524155 pages RAM [ 205.945832][T13783] 0 pages HighMem/MovableOnly [ 205.947869][T13783] 209047 pages reserved [ 205.949218][T13783] 0 pages cma reserved [ 206.051318][T13807] input: syz0 as /devices/virtual/input/input37 [ 206.061487][T13808] pim6reg1: entered promiscuous mode [ 206.063307][T13808] pim6reg1: entered allmulticast mode [ 206.239241][T13827] __nla_validate_parse: 2 callbacks suppressed [ 206.239257][T13827] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3419'. [ 206.266146][T13827] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3419'. [ 206.848462][ T6004] net_ratelimit: 250 callbacks suppressed [ 206.848480][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 207.807270][ T34] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 207.887319][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 207.988723][ T34] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 207.993309][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 207.997891][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 208.002123][ T34] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 208.006221][ T34] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 208.009636][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.014435][ T34] usb 6-1: config 0 descriptor?? [ 208.027669][T13873] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 208.444197][ T34] plantronics 0003:047F:FFFF.002A: reserved main item tag 0xd [ 208.450311][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.454038][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.460323][ T7691] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.463686][ T34] plantronics 0003:047F:FFFF.002A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 208.615794][T13912] 9p: Bad value for 'rfdno' [ 208.710020][ T34] usb 6-1: USB disconnect, device number 27 [ 208.917462][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.927241][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.079454][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.083916][ T6641] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.097215][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.143798][T13922] netlink: 'syz.4.3459': attribute type 9 has an invalid length. [ 209.146439][T13922] netlink: 'syz.4.3459': attribute type 11 has an invalid length. [ 209.149238][T13922] netlink: 'syz.4.3459': attribute type 12 has an invalid length. [ 209.152468][T13922] netlink: 210020 bytes leftover after parsing attributes in process `syz.4.3459'. [ 209.155485][T13922] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3459'. [ 209.321869][ T40] kauditd_printk_skb: 8 callbacks suppressed [ 209.321880][ T40] audit: type=1326 audit(1765604195.250:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13934 comm="syz.1.3464" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0 [ 209.543768][T13940] loop6: detected capacity change from 0 to 2640 [ 210.531599][T13974] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3479'. [ 210.543974][T13974] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3479'. [ 210.552164][T13974] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3479'. [ 210.556593][T13974] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3479'. [ 210.560627][T13974] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3479'. [ 210.598225][T13979] syzkaller1: entered promiscuous mode [ 210.600792][T13979] syzkaller1: entered allmulticast mode [ 210.642763][T13985] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3478'. [ 210.734928][ T40] audit: type=1326 audit(1765604196.660:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13989 comm="syz.4.3485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 210.754031][ T40] audit: type=1326 audit(1765604196.660:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13989 comm="syz.4.3485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 210.774276][ T40] audit: type=1326 audit(1765604196.660:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13989 comm="syz.4.3485" exe="/syz-executor" sig=0 arch=40000003 syscall=258 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 210.781939][ T40] audit: type=1326 audit(1765604196.660:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13989 comm="syz.4.3485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 210.795373][ T40] audit: type=1326 audit(1765604196.660:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13989 comm="syz.4.3485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 211.304924][T14030] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3500'. [ 211.888792][T14060] loop3: detected capacity change from 0 to 7 [ 211.894990][T14060] Dev loop3: unable to read RDB block 7 [ 211.899434][T14060] loop3: unable to read partition table [ 211.902031][T14060] loop3: partition table beyond EOD, truncated [ 211.904610][T14060] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 211.953454][T14064] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3516'. [ 212.055689][ T1331] net_ratelimit: 2 callbacks suppressed [ 212.055706][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 212.117231][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 212.230543][T14078] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 212.257903][ T6031] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 212.438323][ T6031] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 212.442811][ T6031] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 212.479354][ T6031] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 212.487078][ T6031] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 212.508312][ T6031] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 212.512012][ T6031] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 212.515430][ T6031] usb 6-1: Manufacturer: syz [ 212.528390][ T6031] usb 6-1: config 0 descriptor?? [ 213.008890][ T6031] appleir 0003:05AC:8243.002B: unknown main item tag 0x0 [ 213.016490][ T6031] appleir 0003:05AC:8243.002B: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 213.080126][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.319384][ T828] usb 6-1: USB disconnect, device number 28 [ 213.399070][T14120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.402901][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.669392][T14135] netlink: 'syz.4.3544': attribute type 2 has an invalid length. [ 213.675021][T14135] netlink: 532 bytes leftover after parsing attributes in process `syz.4.3544'. [ 213.970017][ C2] Unknown status report in ack skb [ 214.044336][T14161] 9p: Bad value for 'rfdno' [ 214.118681][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.170346][T14167] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3559'. [ 214.838372][T14192] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3571'. [ 214.883905][T14196] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3573'. [ 214.989783][T14202] loop9: detected capacity change from 0 to 7 [ 214.995207][T14202] Dev loop9: unable to read RDB block 7 [ 214.998459][T14202] loop9: unable to read partition table [ 215.001008][T14202] loop9: partition table beyond EOD, truncated [ 215.003492][T14202] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 215.056310][T14207] netlink: 'syz.2.3578': attribute type 1 has an invalid length. [ 215.078588][T14207] 8021q: adding VLAN 0 to HW filter on device bond3 [ 215.114596][T14207] bond3: (slave geneve2): making interface the new active one [ 215.118850][T14207] bond3: (slave geneve2): Enslaving as an active interface with an up link [ 215.122660][ T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.126866][ T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.131210][ T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.134653][ T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.158820][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.162284][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.317278][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.414326][T14227] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3585'. [ 215.424339][T14227] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3585'. [ 215.625608][T14236] netlink: 'syz.4.3590': attribute type 1 has an invalid length. [ 215.646935][T14236] 8021q: adding VLAN 0 to HW filter on device bond2 [ 215.676020][T14236] bond2: (slave geneve2): making interface the new active one [ 215.680694][T14236] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 215.830112][T14245] kAFS: unable to lookup cell '(,' [ 215.833708][T14247] netlink: 'syz.1.3595': attribute type 1 has an invalid length. [ 215.859900][T14247] 8021q: adding VLAN 0 to HW filter on device bond2 [ 215.863703][T14247] bond1: (slave bond2): making interface the new active one [ 215.866270][T14247] bond1: (slave bond2): Enslaving as an active interface with an up link [ 216.674935][T14283] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3609'. [ 216.718686][T14285] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3610'. [ 216.724806][T14285] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3610'. [ 216.741805][ T40] audit: type=1326 audit(1765604202.670:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14252 comm="syz.1.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000 [ 216.757102][ T40] audit: type=1326 audit(1765604202.670:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14252 comm="syz.1.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf703d579 code=0x7fc00000 [ 216.777642][ T40] audit: type=1326 audit(1765604202.670:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14252 comm="syz.1.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000 [ 216.790637][ T40] audit: type=1326 audit(1765604202.670:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14252 comm="syz.1.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000 [ 216.802318][ T40] audit: type=1326 audit(1765604202.670:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14252 comm="syz.1.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000 [ 216.811717][ T40] audit: type=1326 audit(1765604202.670:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14252 comm="syz.1.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000 [ 216.822759][ T40] audit: type=1326 audit(1765604202.670:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14252 comm="syz.1.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000 [ 216.832465][ T40] audit: type=1326 audit(1765604202.670:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14252 comm="syz.1.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000 [ 216.847113][ T40] audit: type=1326 audit(1765604202.670:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14252 comm="syz.1.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000 [ 216.857287][ T40] audit: type=1326 audit(1765604202.670:1190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14252 comm="syz.1.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000 [ 216.940011][T14287] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3611'. [ 217.237229][ T1331] net_ratelimit: 1287 callbacks suppressed [ 217.237247][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.327490][ T1140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.330660][ T1140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.401547][T14335] Bluetooth: hci0: unsupported parameter 30225 [ 217.403579][T14335] Bluetooth: hci0: unsupported parameter 31232 [ 217.405576][T14335] Bluetooth: hci0: unsupported parameter 30225 [ 217.409196][T14335] Bluetooth: hci0: unsupported parameter 31232 [ 217.723162][T14355] delete_channel: no stack [ 217.738583][T14363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.744848][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.899015][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.039535][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.197305][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.277311][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.280132][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.451493][T14414] netlink: 'syz.1.3668': attribute type 9 has an invalid length. [ 218.459915][T14414] netlink: 'syz.1.3668': attribute type 11 has an invalid length. [ 218.465198][T14414] netlink: 'syz.1.3668': attribute type 12 has an invalid length. [ 218.471624][T14414] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.3668'. [ 218.479467][T14414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3668'. [ 218.556069][T14407] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3665'. [ 218.996105][T14444] netlink: 92 bytes leftover after parsing attributes in process `syz.2.3678'. [ 219.685195][T14480] delete_channel: no stack [ 219.821406][T14498] can0: slcan on ttyS3. [ 219.847158][ T6002] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 219.851001][T14500] overlayfs: failed to clone lowerpath [ 219.898138][T14498] can0 (unregistered): slcan off ttyS3. [ 219.998641][ T6002] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 220.003490][ T6002] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 220.008627][ T6002] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 220.013221][ T6002] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 220.019392][ T6002] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 220.023149][ T6002] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.037852][ T6002] usb 6-1: config 0 descriptor?? [ 220.041495][T14483] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 220.450078][ T6002] plantronics 0003:047F:FFFF.002C: reserved main item tag 0xd [ 220.457855][ T6002] plantronics 0003:047F:FFFF.002C: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 220.709330][ T6002] usb 6-1: USB disconnect, device number 29 [ 221.324157][T14545] Bluetooth: hci0: invalid len left 7, exp >= 35 [ 221.617198][ T6002] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 221.767079][ T6002] usb 6-1: Using ep0 maxpacket: 32 [ 221.770648][ T6002] usb 6-1: config 0 has no interfaces? [ 221.775215][ T6002] usb 6-1: New USB device found, idVendor=045e, idProduct=d357, bcdDevice=a7.7c [ 221.783949][ T6002] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.787689][ T6002] usb 6-1: Product: syz [ 221.789515][ T6002] usb 6-1: Manufacturer: syz [ 221.791534][ T6002] usb 6-1: SerialNumber: syz [ 221.805401][ T6002] usb 6-1: config 0 descriptor?? [ 221.838048][ T40] kauditd_printk_skb: 51 callbacks suppressed [ 221.838061][ T40] audit: type=1326 audit(1765604207.770:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14564 comm="syz.4.3735" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000 [ 222.013513][ T6002] usb 6-1: USB disconnect, device number 30 [ 222.170898][T14581] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3733'. [ 222.398709][ T6584] net_ratelimit: 11 callbacks suppressed [ 222.398750][ T6584] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.437565][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.558506][ T40] audit: type=1326 audit(1765604208.490:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14564 comm="syz.4.3735" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf703d579 code=0x7fc00000 [ 223.477218][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.527255][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.569390][T14658] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3771'. [ 224.041167][T14676] overlayfs: failed to clone upperpath [ 224.154794][T14693] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.158173][T14693] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.160834][T14693] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.164734][T14693] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.167519][T14693] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.180798][T14690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.442346][ T40] audit: type=1326 audit(1765604210.370:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14717 comm="syz.4.3798" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 224.457113][ T40] audit: type=1326 audit(1765604210.370:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14717 comm="syz.4.3798" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703d598 code=0x7ffc0000 [ 224.464479][ T40] audit: type=1326 audit(1765604210.370:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14717 comm="syz.4.3798" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703d598 code=0x7ffc0000 [ 224.474346][ T40] audit: type=1326 audit(1765604210.370:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14717 comm="syz.4.3798" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 224.487136][ T40] audit: type=1326 audit(1765604210.370:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14717 comm="syz.4.3798" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703d598 code=0x7ffc0000 [ 224.494652][ T40] audit: type=1326 audit(1765604210.370:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14717 comm="syz.4.3798" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 224.503199][ T40] audit: type=1326 audit(1765604210.370:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14717 comm="syz.4.3798" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703d598 code=0x7ffc0000 [ 224.511212][ T40] audit: type=1326 audit(1765604210.370:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14717 comm="syz.4.3798" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703d598 code=0x7ffc0000 [ 224.688885][T14734] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 225.318646][T14770] input: syz1 as /devices/virtual/input/input40 [ 226.667292][ T6004] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 226.817096][ T6004] usb 7-1: Using ep0 maxpacket: 8 [ 226.826426][ T6004] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 226.831306][ T6004] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 226.835189][ T6004] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.846778][ T6004] usb 7-1: config 0 descriptor?? [ 227.057881][ T6004] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 227.373636][ T5945] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 227.383406][ T5945] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 227.387609][ T5945] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 227.393442][ T5945] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 227.396847][ T5945] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 227.500481][ T6557] bond0: (slave syz_tun): Releasing backup interface [ 227.530632][T14821] netlink: 830 bytes leftover after parsing attributes in process `syz.4.3844'. [ 227.538513][T14818] syzkaller0 speed is unknown, defaulting to 1000 [ 227.637340][ T6004] net_ratelimit: 14 callbacks suppressed [ 227.637355][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 227.647357][ T6002] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 227.660488][T14818] chnl_net:caif_netlink_parms(): no params data found [ 227.732015][T14818] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.735120][T14818] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.741748][T14818] bridge_slave_0: entered allmulticast mode [ 227.755310][T14818] bridge_slave_0: entered promiscuous mode [ 227.762873][T14818] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.766030][T14818] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.769419][T14818] bridge_slave_1: entered allmulticast mode [ 227.775067][T14818] bridge_slave_1: entered promiscuous mode [ 227.804504][T14818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 227.810571][T14818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.834347][T14818] team0: Port device team_slave_0 added [ 227.839055][T14818] team0: Port device team_slave_1 added [ 227.858775][T14818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 227.861574][T14818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 227.872632][T14818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 227.881402][T14818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 227.884186][T14818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 227.894638][T14818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 227.929493][T14818] hsr_slave_0: entered promiscuous mode [ 227.931663][T14818] hsr_slave_1: entered promiscuous mode [ 227.933720][T14818] debugfs: 'hsr0' already exists in 'hsr' [ 227.935578][T14818] Cannot create hsr debugfs directory [ 227.987215][ T1141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 228.051744][T14818] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 228.058630][T14818] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 228.065143][T14818] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 228.071102][T14818] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 228.093013][T14818] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.095849][T14818] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.098898][T14818] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.101631][T14818] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.137108][T14818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.150833][ T1140] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.155155][ T1140] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.168147][T14818] 8021q: adding VLAN 0 to HW filter on device team0 [ 228.188627][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.190994][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.195152][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.197522][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.360625][T14818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 228.477807][T14875] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3860'. [ 228.501328][T14875] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3860'. [ 228.507673][T14875] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.538044][T14818] veth0_vlan: entered promiscuous mode [ 228.546025][T14818] veth1_vlan: entered promiscuous mode [ 228.572486][T14818] veth0_macvtap: entered promiscuous mode [ 228.579161][T14818] veth1_macvtap: entered promiscuous mode [ 228.592570][T14818] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.601196][T14818] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.609174][ T1141] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.612315][ T1141] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.615701][ T1141] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.618845][ T1141] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.677598][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 228.681805][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.685020][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.700450][T14889] netlink: 'syz.1.3863': attribute type 3 has an invalid length. [ 228.703557][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.706838][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.710397][T14889] netlink: 'syz.1.3863': attribute type 3 has an invalid length. [ 229.087342][ T1140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.169099][T14926] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3879'. [ 229.444854][ T6031] usb 7-1: USB disconnect, device number 12 [ 229.479226][ T5945] Bluetooth: hci4: command tx timeout [ 229.717349][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.903357][T14984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.906899][T14984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.910076][T14984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.197189][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.388300][T15007] binder: 15004:15007 ioctl c0306201 80000480 returned -14 [ 230.589394][T15026] evm: overlay not supported [ 230.606749][T15023] netlink: 'syz.2.3922': attribute type 13 has an invalid length. [ 230.610242][T15023] lo: entered promiscuous mode [ 230.612339][T15023] lo: entered allmulticast mode [ 230.614830][T15023] tunl0: entered promiscuous mode [ 230.617201][T15023] tunl0: entered allmulticast mode [ 230.619888][T15023] gre0: entered promiscuous mode [ 230.622049][T15023] gre0: entered allmulticast mode [ 230.624589][T15023] gretap0: entered allmulticast mode [ 230.627282][T15023] gretap0: refused to change device tx_queue_len [ 230.710244][T15034] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3926'. [ 230.930940][T15039] netlink: 'syz.2.3936': attribute type 1 has an invalid length. [ 230.957474][T15039] 8021q: adding VLAN 0 to HW filter on device bond4 [ 230.978375][T15039] bond4: (slave geneve3): making interface the new active one [ 230.981500][T15039] bond4: (slave geneve3): Enslaving as an active interface with an up link [ 230.984128][ T40] kauditd_printk_skb: 119 callbacks suppressed [ 230.984138][ T40] audit: type=1326 audit(1765604216.910:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15043 comm="syz.4.3929" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0 [ 231.477053][T15063] netlink: 'syz.5.3937': attribute type 1 has an invalid length. [ 231.557322][ T5945] Bluetooth: hci4: command tx timeout [ 232.184690][T15088] pimreg: left allmulticast mode [ 232.839187][ T1331] net_ratelimit: 7 callbacks suppressed [ 232.839200][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 233.177078][ T40] audit: type=1326 audit(1765604219.100:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15136 comm="syz.1.3968" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0 [ 233.408655][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 233.529956][ T40] audit: type=1326 audit(1765604219.460:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15150 comm="syz.4.3974" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0 [ 233.607370][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 233.637578][ T5945] Bluetooth: hci4: command tx timeout [ 233.877296][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 233.986043][T15176] input: syz0 as /devices/virtual/input/input41 [ 234.437455][T15204] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.618067][T15220] input: syz1 as /devices/virtual/input/input42 [ 234.721898][T15225] tipc: Started in network mode [ 234.723654][T15225] tipc: Node identity 4, cluster identity 4711 [ 234.725615][T15225] tipc: Node number set to 4 [ 234.747977][ T1140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.816490][T15234] netlink: 'syz.2.4012': attribute type 2 has an invalid length. [ 234.835066][T15234] !: entered promiscuous mode [ 234.844667][T15234] netlink: 'syz.2.4012': attribute type 2 has an invalid length. [ 234.848219][T15234] !: left promiscuous mode [ 234.848915][ T5945] Bluetooth: hci1: Unknown advertising packet type: 0x1e [ 234.851078][ T5945] Bluetooth: hci1: Malformed LE Event: 0x0d [ 234.929665][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.182083][T15261] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4026'. [ 235.409029][ T10] libceph: connect (1)[c::]:6789 error -101 [ 235.417274][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 235.499510][T15277] ceph: No mds server is up or the cluster is laggy [ 235.654683][T15300] netlink: 'syz.5.4043': attribute type 9 has an invalid length. [ 235.659615][T15300] netlink: 'syz.5.4043': attribute type 11 has an invalid length. [ 235.662099][T15300] netlink: 'syz.5.4043': attribute type 12 has an invalid length. [ 235.664606][T15300] netlink: 210020 bytes leftover after parsing attributes in process `syz.5.4043'. [ 235.673649][T15300] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4043'. [ 235.717088][ T5945] Bluetooth: hci4: command tx timeout [ 235.877827][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.967255][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 236.110005][T15325] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 236.374770][T15355] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4068'. [ 236.384908][T15355] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4068'. [ 236.389482][T15355] bridge_slave_1: left allmulticast mode [ 236.391353][T15355] bridge_slave_1: left promiscuous mode [ 236.393353][T15355] bridge0: port 2(bridge_slave_1) entered disabled state [ 236.409710][T15355] bridge_slave_0: left allmulticast mode [ 236.411809][T15355] bridge_slave_0: left promiscuous mode [ 236.413706][T15355] bridge0: port 1(bridge_slave_0) entered disabled state [ 236.443100][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 236.493998][T15359] hsr0: entered allmulticast mode [ 236.495695][T15359] hsr_slave_0: entered allmulticast mode [ 236.497790][T15359] hsr_slave_1: entered allmulticast mode [ 236.500278][T15360] hsr_slave_0: left promiscuous mode [ 236.502794][T15360] hsr_slave_1: left promiscuous mode [ 236.514654][T15360] hsr0 (unregistering): left allmulticast mode [ 236.731042][T15369] vcan0: tx drop: invalid da for name 0x0000000000000001 [ 237.251029][ T6004] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 237.380295][T15417] syzkaller0 speed is unknown, defaulting to 1000 [ 237.409615][ T6004] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 237.413625][ T6004] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 237.417878][ T6004] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.424903][ T6004] usb 7-1: config 0 descriptor?? [ 237.555496][T15437] 9p: Bad value for 'wfdno' [ 237.632569][ T6004] usbhid 7-1:0.0: can't add hid device: -71 [ 237.634640][ T6004] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 237.638630][ T6004] usb 7-1: USB disconnect, device number 13 [ 237.653355][ T40] audit: type=1326 audit(1765604223.580:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15438 comm="syz.4.4101" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x0 [ 237.667092][ T60] usb 6-1: new full-speed USB device number 31 using dummy_hcd [ 237.714707][T15439] syzkaller0 speed is unknown, defaulting to 1000 [ 237.828386][ T60] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 237.831955][ T60] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 237.836245][ T60] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 237.840108][ T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.037189][ T6004] net_ratelimit: 4 callbacks suppressed [ 238.037201][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 238.049605][ T60] usb 6-1: usb_control_msg returned -32 [ 238.051479][ T60] usbtmc 6-1:16.0: can't read capabilities [ 238.087666][ T6031] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 238.127387][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 238.247090][ T6031] usb 7-1: Using ep0 maxpacket: 32 [ 238.250458][ T6031] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 238.254301][ T6031] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 238.257988][ T6031] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.262299][ T6031] usb 7-1: config 0 descriptor?? [ 238.265868][ T6031] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 238.269623][ T6031] ldusb 7-1:0.0: LD USB Device #1 now attached to major 180 minor 1 [ 238.672687][ T6031] usb 7-1: USB disconnect, device number 14 [ 238.682889][ T6031] ldusb 7-1:0.0: LD USB Device #1 now disconnected [ 238.776206][T15467] ip6gre2: entered promiscuous mode [ 238.778462][T15467] ip6gre2: entered allmulticast mode [ 238.837312][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 238.840129][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.077305][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.237479][ T1141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.477840][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.117308][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.169952][T15548] overlayfs: failed to clone lowerpath [ 240.191410][T15548] overlayfs: failed to clone lowerpath [ 240.333585][T15566] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4154'. [ 240.367604][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.395855][T15575] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 240.422771][ T60] usb 6-1: USB disconnect, device number 31 [ 240.644006][T15600] netlink: 'syz.5.4167': attribute type 4 has an invalid length. [ 240.654372][T15600] netlink: 'syz.5.4167': attribute type 4 has an invalid length. [ 240.684099][T15603] netlink: 'syz.4.4169': attribute type 12 has an invalid length. [ 241.157317][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 241.442521][T15622] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4178'. [ 241.582773][T15637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4180'. [ 241.635968][ T40] audit: type=1326 audit(1765604227.560:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15641 comm="syz.2.4187" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 241.683675][T15647] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4189'. [ 241.688619][T15647] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4189'. [ 242.681750][T15681] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4204'. [ 242.685576][T15681] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4204'. [ 242.861044][T15710] netlink: 'syz.1.4217': attribute type 3 has an invalid length. [ 243.237660][ T1331] net_ratelimit: 381 callbacks suppressed [ 243.237677][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 243.430196][T15741] netlink: 'syz.1.4231': attribute type 11 has an invalid length. [ 243.727133][ T60] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 243.749404][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 243.880458][ T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.885061][ T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.897066][ T60] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 243.902296][ T60] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 243.905982][ T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.911868][ T60] usb 6-1: config 0 descriptor?? [ 244.191365][T15811] syz.2.4258 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 244.279927][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 244.328952][ T60] plantronics 0003:047F:FFFF.002D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 244.815091][T15848] input: syz0 as /devices/virtual/input/input43 [ 244.824549][T15850] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4278'. [ 244.857389][ T1141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 244.865688][T15852] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4279'. [ 244.917722][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 244.948510][ T6031] usb 6-1: USB disconnect, device number 32 [ 245.194695][T15863] 8021q: adding VLAN 0 to HW filter on device bond1 [ 245.319785][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.328710][T15863] bond1 (unregistering): Released all slaves [ 245.528521][T15898] bond3: option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 245.535975][T15898] bond3 (unregistering): Released all slaves [ 245.559466][T15904] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 245.575168][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.587456][ T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.605285][T15909] 9p: Bad value for 'rfdno' [ 245.655004][T15915] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.752319][T15917] 9pnet: p9_errstr2errno: server reported unknown error ./file0 [ 247.291832][T16010] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 247.296487][T16010] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 247.314655][T16010] overlayfs: d_ino too big (., ino=4611686018427387905, xinobits=3) [ 247.320914][T16010] overlayfs: d_ino too big (.., ino=4611686018427387905, xinobits=3) [ 247.324811][T16010] overlayfs: d_ino too big (139, ino=9223372036854776561, xinobits=3) [ 247.328314][T16010] overlayfs: d_ino too big (syzcgroup, ino=9223372036854775816, xinobits=3) [ 247.331372][T16010] overlayfs: d_ino too big (syz-inputs, ino=9223372036854775815, xinobits=3) [ 247.334303][T16010] overlayfs: d_ino too big (sys, ino=9223372036854775814, xinobits=3) [ 247.336968][T16010] overlayfs: d_ino too big (selinux, ino=9223372036854775813, xinobits=3) [ 247.340088][T16010] overlayfs: d_ino too big (proc, ino=9223372036854775812, xinobits=3) [ 247.342836][T16010] overlayfs: d_ino too big (dev, ino=9223372036854775811, xinobits=3) [ 247.346954][T16010] overlayfs: d_ino too big (instances, ino=4611686018427389206, xinobits=3) [ 247.621926][ T40] audit: type=1326 audit(1765604489.552:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16040 comm="syz.4.4356" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0 [ 248.380810][T16050] KVM: debugfs: duplicate directory 16050-4 [ 248.438377][ T6004] net_ratelimit: 13 callbacks suppressed [ 248.438395][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 248.598375][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 248.605151][T16070] input: syz1 as /devices/virtual/input/input44 [ 248.737931][T16078] netlink: 'syz.2.4370': attribute type 12 has an invalid length. [ 248.740475][T16078] netlink: 'syz.2.4370': attribute type 29 has an invalid length. [ 248.743293][T16078] netlink: 148 bytes leftover after parsing attributes in process `syz.2.4370'. [ 248.746168][T16078] netlink: 'syz.2.4370': attribute type 2 has an invalid length. [ 248.756288][T16078] netlink: 23 bytes leftover after parsing attributes in process `syz.2.4370'. [ 248.988134][T16103] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 248.994272][T16103] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 249.000282][T16103] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 249.003480][T16103] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 249.007311][T16103] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 249.013243][T16102] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 249.018591][T16107] overlayfs: failed to clone lowerpath [ 249.064230][T16112] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4386'. [ 249.067946][T16112] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4386'. [ 249.161474][ T40] audit: type=1804 audit(1765604491.092:1377): pid=16122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.4391" name="nullb0" dev="tmpfs" ino=1934 res=1 errno=0 [ 249.189377][ T40] audit: type=1800 audit(1765604491.092:1378): pid=16122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4391" name="nullb0" dev="tmpfs" ino=1934 res=0 errno=0 [ 249.230846][T16129] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4394'. [ 249.357193][ T90] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 249.478132][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 250.565233][ C3] Unknown status report in ack skb [ 251.317353][ T5945] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 252.301020][T16290] netlink: 'syz.4.4459': attribute type 4 has an invalid length. [ 252.328452][T16290] netlink: 'syz.4.4459': attribute type 4 has an invalid length. [ 252.677124][ T64] Bluetooth: hci5: command 0x1003 tx timeout [ 252.677368][ T5949] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 253.216691][T16376] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4497'. [ 253.223194][T16376] gtp1: entered promiscuous mode [ 253.225300][T16376] gtp1: entered allmulticast mode [ 253.452197][T16380] syzkaller0 speed is unknown, defaulting to 1000 [ 253.647539][ T1331] net_ratelimit: 225 callbacks suppressed [ 253.647557][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 253.713452][T16406] binder: 16405:16406 ioctl 40046205 0 returned -22 [ 253.848609][ T90] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 254.548269][ T40] audit: type=1326 audit(1765604496.482:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16444 comm="syz.2.4525" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 254.677579][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 254.680397][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 254.883164][T16460] overlayfs: failed to clone upperpath [ 254.949312][T16466] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.4533'. [ 254.977851][ T104] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 255.146724][T16485] overlayfs: failed to clone upperpath [ 255.327942][ T6002] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 255.498740][ T6002] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 255.503492][ T6002] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 255.507988][ T6002] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 255.512685][ T6002] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.519527][T16481] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 255.526194][ T6002] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 255.718081][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 255.733961][ T34] usb 10-1: USB disconnect, device number 2 [ 256.036495][ T40] audit: type=1804 audit(1765604497.962:1380): pid=16520 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4556" name="/newroot/1282/file0/file0" dev="9p" ino=71827865 res=1 errno=0 [ 256.107402][ T1140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 256.144100][T16524] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 256.266609][T16535] netlink: 'syz.1.4563': attribute type 10 has an invalid length. [ 256.273510][T16535] veth0_vlan: left promiscuous mode [ 256.276894][T16535] veth0_vlan: entered promiscuous mode [ 256.281501][T16535] team0: Device veth0_vlan failed to register rx_handler [ 256.291148][T16538] netlink: 'syz.4.4564': attribute type 6 has an invalid length. [ 256.298393][T16538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 256.447837][ T6002] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 256.592472][T16564] syzkaller1: entered promiscuous mode [ 256.595568][T16564] syzkaller1: entered allmulticast mode [ 256.632234][T16561] syzkaller0 speed is unknown, defaulting to 1000 [ 256.747181][ T1331] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 256.845755][T16570] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4576'. [ 256.857498][T16570] gtp0: entered promiscuous mode [ 256.859569][T16570] gtp0: entered allmulticast mode [ 256.897118][ T1331] usb 7-1: Using ep0 maxpacket: 8 [ 256.901778][ T1331] usb 7-1: config 0 interface 0 has no altsetting 0 [ 256.903898][ T1331] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 256.906760][ T1331] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.910873][ T1331] usb 7-1: config 0 descriptor?? [ 257.255524][T16589] overlayfs: failed to clone upperpath [ 257.321311][ T1331] mcp2221 0003:04D8:00DD.002E: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0 [ 257.406449][T16599] netlink: 'syz.1.4598': attribute type 1 has an invalid length. [ 257.432131][T16599] 8021q: adding VLAN 0 to HW filter on device bond3 [ 257.458677][T16599] bond3: (slave geneve2): making interface the new active one [ 257.461673][T16599] bond3: (slave geneve2): Enslaving as an active interface with an up link [ 257.464587][ T104] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.469311][ T104] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.472885][ T104] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.476388][ T104] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.519935][ T1331] usb 7-1: USB disconnect, device number 15 [ 257.639269][T16607] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4592'. [ 258.814720][T16638] input: syz1 as /devices/virtual/input/input45 [ 258.838253][ T6004] net_ratelimit: 7 callbacks suppressed [ 258.838264][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 259.457439][ T1141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 259.887245][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.090537][T16721] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4643'. [ 260.247761][T16737] IPv4: Oversized IP packet from 127.202.26.0 [ 260.284086][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.286848][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.290594][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.292794][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 260.343349][T16748] netlink: 'syz.5.4655': attribute type 10 has an invalid length. [ 260.354005][T16748] veth0_vlan: left promiscuous mode [ 260.356726][T16748] veth0_vlan: entered promiscuous mode [ 260.361808][T16748] team0: Device veth0_vlan failed to register rx_handler [ 260.512459][T16756] netlink: 72 bytes leftover after parsing attributes in process `syz.1.4661'. [ 260.567341][ T1141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.601164][T16772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4668'. [ 260.605248][T16772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4668'. [ 260.757480][ T828] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 260.807222][ T1331] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 260.881274][T16784] netlink: 'syz.4.4671': attribute type 10 has an invalid length. [ 260.892366][T16784] veth0_vlan: left promiscuous mode [ 260.896376][T16784] veth0_vlan: entered promiscuous mode [ 260.902080][T16784] team0: Device veth0_vlan failed to register rx_handler [ 260.910119][ T828] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 260.916023][ T828] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 260.921309][ T828] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 260.925373][ T828] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 260.927706][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.931171][ T828] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 260.938168][ T828] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.943420][ T828] usb 10-1: config 0 descriptor?? [ 260.977230][ T1331] usb 7-1: Using ep0 maxpacket: 16 [ 260.981007][ T1331] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 260.984702][ T1331] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 260.988093][ T1331] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 260.992715][ T1331] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 260.996431][ T1331] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.002527][ T1331] usb 7-1: config 0 descriptor?? [ 261.258250][ T40] audit: type=1326 audit(1765604503.192:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16795 comm="syz.1.4675" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0 [ 261.351905][ T828] plantronics 0003:047F:FFFF.002F: ignoring exceeding usage max [ 261.359146][ T828] plantronics 0003:047F:FFFF.002F: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 261.410051][ T1331] shield 0003:0955:7214.0030: unknown main item tag 0x0 [ 261.412351][ T1331] shield 0003:0955:7214.0030: unknown main item tag 0x0 [ 261.414621][ T1331] shield 0003:0955:7214.0030: unknown main item tag 0x0 [ 261.416867][ T1331] shield 0003:0955:7214.0030: unknown main item tag 0x0 [ 261.419160][ T1331] shield 0003:0955:7214.0030: unknown main item tag 0x0 [ 261.422469][ T1331] input: HID 0955:7214 Haptics as /devices/virtual/input/input46 [ 261.429765][ T1331] shield 0003:0955:7214.0030: Registered Thunderstrike controller [ 261.432337][ T1331] shield 0003:0955:7214.0030: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0 [ 261.609832][T16767] netlink: 'syz.2.4665': attribute type 2 has an invalid length. [ 261.612520][T16767] netlink: 244 bytes leftover after parsing attributes in process `syz.2.4665'. [ 261.616495][ T24] shield 0003:0955:7214.0030: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 261.621191][ T6004] usb 7-1: USB disconnect, device number 16 [ 261.626420][ T24] shield 0003:0955:7214.0030: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 261.629967][ T24] shield 0003:0955:7214.0030: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 261.633474][ T24] shield 0003:0955:7214.0030: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 261.667239][ T90] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 261.961431][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 262.213484][T16813] netlink: 'syz.1.4684': attribute type 10 has an invalid length. [ 262.219268][T16813] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.225393][T16813] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 262.234048][T16813] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 262.237793][T16813] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 262.256730][T16813] bond0: (slave batadv0): Releasing backup interface [ 262.874224][T16870] netlink: 67 bytes leftover after parsing attributes in process `syz.1.4710'. [ 262.917188][ T6004] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 263.001660][T16883] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN [ 263.078610][ T6004] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 263.083210][ T6004] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 263.087744][ T6004] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 263.093267][ T6004] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 263.098839][ T6004] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.104180][ T6004] usb 7-1: config 0 descriptor?? [ 263.178803][T16895] tls_set_device_offload: netdev not found [ 263.254321][ T6641] libceph: connect (1)[c::]:6789 error -101 [ 263.256345][ T6641] libceph: mon0 (1)[c::]:6789 connect error [ 263.325269][ T6641] libceph: connect (1)[c::]:6789 error -101 [ 263.328442][ T6641] libceph: mon0 (1)[c::]:6789 connect error [ 263.403926][T16909] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4725'. [ 263.408938][T16909] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4725'. [ 263.412499][T16909] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4725'. [ 263.447174][ T10] usb 10-1: USB disconnect, device number 3 [ 263.516700][ T6004] plantronics 0003:047F:FFFF.0031: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 263.518464][ T6641] libceph: connect (1)[c::]:6789 error -101 [ 263.523127][ T6641] libceph: mon0 (1)[c::]:6789 connect error [ 263.597216][ T6641] libceph: connect (1)[c::]:6789 error -101 [ 263.599872][ T6641] libceph: mon0 (1)[c::]:6789 connect error [ 263.736854][T16930] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4735'. [ 263.778663][ T5949] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 263.782511][ T5949] CPU: 2 UID: 0 PID: 5949 Comm: kworker/u33:7 Tainted: G L syzkaller #0 PREEMPT(full) [ 263.782532][ T5949] Tainted: [L]=SOFTLOCKUP [ 263.782542][ T5949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 263.782551][ T5949] Workqueue: hci4 hci_rx_work [ 263.782568][ T5949] Call Trace: [ 263.782573][ T5949] [ 263.782578][ T5949] dump_stack_lvl+0x16c/0x1f0 [ 263.782595][ T5949] sysfs_warn_dup+0x7f/0xa0 [ 263.782623][ T5949] sysfs_create_dir_ns+0x24b/0x2b0 [ 263.782635][ T5949] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 263.782647][ T5949] ? find_held_lock+0x2b/0x80 [ 263.782665][ T5949] ? do_raw_spin_unlock+0x172/0x230 [ 263.782679][ T5949] kobject_add_internal+0x2c4/0x9d0 [ 263.782699][ T5949] kobject_add+0x16e/0x240 [ 263.782714][ T5949] ? __pfx_kobject_add+0x10/0x10 [ 263.782731][ T5949] ? kobject_put+0xaf/0x6f0 [ 263.782744][ T5949] ? _raw_spin_unlock+0x28/0x50 [ 263.782761][ T5949] device_add+0x288/0x1980 [ 263.782774][ T5949] ? __pfx_dev_set_name+0x10/0x10 [ 263.782789][ T5949] ? __pfx_device_add+0x10/0x10 [ 263.782801][ T5949] ? mgmt_send_event_skb+0x2fb/0x460 [ 263.782817][ T5949] hci_conn_add_sysfs+0x1a8/0x260 [ 263.782832][ T5949] le_conn_complete_evt+0x11ed/0x1fa0 [ 263.782847][ T5949] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 263.782862][ T5949] hci_le_enh_conn_complete_evt+0x23d/0x3b0 [ 263.782875][ T5949] ? skb_pull_data+0x166/0x210 [ 263.782888][ T5949] hci_le_meta_evt+0x357/0x610 [ 263.782900][ T5949] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 263.782914][ T5949] hci_event_packet+0x685/0x1210 [ 263.782926][ T5949] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 263.782939][ T5949] ? __pfx_hci_event_packet+0x10/0x10 [ 263.782954][ T5949] ? kcov_remote_start+0x3a9/0x680 [ 263.782974][ T5949] hci_rx_work+0x2c9/0x1020 [ 263.782988][ T5949] process_one_work+0x9ba/0x1b20 [ 263.783006][ T5949] ? __pfx_process_one_work+0x10/0x10 [ 263.783022][ T5949] ? assign_work+0x1a0/0x250 [ 263.783034][ T5949] worker_thread+0x6c8/0xf10 [ 263.783052][ T5949] ? __pfx_worker_thread+0x10/0x10 [ 263.783064][ T5949] kthread+0x3c5/0x780 [ 263.783075][ T5949] ? __pfx_kthread+0x10/0x10 [ 263.783086][ T5949] ? rcu_is_watching+0x12/0xc0 [ 263.783102][ T5949] ? __pfx_kthread+0x10/0x10 [ 263.783113][ T5949] ret_from_fork+0x983/0xb10 [ 263.783125][ T5949] ? __pfx_ret_from_fork+0x10/0x10 [ 263.783138][ T5949] ? __switch_to+0x7af/0x10d0 [ 263.783152][ T5949] ? __pfx_kthread+0x10/0x10 [ 263.783163][ T5949] ret_from_fork_asm+0x1a/0x30 [ 263.783187][ T5949] [ 263.783236][ T5949] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 263.879289][ T5949] Bluetooth: hci4: failed to register connection device [ 263.919274][ T90] net_ratelimit: 3 callbacks suppressed [ 263.919291][ T90] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.037277][ T10] libceph: connect (1)[c::]:6789 error -101 [ 264.039422][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 264.047226][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.050255][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.052813][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.055426][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.058083][ T90] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.060723][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.063302][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.065929][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.068759][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.073310][T16903] ceph: No mds server is up or the cluster is laggy [ 264.076235][T16898] ceph: No mds server is up or the cluster is laggy [ 264.079230][T16940] netlink: 'syz.4.4739': attribute type 10 has an invalid length. [ 264.097834][T16940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 264.105033][T16940] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 264.125029][T16940] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 264.129411][T16940] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 264.135447][T16940] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 264.143840][T16940] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 264.165250][ T40] audit: type=1326 audit(1765604506.092:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.1.4740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 264.172640][ T40] audit: type=1326 audit(1765604506.092:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.1.4740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 264.179765][ T40] audit: type=1326 audit(1765604506.102:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.1.4740" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 264.188355][ T40] audit: type=1326 audit(1765604506.112:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.1.4740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 264.195504][T16940] bond0: (slave batadv0): Releasing backup interface [ 264.197155][ T40] audit: type=1326 audit(1765604506.112:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.1.4740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 264.206285][ T40] audit: type=1326 audit(1765604506.112:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16943 comm="syz.1.4740" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 264.215440][ T40] audit: type=1326 audit(1765604506.142:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.1.4740" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 264.222594][ T40] audit: type=1326 audit(1765604506.142:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.1.4740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 264.229839][ T40] audit: type=1326 audit(1765604506.142:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16941 comm="syz.1.4740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 264.509538][T16952] mac80211_hwsim hwsim12 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 264.574501][T16928] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 264.576605][T16928] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 264.581335][T16928] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 264.585660][T16928] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 264.589352][T16928] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 264.591687][T16928] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 264.595254][T16928] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 264.601729][T16928] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 264.661368][T16963] futex_wake_op: syz.4.4748 tries to shift op by -1; fix this program [ 264.757957][T16967] bad cache= option: noned [ 264.757957][T16967] async : no [ 264.757957][T16967] blocksize : 1 [ 264.757957][T16967] ivsize : 12 [ 264.757957][T16967] maxauthsize : 16 [ 264.757957][T16967] geniv : [ 264.757957][T16967] [ 264.757957][T16967] name : ctr(serpent) [ 264.757957][T16967] driver : ctr(serpent-generic) [ 264.757957][T16967] module : kernel [ 264.757957][T16967] priority : 100 [ 264.757957][T16967] refcnt : 1 [ 264.757957][T16967] selftest : passed [ 264.757957][T16967] internal : no [ 264.757957][T16967] type : skcipher [ 264.757957][T16967] async : no [ 264.757957][T16967] blocksize : 1 [ 264.757957][T16967] min keysize : 0 [ 264.757957][T16967] max keysize : 32 [ 264.757957][T16967] ivsize : 16 [ 264.757957][T16967] chunksize : 16 [ 264.757957][T16967] walksize : 16 [ 264.757957][T16967] statesize : 0 [ 264.757957][T16967] [ 264.757957][T16967] name : ctr(des3_ede) [ 264.757957][T16967] driver : ctr(des3_ede-asm) [ 264.757957][T16967] module : kernel [ 264.757957][T16967] priority : 200 [ 264.757957][T16967] refcnt : 1 [ 264.757957][T16967] selftest : passed [ 264.757957][T16967] internal : no [ 264.757957][T16967] type : skcipher [ 264.757957][T16967] async : no [ 264.757957][T16967] blocksize : 1 [ 264.757957][T16967] min keysize : 24 [ 264.757957][T16967] max keysize : 24 [ 264.757957][T16967] ivsize : 8 [ 264.757957][T16967] chunksize : 8 [ 264.757957][T16967] walksize : 8 [ 264.757957][T16967] statesize : 0 [ 264.757957][T16967] [ 264.757957][T16967] name : pcbc(cast5) [ 264.757957][T16967] driver : pcbc(cast5-generic) [ 264.757957][T16967] module : kernel [ 264.757957][T16967] priority : 100 [ 264.757957][T16967] refcnt : 1 [ 264.757957][T16967] selftest : passed [ 264.757957][T16967] internal : no [ 264.758241][T16967] CIFS: VFS: bad cache= option: noned [ 264.758241][T16967] async : no [ 264.758241][T16967] blocksize : 1 [ 264.758241][T16967] ivsize : 12 [ 264.758241][T16967] maxauthsize : 16 [ 264.758241][T16967] geniv : [ 264.758241][T16967] [ 264.758241][T16967] name : ctr(serpent) [ 264.758241][T16967] driver : ctr(serpent-generic) [ 264.758241][T16967] module : kernel [ 264.758241][T16967] priority : 100 [ 264.758241][T16967] refcnt : 1 [ 264.758241][T16967] selftest : passed [ 264.758241][T16967] internal : no [ 264.758241][T16967] type : skcipher [ 264.758241][T16967] async : no [ 264.758241][T16967] blocksize : 1 [ 264.758241][T16967] min keysize : 0 [ 264.758241][T16967] max keysize : 32 [ 264.758241][T16967] ivsize : 16 [ 264.758241][T16967] chunksize : 16 [ 264.758241][T16967] walksize : 16 [ 264.758241][T16967] statesize : 0 [ 264.758241][T16967] [ 264.758241][T16967] name : ctr(des3_ede) [ 264.758241][T16967] driver : ctr(des3_ede-asm) [ 264.758241][T16967] module : kernel [ 264.758241][T16967] priority : 200 [ 264.758241][T16967] refcnt : 1 [ 264.758241][T16967] selftest : passed [ 264.758241][T16967] internal : no [ 264.758241][T16967] type : skcipher [ 264.758241][T16967] async : no [ 264.758241][T16967] blocksize : 1 [ 264.758241][T16967] min keysize : 24 [ 264.758241][T16967] max keysize : 24 [ 264.758241][T16967] ivsize : 8 [ 264.758241][T16967] chunksize : 8 [ 264.758241][T16967] walksize : 8 [ 264.758241][T16967] statesize : 0 [ 264.758241][T16967] [ 264.758241][T16967] name : pcbc(cast5) [ 264.758241][T16967] driver : pcbc(cast5-generic) [ 264.758241][T16967] module : kernel [ 264.758241][T16967] priority : 100 [ 264.758241][T16967] refcnt : 1 [ 264.758241][T16967] selftest : passed [ 264.758241][T16967] internal : no [ 264.813910][T16967] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 264.879894][T16967] CIFS mount error: No usable UNC path provided in device string! [ 264.879894][T16967] [ 264.883830][T16967] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 265.613316][ T6004] usb 7-1: USB disconnect, device number 17 [ 265.671485][T17007] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 265.676356][T17007] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.757704][T17007] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 265.760959][T17007] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.797129][ T64] Bluetooth: hci2: command 0x0c1a tx timeout [ 265.828043][T17007] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 265.831335][T17007] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.900715][T17007] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 265.903945][T17007] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.992911][ T104] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 265.996367][ T104] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.006364][ T1141] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 266.009122][ T1141] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.031206][ T104] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 266.034704][ T104] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.049986][T17019] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 266.053691][ T104] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 266.056913][ T104] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.189716][T17026] overlayfs: failed to clone lowerpath [ 266.380156][T17040] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4778'. [ 266.386408][T17040] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4778'. [ 266.434190][T17042] overlayfs: failed to clone lowerpath [ 266.598345][ T64] Bluetooth: hci4: command 0x2016 tx timeout [ 266.598422][ T5949] Bluetooth: hci1: command 0x0c1a tx timeout [ 266.600712][ T5945] Bluetooth: hci3: command 0x0c1a tx timeout [ 266.659242][T17055] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4786'. [ 267.073446][T17072] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 267.606463][T17108] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2182154216 (4364308432 ns) > initial count (507749598 ns). Using initial count to start timer. [ 267.877168][ T64] Bluetooth: hci2: command 0x0c1a tx timeout [ 268.138210][T17162] input: syz0 as /devices/virtual/input/input47 [ 268.197361][ T104] wlan1: Trigger new scan to find an IBSS to join [ 268.240512][T17180] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4840'. [ 268.498433][T17212] syz_tun: entered allmulticast mode [ 268.501917][T17211] syz_tun: left allmulticast mode [ 268.518335][T17216] 9p: Bad value for 'wfdno' [ 268.679063][ T64] Bluetooth: hci4: command 0x2016 tx timeout [ 268.734394][T17229] syzkaller0 speed is unknown, defaulting to 1000 [ 268.915847][T17257] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4869'. [ 268.928703][T17257] 8021q: adding VLAN 0 to HW filter on device bond0 [ 268.935842][T17257] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4869'. [ 268.985584][T17260] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4871'. [ 269.317275][ T24] net_ratelimit: 104 callbacks suppressed [ 269.317293][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.397246][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.589662][ T1141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.877391][ T1231] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.884292][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.888366][ T6002] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.889348][T17323] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.4899'. [ 269.934692][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 269.934708][ T40] audit: type=1326 audit(1765604511.862:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17324 comm="syz.4.4900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 269.945685][ T40] audit: type=1326 audit(1765604511.862:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17324 comm="syz.4.4900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 269.958196][ T40] audit: type=1326 audit(1765604511.862:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17324 comm="syz.4.4900" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 269.966883][ T40] audit: type=1326 audit(1765604511.862:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17324 comm="syz.4.4900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 269.997134][ T40] audit: type=1326 audit(1765604511.862:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17324 comm="syz.4.4900" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 270.006021][ T40] audit: type=1326 audit(1765604511.862:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17324 comm="syz.4.4900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 270.027117][ T40] audit: type=1326 audit(1765604511.862:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17324 comm="syz.4.4900" exe="/syz-executor" sig=0 arch=40000003 syscall=441 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 270.036270][ T40] audit: type=1326 audit(1765604511.922:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17324 comm="syz.4.4900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 270.057086][ T40] audit: type=1326 audit(1765604511.922:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17324 comm="syz.4.4900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 270.357880][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 270.547132][ T6641] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 270.707536][ T90] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 270.719021][ T6641] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 270.722759][ T6641] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 270.725743][ T6641] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 270.732722][ T6641] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 270.735404][ T6641] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 270.738792][ T6641] usb 7-1: Product: syz [ 270.740638][ T6641] usb 7-1: Manufacturer: syz [ 270.742520][ T6641] usb 7-1: SerialNumber: syz [ 270.748266][ T6641] hub 7-1:1.0: bad descriptor, ignoring hub [ 270.750936][ T6641] hub 7-1:1.0: probe with driver hub failed with error -5 [ 270.767533][ T64] Bluetooth: hci4: command 0x2016 tx timeout [ 270.956363][ T6641] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 271.237140][ T90] wlan1: Trigger new scan to find an IBSS to join [ 271.267343][ T34] usb 7-1: USB disconnect, device number 18 [ 271.272053][ T34] usblp0: removed [ 271.406482][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 271.490763][T17385] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4925'. [ 271.617253][ T10] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 271.799826][ T10] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 271.804106][ T10] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 271.818157][ T10] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 271.837442][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 271.845336][ T10] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 271.849297][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.852214][ T10] usb 7-1: Product: syz [ 271.853646][ T10] usb 7-1: Manufacturer: syz [ 271.855101][ T10] usb 7-1: SerialNumber: syz [ 271.875938][ T10] hub 7-1:1.0: bad descriptor, ignoring hub [ 271.878510][ T10] hub 7-1:1.0: probe with driver hub failed with error -5 [ 272.077376][ T10] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 19 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 272.107571][ T10] usb 7-1: USB disconnect, device number 19 [ 272.112146][ T10] usblp0: removed [ 272.188482][ T90] wlan1: Creating new IBSS network, BSSID fa:88:e7:fa:18:ef [ 272.837226][ T64] Bluetooth: hci4: command 0x2016 tx timeout [ 273.358046][T17488] "syz.4.4969" (17488) uses obsolete ecb(arc4) skcipher [ 273.438897][T17497] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4973'. [ 273.483507][T17502] overlayfs: failed to clone lowerpath [ 273.522373][T17510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4979'. [ 273.528344][T17510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4979'. [ 273.756090][T17515] syzkaller0 speed is unknown, defaulting to 1000 [ 274.438838][T17593] netlink: 'syz.4.5014': attribute type 12 has an invalid length. [ 274.441856][T17593] netlink: 'syz.4.5014': attribute type 29 has an invalid length. [ 274.444678][T17593] netlink: 148 bytes leftover after parsing attributes in process `syz.4.5014'. [ 274.450190][T17593] netlink: 'syz.4.5014': attribute type 2 has an invalid length. [ 274.452852][T17593] netlink: 23 bytes leftover after parsing attributes in process `syz.4.5014'. [ 274.517219][ T24] net_ratelimit: 10 callbacks suppressed [ 274.517235][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 274.561759][T17605] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5018'. [ 274.565573][T17605] netlink: 'syz.4.5018': attribute type 14 has an invalid length. [ 275.006315][T17635] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.5032'. [ 275.217224][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 275.329015][T17667] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5045'. [ 275.358347][T17667] 8021q: adding VLAN 0 to HW filter on device bond1 [ 275.380490][T17667] bond1: (slave batadv1): Opening slave failed [ 275.487801][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 275.567288][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 275.637170][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 275.644511][ T6002] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 275.685929][T17704] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5057'. [ 275.703075][T17704] vxlan1: entered promiscuous mode [ 276.347312][ T104] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 276.610869][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 276.825654][T17768] netlink: 'syz.5.5083': attribute type 13 has an invalid length. [ 276.828769][T17768] netlink: 'syz.5.5083': attribute type 17 has an invalid length. [ 276.927107][ T5945] Bluetooth: hci2: command 0x0c1a tx timeout [ 277.487264][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 277.586050][T17787] __nla_validate_parse: 2 callbacks suppressed [ 277.586063][T17787] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5092'. [ 277.596647][T17787] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5092'. [ 277.637824][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 278.075729][T17809] tipc: Started in network mode [ 278.077636][T17809] tipc: Node identity 84e, cluster identity 4711 [ 278.079877][T17809] tipc: Node number set to 2126 [ 278.184179][T17814] CIFS: VFS: Malformed UNC in devname [ 278.439367][ T6002] libceph: connect (1)[c::]:6789 error -101 [ 278.441405][ T6002] libceph: mon0 (1)[c::]:6789 connect error [ 278.488236][ T9] libceph: connect (1)[b::]:6789 error -101 [ 278.492388][ T9] libceph: mon0 (1)[b::]:6789 connect error [ 278.707239][ T6002] libceph: connect (1)[c::]:6789 error -101 [ 278.709339][ T6002] libceph: mon0 (1)[c::]:6789 connect error [ 278.748054][ T9] libceph: connect (1)[b::]:6789 error -101 [ 278.750231][ T9] libceph: mon0 (1)[b::]:6789 connect error [ 279.008290][ T64] Bluetooth: hci2: command 0x0c1a tx timeout [ 279.217295][ T6002] libceph: connect (1)[c::]:6789 error -101 [ 279.219340][ T6002] libceph: mon0 (1)[c::]:6789 connect error [ 279.257305][ T9] libceph: connect (1)[b::]:6789 error -101 [ 279.260330][ T9] libceph: mon0 (1)[b::]:6789 connect error [ 279.264999][T17828] ceph: No mds server is up or the cluster is laggy [ 279.267839][T17833] ceph: No mds server is up or the cluster is laggy [ 279.279514][T17872] netlink: 'syz.4.5128': attribute type 8 has an invalid length. [ 279.283160][T17872] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5128'. [ 279.290617][T17872] bond0: entered promiscuous mode [ 279.292265][T17872] bond_slave_0: entered promiscuous mode [ 279.294155][T17872] bond_slave_1: entered promiscuous mode [ 279.297862][T17872] gretap0: entered promiscuous mode [ 279.301119][T17872] debugfs: 'hsr1' already exists in 'hsr' [ 279.306821][T17872] Cannot create hsr debugfs directory [ 279.315300][T17872] hsr1: entered promiscuous mode [ 279.406426][T17887] netlink: 'syz.2.5133': attribute type 9 has an invalid length. [ 279.409911][T17887] netlink: 'syz.2.5133': attribute type 11 has an invalid length. [ 279.412782][T17887] netlink: 'syz.2.5133': attribute type 12 has an invalid length. [ 279.415187][T17887] netlink: 210020 bytes leftover after parsing attributes in process `syz.2.5133'. [ 279.427340][T17887] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5133'. [ 279.439149][T17890] overlayfs: failed to clone upperpath [ 279.451386][T17890] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 279.455087][T17890] overlayfs: missing 'lowerdir' [ 279.478412][ T64] Bluetooth: hci3: unexpected event for opcode 0x2023 [ 279.489487][T17895] loop2: detected capacity change from 0 to 7 [ 279.498743][T17895] Dev loop2: unable to read RDB block 7 [ 279.507132][T17895] loop2: unable to read partition table [ 279.509273][T17895] loop2: partition table beyond EOD, truncated [ 279.511268][T17895] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 279.627965][T17906] syzkaller1: entered promiscuous mode [ 279.630298][T17906] syzkaller1: entered allmulticast mode [ 279.632120][T17907] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5141'. [ 279.635035][T17907] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5141'. [ 279.636727][T17906] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 324 [ 279.727318][ T24] net_ratelimit: 5 callbacks suppressed [ 279.727333][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 279.787715][T17916] netlink: 'syz.5.5146': attribute type 4 has an invalid length. [ 279.797278][T17916] netlink: 'syz.5.5146': attribute type 4 has an invalid length. [ 279.811716][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 279.874217][T17924] overlay: filesystem on ./bus not supported as upperdir [ 280.117294][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 280.148471][T17949] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5161'. [ 280.379716][T17975] input: syz1 as /devices/virtual/input/input48 [ 280.417112][ T10] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 280.572704][ T10] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 280.577645][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 280.581018][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 280.584143][ T10] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 280.597900][ T10] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 280.601650][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.618767][ T10] usb 7-1: config 0 descriptor?? [ 280.706278][T17987] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5177'. [ 280.762165][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 280.907325][ T1140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 281.035680][ T10] plantronics 0003:047F:FFFF.0032: ignoring exceeding usage max [ 281.047877][ T10] plantronics 0003:047F:FFFF.0032: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 281.558671][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 281.772987][ T40] audit: type=1326 audit(1765604523.702:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18043 comm="syz.1.5207" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0 [ 281.797698][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 282.037962][ T1231] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 282.750293][T18086] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5213'. [ 282.758557][T18080] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 282.760559][T18080] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 282.764911][T18080] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 282.767344][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 282.767867][T18080] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 282.788656][T18080] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 282.790576][T18080] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 282.810655][T18080] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 282.812780][T18080] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 282.839202][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 283.138433][ T1331] usb 7-1: USB disconnect, device number 20 [ 283.279578][T18115] overlayfs: failed to clone upperpath [ 284.062763][ T1331] libceph: connect (1)[c::]:6789 error -101 [ 284.064685][ T1331] libceph: mon0 (1)[c::]:6789 connect error [ 284.093922][ T1331] libceph: connect (1)[b::]:6789 error -101 [ 284.096018][ T1331] libceph: mon0 (1)[b::]:6789 connect error [ 284.319439][ T1331] libceph: connect (1)[c::]:6789 error -101 [ 284.321828][ T1331] libceph: mon0 (1)[c::]:6789 connect error [ 284.357473][ T1331] libceph: connect (1)[b::]:6789 error -101 [ 284.359960][ T1331] libceph: mon0 (1)[b::]:6789 connect error [ 284.827586][ T1331] libceph: connect (1)[c::]:6789 error -101 [ 284.830238][ T1331] libceph: mon0 (1)[c::]:6789 connect error [ 284.861743][T18147] ceph: No mds server is up or the cluster is laggy [ 284.865395][T18153] ceph: No mds server is up or the cluster is laggy [ 284.867896][ T1331] libceph: connect (1)[b::]:6789 error -101 [ 284.870796][ T1331] libceph: mon0 (1)[b::]:6789 connect error [ 284.919748][ T1331] net_ratelimit: 12 callbacks suppressed [ 284.919768][ T1331] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 284.964969][T18171] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5253'. [ 284.970392][T18171] netlink: 67 bytes leftover after parsing attributes in process `syz.5.5253'. [ 285.200114][T18187] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 285.238028][ T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.289071][ T60] libceph: connect (1)[c::]:6789 error -101 [ 285.290954][ T60] libceph: mon0 (1)[c::]:6789 connect error [ 285.348094][T18208] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5261'. [ 285.351952][T18208] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5261'. [ 285.355608][T18208] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5261'. [ 285.362808][ T1331] libceph: connect (1)[b::]:6789 error -101 [ 285.364818][ T1331] libceph: mon0 (1)[b::]:6789 connect error [ 285.380079][ T104] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.547635][ T60] libceph: connect (1)[c::]:6789 error -101 [ 285.549979][ T60] libceph: mon0 (1)[c::]:6789 connect error [ 285.617433][ T1331] libceph: connect (1)[b::]:6789 error -101 [ 285.619512][ T1331] libceph: mon0 (1)[b::]:6789 connect error [ 285.879226][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.958288][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 286.057558][ T60] libceph: connect (1)[c::]:6789 error -101 [ 286.059780][ T60] libceph: mon0 (1)[c::]:6789 connect error [ 286.115996][T18203] ceph: No mds server is up or the cluster is laggy [ 286.116050][T18196] ceph: No mds server is up or the cluster is laggy [ 286.131778][ T6004] libceph: connect (1)[b::]:6789 error -101 [ 286.133811][ T6004] libceph: mon0 (1)[b::]:6789 connect error [ 286.192531][T18243] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 286.299096][T18255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 286.303120][T18255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 286.306204][T18255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 286.480637][T18274] overlayfs: failed to clone upperpath [ 286.524786][T18278] netlink: 'syz.4.5292': attribute type 1 has an invalid length. [ 286.577338][T18278] bond3: (slave bridge2): making interface the new active one [ 286.580082][T18278] bond3: (slave bridge2): Enslaving as an active interface with an up link [ 286.677686][ T6004] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 286.837190][ T6004] usb 10-1: Using ep0 maxpacket: 16 [ 286.839988][ T6004] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 286.843368][ T6004] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 286.847488][ T6004] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 286.850251][ T6004] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.853839][ T6004] usb 10-1: config 0 descriptor?? [ 287.262227][ T6004] HID 045e:07da: Invalid code 65791 type 1 [ 287.266608][ T6004] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:045E:07DA.0033/input/input49 [ 287.274669][ T6004] microsoft 0003:045E:07DA.0033: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 287.467674][ C2] [ 287.468570][ C2] ======================================================== [ 287.470856][ C2] WARNING: possible irq lock inversion dependency detected [ 287.473084][ C2] syzkaller #0 Tainted: G L [ 287.474974][ C2] -------------------------------------------------------- [ 287.477170][ C2] swapper/2/0 just changed the state of lock: [ 287.479028][ C2] ffff88804eec3230 (&dev->event_lock#2){..-.}-{3:3}, at: input_event+0x74/0xd0 [ 287.481787][ C2] but this lock took another, SOFTIRQ-READ-unsafe lock in the past: [ 287.484264][ C2] (tasklist_lock){.+.+}-{3:3} [ 287.484279][ C2] [ 287.484279][ C2] [ 287.484279][ C2] and interrupts could create inverse lock ordering between them. [ 287.484279][ C2] [ 287.490174][ C2] [ 287.490174][ C2] other info that might help us debug this: [ 287.492651][ C2] Chain exists of: [ 287.492651][ C2] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 287.492651][ C2] [ 287.496828][ C2] Possible interrupt unsafe locking scenario: [ 287.496828][ C2] [ 287.499491][ C2] CPU0 CPU1 [ 287.501337][ C2] ---- ---- [ 287.502993][ C2] lock(tasklist_lock); [ 287.504377][ C2] local_irq_disable(); [ 287.507112][ C2] lock(&dev->event_lock#2); [ 287.510105][ C2] lock(&client->buffer_lock); [ 287.513069][ C2] [ 287.514518][ C2] lock(&dev->event_lock#2); [ 287.516548][ C2] [ 287.516548][ C2] *** DEADLOCK *** [ 287.516548][ C2] [ 287.519777][ C2] no locks held by swapper/2/0. [ 287.521791][ C2] [ 287.521791][ C2] the shortest dependencies between 2nd lock and 1st lock: [ 287.525678][ C2] -> (tasklist_lock){.+.+}-{3:3} { [ 287.528009][ C2] HARDIRQ-ON-R at: [ 287.529901][ C2] lock_acquire+0x179/0x330 [ 287.532750][ C2] _raw_read_lock+0x5f/0x70 [ 287.535523][ C2] __do_wait+0x105/0x890 [ 287.538189][ C2] do_wait+0x21d/0x570 [ 287.540688][ C2] kernel_wait+0x9f/0x160 [ 287.543403][ C2] call_usermodehelper_exec_work+0xf1/0x170 [ 287.546835][ C2] process_one_work+0x9ba/0x1b20 [ 287.549725][ C2] worker_thread+0x6c8/0xf10 [ 287.552617][ C2] kthread+0x3c5/0x780 [ 287.555244][ C2] ret_from_fork+0x983/0xb10 [ 287.558011][ C2] ret_from_fork_asm+0x1a/0x30 [ 287.560860][ C2] SOFTIRQ-ON-R at: [ 287.562630][ C2] lock_acquire+0x179/0x330 [ 287.565356][ C2] _raw_read_lock+0x5f/0x70 [ 287.568180][ C2] __do_wait+0x105/0x890 [ 287.570824][ C2] do_wait+0x21d/0x570 [ 287.573331][ C2] kernel_wait+0x9f/0x160 [ 287.575960][ C2] call_usermodehelper_exec_work+0xf1/0x170 [ 287.578866][ C2] process_one_work+0x9ba/0x1b20 [ 287.581386][ C2] worker_thread+0x6c8/0xf10 [ 287.584152][ C2] kthread+0x3c5/0x780 [ 287.586233][ C2] ret_from_fork+0x983/0xb10 [ 287.588455][ C2] ret_from_fork_asm+0x1a/0x30 [ 287.590774][ C2] INITIAL USE at: [ 287.592227][ C2] lock_acquire+0x179/0x330 [ 287.594363][ C2] _raw_write_lock_irq+0x36/0x50 [ 287.596678][ C2] copy_process+0x4668/0x7430 [ 287.598880][ C2] kernel_clone+0xfc/0x910 [ 287.600969][ C2] user_mode_thread+0xc8/0x110 [ 287.603225][ C2] rest_init+0x23/0x2b0 [ 287.605277][ C2] start_kernel+0x3ef/0x4d0 [ 287.607501][ C2] x86_64_start_reservations+0x18/0x30 [ 287.609939][ C2] x86_64_start_kernel+0x130/0x190 [ 287.612313][ C2] common_startup_64+0x13e/0x148 [ 287.614613][ C2] INITIAL READ USE at: [ 287.616169][ C2] lock_acquire+0x179/0x330 [ 287.618469][ C2] _raw_read_lock+0x5f/0x70 [ 287.620711][ C2] __do_wait+0x105/0x890 [ 287.622934][ C2] do_wait+0x21d/0x570 [ 287.625094][ C2] kernel_wait+0x9f/0x160 [ 287.627349][ C2] call_usermodehelper_exec_work+0xf1/0x170 [ 287.630062][ C2] process_one_work+0x9ba/0x1b20 [ 287.632515][ C2] worker_thread+0x6c8/0xf10 [ 287.634830][ C2] kthread+0x3c5/0x780 [ 287.637016][ C2] ret_from_fork+0x983/0xb10 [ 287.639339][ C2] ret_from_fork_asm+0x1a/0x30 [ 287.641712][ C2] } [ 287.642678][ C2] ... key at: [] tasklist_lock+0x18/0x40 [ 287.645233][ C2] ... acquired at: [ 287.646577][ C2] _raw_read_lock+0x5f/0x70 [ 287.648116][ C2] send_sigurg+0xed/0xc80 [ 287.649560][ C2] sk_send_sigurg+0x76/0x360 [ 287.651042][ C2] unix_stream_sendmsg+0xfa3/0x1320 [ 287.652795][ C2] ____sys_sendmsg+0xa5d/0xc30 [ 287.654318][ C2] ___sys_sendmsg+0x134/0x1d0 [ 287.655833][ C2] __sys_sendmmsg+0x2f9/0x420 [ 287.657435][ C2] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 287.659288][ C2] __do_fast_syscall_32+0xe8/0x680 [ 287.660977][ C2] do_fast_syscall_32+0x32/0x80 [ 287.662596][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.664677][ C2] [ 287.665452][ C2] -> (&f_owner->lock){....}-{3:3} { [ 287.667231][ C2] INITIAL USE at: [ 287.668571][ C2] lock_acquire+0x179/0x330 [ 287.670652][ C2] _raw_write_lock_irq+0x36/0x50 [ 287.672888][ C2] __f_setown+0x61/0x3c0 [ 287.674885][ C2] do_fcntl+0x1010/0x1660 [ 287.676961][ C2] do_compat_fcntl64+0x367/0x710 [ 287.679173][ C2] __do_fast_syscall_32+0xe8/0x680 [ 287.681459][ C2] do_fast_syscall_32+0x32/0x80 [ 287.683681][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.686320][ C2] INITIAL READ USE at: [ 287.687819][ C2] lock_acquire+0x179/0x330 [ 287.689922][ C2] _raw_read_lock_irqsave+0x74/0x90 [ 287.692365][ C2] send_sigurg+0x5f/0xc80 [ 287.694545][ C2] sk_send_sigurg+0x76/0x360 [ 287.696807][ C2] unix_stream_sendmsg+0xfa3/0x1320 [ 287.699237][ C2] ____sys_sendmsg+0xa5d/0xc30 [ 287.701531][ C2] ___sys_sendmsg+0x134/0x1d0 [ 287.703854][ C2] __sys_sendmmsg+0x2f9/0x420 [ 287.706158][ C2] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 287.708764][ C2] __do_fast_syscall_32+0xe8/0x680 [ 287.711176][ C2] do_fast_syscall_32+0x32/0x80 [ 287.713536][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.716364][ C2] } [ 287.717290][ C2] ... key at: [] __key.1+0x0/0x40 [ 287.719617][ C2] ... acquired at: [ 287.720926][ C2] _raw_read_lock_irqsave+0x74/0x90 [ 287.722641][ C2] send_sigio+0x31/0x3e0 [ 287.724154][ C2] kill_fasync+0x214/0x510 [ 287.725640][ C2] lease_break_callback+0x23/0x30 [ 287.727364][ C2] __break_lease+0x6cd/0x1800 [ 287.728935][ C2] do_dentry_open+0x6e7/0x1590 [ 287.730533][ C2] vfs_open+0x82/0x3f0 [ 287.731906][ C2] path_openat+0x2078/0x3140 [ 287.733452][ C2] do_filp_open+0x20b/0x470 [ 287.734978][ C2] do_sys_openat2+0x11f/0x280 [ 287.736601][ C2] __ia32_compat_sys_open+0x146/0x1e0 [ 287.738374][ C2] __do_fast_syscall_32+0xe8/0x680 [ 287.740065][ C2] do_fast_syscall_32+0x32/0x80 [ 287.741678][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.743765][ C2] [ 287.744540][ C2] -> (&new->fa_lock){....}-{3:3} { [ 287.746242][ C2] INITIAL USE at: [ 287.747574][ C2] lock_acquire+0x179/0x330 [ 287.749603][ C2] _raw_write_lock_irq+0x36/0x50 [ 287.751771][ C2] fasync_remove_entry+0xb2/0x1e0 [ 287.753972][ C2] fasync_helper+0xaf/0xd0 [ 287.756021][ C2] pipe_fasync+0xc7/0x200 [ 287.758036][ C2] __fput+0x96b/0xb70 [ 287.759920][ C2] task_work_run+0x150/0x240 [ 287.761945][ C2] exit_to_user_mode_loop+0xfb/0x540 [ 287.764257][ C2] __do_fast_syscall_32+0x4a4/0x680 [ 287.766502][ C2] do_fast_syscall_32+0x32/0x80 [ 287.768695][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.771255][ C2] INITIAL READ USE at: [ 287.772712][ C2] lock_acquire+0x179/0x330 [ 287.774889][ C2] _raw_read_lock_irqsave+0x74/0x90 [ 287.777274][ C2] kill_fasync+0x138/0x510 [ 287.779415][ C2] iter_file_splice_write+0xd98/0x12b0 [ 287.781898][ C2] do_splice+0x1478/0x1fc0 [ 287.784064][ C2] __do_splice+0x32a/0x360 [ 287.786226][ C2] __ia32_sys_splice+0x189/0x250 [ 287.788575][ C2] __do_fast_syscall_32+0xe8/0x680 [ 287.790933][ C2] do_fast_syscall_32+0x32/0x80 [ 287.793229][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.796001][ C2] } [ 287.796886][ C2] ... key at: [] __key.0+0x0/0x40 [ 287.799208][ C2] ... acquired at: [ 287.800456][ C2] _raw_read_lock_irqsave+0x74/0x90 [ 287.802167][ C2] kill_fasync+0x138/0x510 [ 287.803659][ C2] evdev_pass_values+0x619/0x9b0 [ 287.805322][ C2] evdev_events+0x1bb/0x390 [ 287.806861][ C2] input_pass_values+0x74e/0x880 [ 287.808518][ C2] input_handle_event+0xf00/0x14d0 [ 287.810126][ C2] input_inject_event+0x1e8/0x3b0 [ 287.811804][ C2] evdev_write+0x2e1/0x440 [ 287.813294][ C2] vfs_write+0x2a0/0x11d0 [ 287.814772][ C2] ksys_write+0x1f8/0x250 [ 287.816299][ C2] __do_fast_syscall_32+0xe8/0x680 [ 287.818011][ C2] do_fast_syscall_32+0x32/0x80 [ 287.819630][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.821688][ C2] [ 287.822465][ C2] -> (&client->buffer_lock){....}-{3:3} { [ 287.824337][ C2] INITIAL USE at: [ 287.825650][ C2] lock_acquire+0x179/0x330 [ 287.827674][ C2] _raw_spin_lock+0x2e/0x40 [ 287.829667][ C2] evdev_pass_values+0x10e/0x9b0 [ 287.831804][ C2] evdev_events+0x1bb/0x390 [ 287.833799][ C2] input_pass_values+0x74e/0x880 [ 287.835997][ C2] input_handle_event+0xf00/0x14d0 [ 287.838164][ C2] input_inject_event+0x1e8/0x3b0 [ 287.840318][ C2] evdev_write+0x2e1/0x440 [ 287.842276][ C2] vfs_write+0x2a0/0x11d0 [ 287.844223][ C2] ksys_write+0x1f8/0x250 [ 287.846198][ C2] __do_fast_syscall_32+0xe8/0x680 [ 287.848390][ C2] do_fast_syscall_32+0x32/0x80 [ 287.850481][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.853065][ C2] } [ 287.853924][ C2] ... key at: [] __key.88+0x0/0x40 [ 287.856305][ C2] ... acquired at: [ 287.857581][ C2] _raw_spin_lock+0x2e/0x40 [ 287.859059][ C2] evdev_pass_values+0x10e/0x9b0 [ 287.860713][ C2] evdev_events+0x1bb/0x390 [ 287.862220][ C2] input_pass_values+0x74e/0x880 [ 287.863882][ C2] input_handle_event+0xf00/0x14d0 [ 287.865595][ C2] input_inject_event+0x1e8/0x3b0 [ 287.867277][ C2] evdev_write+0x2e1/0x440 [ 287.868768][ C2] vfs_write+0x2a0/0x11d0 [ 287.870233][ C2] ksys_write+0x1f8/0x250 [ 287.871701][ C2] __do_fast_syscall_32+0xe8/0x680 [ 287.873395][ C2] do_fast_syscall_32+0x32/0x80 [ 287.875015][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.877161][ C2] [ 287.877945][ C2] -> (&dev->event_lock#2){..-.}-{3:3} { [ 287.879731][ C2] IN-SOFTIRQ-W at: [ 287.881016][ C2] lock_acquire+0x179/0x330 [ 287.882977][ C2] _raw_spin_lock_irqsave+0x3a/0x60 [ 287.885148][ C2] input_event+0x74/0xd0 [ 287.887097][ C2] hidinput_report_event+0xb2/0x100 [ 287.889281][ C2] hid_report_raw_event+0x268/0x12c0 [ 287.891482][ C2] __hid_input_report.constprop.0+0x33f/0x470 [ 287.893924][ C2] hid_irq_in+0x35e/0x870 [ 287.895897][ C2] __usb_hcd_giveback_urb+0x38b/0x610 [ 287.898123][ C2] usb_hcd_giveback_urb+0x39b/0x450 [ 287.900290][ C2] dummy_timer+0x1809/0x3ad0 [ 287.902275][ C2] __hrtimer_run_queues+0x202/0xc40 [ 287.904444][ C2] hrtimer_run_softirq+0x17d/0x350 [ 287.906624][ C2] handle_softirqs+0x219/0x950 [ 287.909225][ C2] __irq_exit_rcu+0x109/0x170 [ 287.911563][ C2] irq_exit_rcu+0x9/0x30 [ 287.913448][ C2] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 287.915813][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 287.918241][ C2] pv_native_safe_halt+0xf/0x20 [ 287.920306][ C2] default_idle+0x13/0x20 [ 287.922218][ C2] default_idle_call+0x6c/0xb0 [ 287.924252][ C2] do_idle+0x38d/0x510 [ 287.926086][ C2] cpu_startup_entry+0x4f/0x60 [ 287.928103][ C2] start_secondary+0x21d/0x2d0 [ 287.930134][ C2] common_startup_64+0x13e/0x148 [ 287.932157][ C2] INITIAL USE at: [ 287.933384][ C2] lock_acquire+0x179/0x330 [ 287.935277][ C2] _raw_spin_lock_irqsave+0x3a/0x60 [ 287.937424][ C2] input_inject_event+0x9f/0x3b0 [ 287.939490][ C2] led_set_brightness+0x217/0x290 [ 287.941580][ C2] kbd_led_trigger_activate+0xcb/0x110 [ 287.943804][ C2] led_trigger_set+0x59a/0xc50 [ 287.945824][ C2] led_trigger_set_default+0x1e0/0x2e0 [ 287.948040][ C2] led_classdev_register_ext+0x71d/0xa30 [ 287.950329][ C2] input_leds_connect+0x552/0x8e0 [ 287.952427][ C2] input_attach_handler.isra.0+0x176/0x250 [ 287.954757][ C2] input_register_device+0xab9/0x11b0 [ 287.956979][ C2] atkbd_connect+0x5f8/0xa60 [ 287.958942][ C2] serio_driver_probe+0x7f/0xd0 [ 287.960987][ C2] really_probe+0x241/0xb20 [ 287.962915][ C2] __driver_probe_device+0x1de/0x470 [ 287.965081][ C2] driver_probe_device+0x4c/0x1b0 [ 287.967155][ C2] __driver_attach+0x283/0x5e0 [ 287.969172][ C2] bus_for_each_dev+0x13e/0x1d0 [ 287.971208][ C2] serio_handle_event+0x281/0xb30 [ 287.973295][ C2] process_one_work+0x9ba/0x1b20 [ 287.975378][ C2] worker_thread+0x6c8/0xf10 [ 287.977354][ C2] kthread+0x3c5/0x780 [ 287.979106][ C2] ret_from_fork+0x983/0xb10 [ 287.981113][ C2] ret_from_fork_asm+0x1a/0x30 [ 287.983136][ C2] } [ 287.984002][ C2] ... key at: [] __key.7+0x0/0x40 [ 287.986250][ C2] ... acquired at: [ 287.987488][ C2] __lock_acquire+0xc38/0x2890 [ 287.989076][ C2] lock_acquire+0x179/0x330 [ 287.990591][ C2] _raw_spin_lock_irqsave+0x3a/0x60 [ 287.992311][ C2] input_event+0x74/0xd0 [ 287.993745][ C2] hidinput_report_event+0xb2/0x100 [ 287.995485][ C2] hid_report_raw_event+0x268/0x12c0 [ 287.997180][ C2] __hid_input_report.constprop.0+0x33f/0x470 [ 287.999174][ C2] hid_irq_in+0x35e/0x870 [ 288.000615][ C2] __usb_hcd_giveback_urb+0x38b/0x610 [ 288.002361][ C2] usb_hcd_giveback_urb+0x39b/0x450 [ 288.004092][ C2] dummy_timer+0x1809/0x3ad0 [ 288.005640][ C2] __hrtimer_run_queues+0x202/0xc40 [ 288.007369][ C2] hrtimer_run_softirq+0x17d/0x350 [ 288.009057][ C2] handle_softirqs+0x219/0x950 [ 288.010658][ C2] __irq_exit_rcu+0x109/0x170 [ 288.012243][ C2] irq_exit_rcu+0x9/0x30 [ 288.013684][ C2] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 288.015566][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 288.017531][ C2] pv_native_safe_halt+0xf/0x20 [ 288.019143][ C2] default_idle+0x13/0x20 [ 288.020622][ C2] default_idle_call+0x6c/0xb0 [ 288.022215][ C2] do_idle+0x38d/0x510 [ 288.023518][ C2] cpu_startup_entry+0x4f/0x60 [ 288.025115][ C2] start_secondary+0x21d/0x2d0 [ 288.026726][ C2] common_startup_64+0x13e/0x148 [ 288.028373][ C2] [ 288.029160][ C2] [ 288.029160][ C2] stack backtrace: [ 288.031052][ C2] CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Tainted: G L syzkaller #0 PREEMPT(full) [ 288.031068][ C2] Tainted: [L]=SOFTLOCKUP [ 288.031072][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 288.031079][ C2] Call Trace: [ 288.031083][ C2] [ 288.031088][ C2] dump_stack_lvl+0x116/0x1f0 [ 288.031102][ C2] print_irq_inversion_bug.part.0+0x212/0x270 [ 288.031121][ C2] mark_lock+0x399/0x9f0 [ 288.031132][ C2] __lock_acquire+0xc38/0x2890 [ 288.031143][ C2] ? do_raw_spin_lock+0x12c/0x2b0 [ 288.031155][ C2] lock_acquire+0x179/0x330 [ 288.031164][ C2] ? input_event+0x74/0xd0 [ 288.031177][ C2] ? __asan_memcpy+0x3c/0x60 [ 288.031191][ C2] _raw_spin_lock_irqsave+0x3a/0x60 [ 288.031202][ C2] ? input_event+0x74/0xd0 [ 288.031213][ C2] input_event+0x74/0xd0 [ 288.031223][ C2] hidinput_report_event+0xb2/0x100 [ 288.031239][ C2] hid_report_raw_event+0x268/0x12c0 [ 288.031252][ C2] ? _mutex_lock_killable+0x7/0x20 [ 288.031268][ C2] __hid_input_report.constprop.0+0x33f/0x470 [ 288.031283][ C2] hid_irq_in+0x35e/0x870 [ 288.031296][ C2] __usb_hcd_giveback_urb+0x38b/0x610 [ 288.031322][ C2] usb_hcd_giveback_urb+0x39b/0x450 [ 288.031337][ C2] dummy_timer+0x1809/0x3ad0 [ 288.031356][ C2] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 288.031369][ C2] ? __pfx_dummy_timer+0x10/0x10 [ 288.031383][ C2] ? rcu_is_watching+0x12/0xc0 [ 288.031397][ C2] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 288.031410][ C2] ? __pfx_dummy_timer+0x10/0x10 [ 288.031423][ C2] __hrtimer_run_queues+0x202/0xc40 [ 288.031438][ C2] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 288.031451][ C2] ? read_tsc+0x9/0x20 [ 288.031466][ C2] hrtimer_run_softirq+0x17d/0x350 [ 288.031480][ C2] handle_softirqs+0x219/0x950 [ 288.031495][ C2] ? __pfx_handle_softirqs+0x10/0x10 [ 288.031510][ C2] __irq_exit_rcu+0x109/0x170 [ 288.031523][ C2] irq_exit_rcu+0x9/0x30 [ 288.031536][ C2] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 288.031549][ C2] [ 288.031552][ C2] [ 288.031556][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 288.031567][ C2] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 288.031580][ C2] Code: 66 62 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 73 87 15 00 fb f4 cc 35 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 288.031595][ C2] RSP: 0018:ffffc9000047fde8 EFLAGS: 00000286 [ 288.031604][ C2] RAX: 000000000033623d RBX: 0000000000000002 RCX: ffffffff8b74d6d9 [ 288.031610][ C2] RDX: 0000000000000000 RSI: ffffffff8dac831b RDI: ffffffff8bf2a980 [ 288.031616][ C2] RBP: ffffed1003adf930 R08: 0000000000000001 R09: ffffed100568673d [ 288.031623][ C2] R10: ffff88802b4339eb R11: ffff88801d6fd4b0 R12: 0000000000000002 [ 288.031629][ C2] R13: ffff88801d6fc980 R14: ffffffff9088b3d0 R15: 0000000000000000 [ 288.031637][ C2] ? ct_kernel_exit+0x139/0x190 [ 288.031652][ C2] default_idle+0x13/0x20 [ 288.031665][ C2] default_idle_call+0x6c/0xb0 [ 288.031679][ C2] do_idle+0x38d/0x510 [ 288.031692][ C2] ? __pfx_do_idle+0x10/0x10 [ 288.031706][ C2] cpu_startup_entry+0x4f/0x60 [ 288.031719][ C2] start_secondary+0x21d/0x2d0 [ 288.031735][ C2] ? __pfx_start_secondary+0x10/0x10 [ 288.031752][ C2] common_startup_64+0x13e/0x148 [ 288.031767][ C2] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 288.473854][T18302] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0 [ 288.477460][T18302] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.538801][T18302] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0 [ 288.541951][T18302] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.638201][ T6004] usb 10-1: USB disconnect, device number 4 [ 288.669423][T18302] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0 [ 288.673499][T18302] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.748485][T18302] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0 [ 288.751809][T18302] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.816836][T18302] bridge_slave_1: left allmulticast mode [ 288.818788][T18302] bridge_slave_1: left promiscuous mode [ 288.820715][T18302] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.823610][T18302] bridge_slave_0: left allmulticast mode [ 288.825411][T18302] bridge_slave_0: left promiscuous mode [ 288.827416][T18302] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.909606][T18302] bond3 (unregistering): (slave geneve2): Releasing active interface [ 288.999102][T18302] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 289.002413][T18302] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 289.005433][T18302] bond0 (unregistering): Released all slaves [ 289.008857][T18302] bond1 (unregistering): (slave bond2): Releasing backup interface [ 289.011608][T18302] bond1 (unregistering): Released all slaves [ 289.094810][T18302] bond2 (unregistering): Released all slaves [ 289.100241][T18302] bond3 (unregistering): Released all slaves [ 289.207595][T18302] tipc: Left network mode [ 289.550291][T18302] team0 (unregistering): Port device team_slave_1 removed [ 289.572385][T18302] team0 (unregistering): Port device team_slave_0 removed [ 289.613999][ T90] smc: removing ib device syz0 [ 290.209432][ T24] net_ratelimit: 12 callbacks suppressed [ 290.209443][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 290.377290][ T90] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.157279][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.237376][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.507195][ T1148] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.694528][T18302] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.789613][T18302] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.830749][T18302] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.910262][T18302] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.012702][T18302] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.092430][T18302] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.186293][T18302] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.279480][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 292.321258][T18302] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.385574][T18302] bridge_slave_1: left allmulticast mode [ 292.388657][T18302] bridge_slave_1: left promiscuous mode [ 292.391048][T18302] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.394620][T18302] bridge_slave_0: left allmulticast mode [ 292.396976][T18302] bridge_slave_0: left promiscuous mode [ 292.399432][T18302] bridge0: port 1(bridge_slave_0) entered disabled state [ 292.483415][T18302] erspan0 (unregistering): left promiscuous mode [ 292.499810][T18302] bond2 (unregistering): (slave gre1): Releasing backup interface [ 292.502271][T18302] gre1 (unregistering): left promiscuous mode [ 292.509466][T18302] bond4 (unregistering): (slave geneve3): Releasing active interface [ 292.513659][T18302] bond3 (unregistering): (slave geneve2): Releasing active interface [ 292.647228][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 292.747379][T18302] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 292.750756][T18302] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 292.753760][T18302] bond0 (unregistering): Released all slaves [ 292.756753][T18302] bond1 (unregistering): Released all slaves [ 292.819857][T18302] bond2 (unregistering): Released all slaves [ 292.881763][T18302] bond3 (unregistering): Released all slaves [ 292.944031][T18302] bond4 (unregistering): Released all slaves [ 293.093461][T18302] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 293.097524][T18302] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 293.101073][T18302] bond0 (unregistering): Released all slaves [ 293.165188][T18302] bond1 (unregistering): Released all slaves [ 293.259664][T18302] tipc: Left network mode [ 293.317567][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 293.767192][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 293.794688][T18302] dummy0: left promiscuous mode [ 293.796818][T18302] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 293.799556][T18302] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 293.803478][T18302] hsr_slave_0: left promiscuous mode [ 293.805872][T18302] hsr_slave_1: left promiscuous mode [ 293.807955][T18302] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 293.810311][T18302] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 293.813340][T18302] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 293.815721][T18302] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 293.819814][T18302] veth1_macvtap: left promiscuous mode [ 293.821651][T18302] veth0_macvtap: left promiscuous mode [ 293.823430][T18302] veth1_vlan: left promiscuous mode [ 293.954647][T18302] team0 (unregistering): Port device team_slave_1 removed [ 293.974570][T18302] team0 (unregistering): Port device team_slave_0 removed [ 294.197284][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 294.389379][T18302] team0 (unregistering): Port device team_slave_1 removed [ 294.416416][T18302] team0 (unregistering): Port device team_slave_0 removed [ 295.397382][ T6004] net_ratelimit: 2 callbacks suppressed [ 295.397394][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 295.487337][ T6031] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 296.037270][ T1141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 296.439134][ T6004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.137299][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.237353][ T828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog