last executing test programs: 9.300925283s ago: executing program 0 (id=1248): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000100)={0xeb, 0x0, [{0x1, 0x0, 0x5, 0x7, 0x800, 0x7fffffff, 0x2}]}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x486, 0x0, 0xfffffffffffffff6}]}) 8.796892437s ago: executing program 0 (id=1249): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) shutdown(r0, 0x1) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x1, @dev={0xfe, 0x80, '\x00', 0x39}, 0x3e}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 8.72632076s ago: executing program 2 (id=1250): syz_open_dev$ndb(0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x13, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000008000000180100002520732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000f98500000006000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r0, 0x0, 0x0, 0x0, &(0x7f0000000740), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) r1 = socket(0x2b, 0x80801, 0x1) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x2, @empty}, 0x1c) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0xc, 0x100008b}, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0) 8.641594673s ago: executing program 0 (id=1251): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @ipv4={'\x00', '\xff\xff', @empty}}], 0x1c) sendto$inet6(r1, &(0x7f00000004c0)="b0", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x7, @loopback, 0x4}, 0x1c) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, 0x0, &(0x7f0000000300)) 8.5461556s ago: executing program 0 (id=1252): openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x185202, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = fsopen(0x0, 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f0000001400)='(:2\x00}R\xc5\xc7\xb1\xdd\xcd\x84K\xb5\x9c{\t?CB?8u\xd6\xbd\xce|\xe0$4\"\x17\xcb\x1be\xbe\xa2\xe1|\x14\xdd\xc2G\xbd\x12\xdc\xcdQS\xc1\xbb\x9a\x86fF\xae\ar;9\xd6\xe6\x94\'\xce\xef\xd3\x8c\x8b*\x95\x06\xdb\x8e\x94Sm\xb3\xf5\x83J*\xafw\x86Sy\n\x96\xb7U2\x95\x1e\x7f8\xd6\x99\xfd\x0fGJ`\x18\xcb*\xff\t\x88\x01\xa5\xa6#\xfc\xe5\x12\xb4o\xa1\xda\xacy\xb3\xc8\xd0l!\x81\x02\xf5wk\x82V\xa2\x12\xa8M\xb1\xc5\x1fZ\xba\xb5\x1f\x15\x9b\xc5\xef\xc3\xb0\x93n\x90f\xd6\x9d%\xb0k\xf7\x05\x8e\x91\xc1qJS\x03\x83\x80k\xf3\xd1\xd4\xe3\xddo\xc0(\xf5\xdfb\xf9\xcb\x90y\v&\xb4O\x8aCV4t\x19\xfc\x05', 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000300)='./file0\x00', &(0x7f0000000040), 0x8c, 0x0) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil) socket$inet_sctp(0x2, 0x1, 0x84) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000024c0)=@newtaction={0xb4, 0x30, 0x58f, 0x0, 0x0, {}, [{0xa0, 0x1, [@m_ctinfo={0x48, 0x2, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x80, 0x5, 0x5, 0x1, 0x2}}]}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, @local, @remote}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000020000000200000004"], 0x50) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000400000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x15, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000bc0)={r7, 0x0, 0x0}, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x1c, r9, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}}, 0x0) sendmsg$FOU_CMD_DEL(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r9, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}}, 0x4) 8.191023609s ago: executing program 2 (id=1254): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0) r2 = dup3(r1, r0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x900, 0xfffd) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0) r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) read$FUSE(r3, &(0x7f00000034c0)={0x2020}, 0xcac) 6.710550627s ago: executing program 2 (id=1258): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRESHEX=0x0, @ANYRESOCT=0x0], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000980)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb02001800000000000000280000002800000004000000020000000100000f010000000300000002000000004b865800040000000000000f03000000e0ea94005f5f00"], 0x0, 0x44, 0x0, 0x1}, 0x28) r0 = getpid() r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f0000000200)="17000000020001000003d68c5ee17688a2003208020300ecff3f0200000300800a000000009afc5ad9485bbb6a880000d6c8db0000dba67e060180000a0000f10607bdff59100ac45761407a68fbff9cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000000000000000000000084d6f31d5de024f", 0xc0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000380)={0xffffffffffffffff, 0x933, 0x6, 0xfffffff7, 0x1, 0x0, [{0xfc, 0x4e3, 0x8}]}) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) unlink(&(0x7f00000000c0)='./file0\x00') pwritev2(r5, &(0x7f0000000980)=[{&(0x7f0000000500)="be", 0x1}], 0x1, 0x5, 0xa, 0x14) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01f200100000000000000800030000000000", @ANYRES32=r8, @ANYBLOB="10005a800c00038005000400ec000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r9, 0x9c3fa077fa966179, 0x12, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x4040800) syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0) 6.305656764s ago: executing program 1 (id=1259): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000280)={0x200000, 0x200000, 0x0, 0x0, 0x10000}) r0 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r0, &(0x7f0000000100)={0x2a, 0x1, 0x1}, 0xc) 3.502980453s ago: executing program 0 (id=1260): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @ipv4={'\x00', '\xff\xff', @empty}}], 0x1c) sendto$inet6(r1, &(0x7f00000004c0)="b0", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x7, @loopback, 0x4}, 0x1c) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, 0x0, &(0x7f0000000300)) 3.502505134s ago: executing program 3 (id=1261): r0 = fsopen(&(0x7f0000000180)='exfat\x00', 0x0) ioctl$XFS_IOC_FREE_EOFBLOCKS(r0, 0x8080583a, &(0x7f0000000340)={0x767a3125, 0x7, 0xcac7, 0xe, 0x8000, 0x0, 0x8000000000000000}) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000480), r1) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000000)={'wpan0\x00'}) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000040)='./file0\x00') r3 = inotify_init1(0x800) inotify_add_watch(r3, &(0x7f0000000240)='.\x00', 0x60000526) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58) setsockopt$ALG_SET_AEAD_AUTHSIZE(r4, 0x117, 0x6, 0x0, 0x5) setxattr$system_posix_acl(0x0, &(0x7f0000000180)='system.posix_acl_default\x00', 0x0, 0x0, 0x2) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff) r5 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xa2) r6 = socket(0x10, 0x2, 0x0) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) dup(r7) sendmsg$inet6(r7, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f00000003c0)=[{&(0x7f00000004c0)="99", 0x1}], 0x1}, 0x4048043) r8 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e24, @local}], 0x10) sendto$inet6(r8, &(0x7f0000000400)='\x00', 0x1, 0x44004, &(0x7f0000000100)={0xa, 0x4e23, 0xb, @loopback, 0xc5f}, 0x1c) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCETHTOOL(r6, 0x89f1, &(0x7f0000000140)={'veth1_virt_wifi\x00', &(0x7f0000000600)=@ethtool_eeprom={0xc, 0x91, 0xcc, 0xcf, "805da99d9fc0420c5b7072c4bb8f2bb61517abb699da04c2dfb517c35e2c7d59ca6a57bcda13af063ceead77224c4fdef1978e08a0c30f44edb616c1fde688cad5cc9c6469d157ff893503fb2d03d39a730af562f1c5fd2bff5c348a279d22bdbb6dda6028ef2f0d3ab4fb923eb3a82da9c67a877211c03fda3afc1626f7246903789c9e6828d0f547ff42702c3db45f08a9a09294486bf8ef05a8cdabe59f235a9601462e5c37fecb4d5ca31a48fdc8186f5053f983c5f5ce559728bf34336fb12b2f73289057bf0ce106eb4afdc8"}}) write$FUSE_INIT(r5, &(0x7f0000000140)={0x50}, 0xffd3) 2.949414777s ago: executing program 1 (id=1262): syz_open_dev$ndb(0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x13, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000008000000180100002520732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000f98500000006000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r0, 0x0, 0x0, 0x0, &(0x7f0000000740), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) r1 = socket(0x2b, 0x80801, 0x1) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x2, @empty}, 0x1c) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0xc, 0x100008b}, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0) 2.781754864s ago: executing program 0 (id=1263): socket$nl_generic(0x10, 0x3, 0x10) r0 = fanotify_init(0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) brk(0x689d80000000) r1 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x103000) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x2241, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x9, 0x6, 0x4d, 0x0, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", '\x00', "a2a200", ["06000000100000000ecb00", "bed0f3d6ce7a5f7389827f04", "d409343c60abd64f2fdc9ddf", "fc43009f621000"]}) r2 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0xc0b02) ioctl$CEC_TRANSMIT(r2, 0xc0386105, &(0x7f0000000d40)={0x0, 0x1, 0x4, 0x4, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059", 0x0, 0xfc, 0x0, 0x10}) ioctl$CEC_TRANSMIT(r2, 0xc0386105, &(0x7f0000000140)={0x100000000, 0x800, 0xf, 0x80000001, 0xfe1c, 0x6, "72aba977db089b65fdfdc5bd97abc350", 0x74, 0x3, 0xa7, 0x7, 0x8, 0x7, 0x29}) syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) syz_open_dev$dri(0x0, 0x2, 0xc8d03) r3 = socket(0x1d, 0x2, 0x6) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000140)={'vxcan1\x00', 0x0}) bind$can_j1939(r3, &(0x7f0000000000)={0x1d, r5, 0x3}, 0x18) sendmmsg$inet(r3, &(0x7f0000002e00)=[{{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000080)="d171e4c4c55f7973", 0x8}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="a6d8069c2bbec47b4cb78b08174cc6749376c1a52cc0", 0x16}], 0x1}}], 0x2, 0x0) syz_usb_connect(0x4, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r3) r6 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r6, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r6, 0x2) setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f00000004c0)=0x752d8238, 0x4) syz_emit_ethernet(0x4a, &(0x7f0000000600)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4600f5", 0x14, 0x6, 0x1, @remote, @rand_addr=' \x01\x00', {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x2}}}}}}}, 0x0) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x5a) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendto$inet_nvme_of_msg(r3, &(0x7f0000000680)={@cmd={{0x4, 0xd, 0x48, 0xa}, {@auth_common={0x7f, 0x80, 0xbe0, 0x6, "e9cf4b6db6f5510d94b6f59c0a4bd46abd4dc0", @anon_struct={0x3, 0x7e}, 0x7, 0xe, 0x2, 0x9, 0xb, "9ef322afa195add877c93c24d19dcae4"}}}, @val=0x0}, 0x88, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 2.114914206s ago: executing program 1 (id=1264): socketpair$tipc(0x1e, 0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 1.998085055s ago: executing program 1 (id=1265): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) connect$inet(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) r5 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r5, &(0x7f0000000080)={0x1d, r4, 0x0, {0x2, 0x0, 0x4}, 0x2}, 0x18) sendmsg$can_j1939(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1}}, 0xee) fchdir(0xffffffffffffffff) 1.73076453s ago: executing program 2 (id=1266): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0) r2 = dup3(r1, r0, 0x0) openat$snapshot(0xffffffffffffff9c, 0x0, 0x900, 0xfffd) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0) r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) read$FUSE(r3, &(0x7f00000034c0)={0x2020}, 0xcac) 1.658474793s ago: executing program 3 (id=1267): r0 = socket$inet6(0xa, 0x80001, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000500)={0xa, 0x4e22, 0x8, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x3}, 0x1c) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0x7, 0x0, 0x0) r3 = fcntl$dupfd(r1, 0x406, r1) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000380)=0x10, 0x1c) sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200440d1}, 0x800e885) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r3) syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r3) shutdown(r3, 0x1) getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f00000001c0)={@mcast1}, &(0x7f0000000200)=0x14) 1.443016798s ago: executing program 2 (id=1268): timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x2}, &(0x7f0000bbdffc)) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = userfaultfd(0x1) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x91c6b000) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1}) syz_open_procfs(0x0, &(0x7f0000001040)='net/nf_conntrack_expect\x00') syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000000000/0x800000)=nil, 0x800000}) syz_open_dev$hiddev(0x0, 0x0, 0x0) 939.128123ms ago: executing program 3 (id=1269): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x94, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x2, 0x2}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc0445609, &(0x7f0000000180)=@userptr={0x7, 0x2, 0x4, 0x40, 0xfffffff9, {0x77359400}, {0x1, 0x1, 0x8, 0x3, 0x2, 0x10, "7326b847"}, 0x8, 0x2, {0x0}, 0x4}) 826.260062ms ago: executing program 1 (id=1270): ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0) epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0) cachestat(r0, 0x0, &(0x7f0000000200), 0x0) ioctl$TCGETS2(r1, 0x802c542a, &(0x7f0000000280)) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = getpid() sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0xd9) r4 = syz_io_uring_setup(0xefe, &(0x7f0000000080)={0x0, 0x0, 0x1, 0x83, 0x3af}, &(0x7f0000000100)=0x0, &(0x7f0000000440)=0x0, &(0x7f0000000180)) syz_io_uring_modify_offsets$generic(r5, r6, 0x2c, 0x10000) io_uring_enter(r4, 0x2883, 0xf1bd, 0x0, 0x0, 0x0) io_uring_enter(r4, 0x7fffffe, 0x5, 0x5, 0x0, 0x0) io_uring_enter(r4, 0x5bbb, 0xc549, 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG_x86(r7, 0x4048ae9b, &(0x7f0000000080)={0xe0003, 0x0, {[0xffffffffffffffff, 0x1f8, 0x83, 0xffffffffefffff15, 0x3, 0x4, 0x1, 0x4]}}) ioctl$KVM_RUN(r7, 0xae80, 0x0) futex(&(0x7f0000000040)=0x2, 0x5, 0x2, 0x0, 0x0, 0x35000001) madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15) r8 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00') pread64(r8, &(0x7f000001c040)=""/102348, 0x18fcc, 0x4) 804.385205ms ago: executing program 3 (id=1271): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @ipv4={'\x00', '\xff\xff', @empty}}], 0x1c) sendto$inet6(r1, &(0x7f00000004c0)="b0", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x7, @loopback, 0x4}, 0x1c) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, 0x0, &(0x7f0000000300)) 617.156047ms ago: executing program 3 (id=1272): syz_open_dev$ndb(&(0x7f0000000480), 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r0, 0x0, 0x0, 0x0, &(0x7f0000000740), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) r1 = socket(0x2b, 0x80801, 0x1) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x2, @empty}, 0x1c) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0xc, 0x100008b}, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0) 62.983059ms ago: executing program 3 (id=1273): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$unix(0x1, 0x2, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) socket$kcm(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r3, @ANYBLOB="0c009900ff070000700000001400040073797a6b616c6c65723000000000000008000500070000000a0018"], 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r4) socket$inet_sctp(0x2, 0x5, 0x84) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) 18.859327ms ago: executing program 2 (id=1274): openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) mq_timedsend(0xffffffffffffffff, 0x0, 0xff7f, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) listen(0xffffffffffffffff, 0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='rdma.current\x00', 0x275a, 0x0) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) read(r1, &(0x7f0000000040)=""/154, 0x9a) syz_open_dev$vbi(0x0, 0x1, 0x2) r2 = openat$urandom(0xffffffffffffff9c, 0x0, 0x2000, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000040)={@cgroup=r3, r3, 0x2f}, 0x20) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@fallback=r3, 0x2f, 0x0, 0x0, &(0x7f0000000140)=[0x0], 0x1, 0x0, 0x0, 0x0, &(0x7f0000003680)}, 0x40) ioctl$RNDADDTOENTCNT(r2, 0x40045201, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0xfeffff, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80000000}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff0ff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b70000000000000095000010000000004e62011c3034fdb117168bd07ba08af339d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945ff15d802f5132143c0a9fc7a84452569957c1002ed7d458e17f791f4798c8eb484de03312c69b3edff5be26765ba5f8f2879021c2ea53ac547a654bbd2db5356b971d83dd12742be9087a3e7b7c0efd3e38c794eb06b0b8c392904ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057826ef4e912f01a201e694e3049b8c8fe8b65d8d66bb766f7f3f918c86a702522368d9f81897133af94a5a4cff7f4d8b9d8eaf302f0b2e0c252b0000000000000000ee917bca4885bbf597a14ab6458e6272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36be115be3b325ecd201d2ffb0a7fa4f5d1106560cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b861299fcd9ed9d8679406419406bf0c5329bd5b4697336112b0b8756ce3574046bf611a108f8df4d1a88597840b702b6fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f7faf39a43a66c5540b8762b42007c9ec43193ccf617dbf8a12b4a189edbf9fb7c42b1f435ccd4b19b53b60322af0aa66e8f448e1bd96822e6b70b62912c926dbe417cccd4f696d528fa8a3ea847f10e9b1106f3bb506f1d7fbdf801000000000000006c028eb5b5a073d0de5538ab42e171b3baae34c35987b0dda497ac3f5e97e60eaeea15c6d55badf9b86b1c000100006e60cd06c9ed24313ce607d403bb6030f800000000690db0221b1705c501f802ff59b4e683efa4b6e77e042072ec9eb8166f6e28b49a7705a1befc4d315878f88a8fb1dd679fb4c5557abae6849917dc51a89d47b728502f7e621fc0e3ba04020000c149ee6601728c750930519339b44197c22da865059b475afd96187d881e93b42a5fdfd686d8900c44c67133eeb0109dcb60dddad58037fda65885a15a42560ee3027a5ebf95254744f10fd607bc3100b94932b8d9447c42f6e21ee0e54f8be386bdc09decece910a481e648e0cb074536a25ff581d92af08a06f857311a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6ae00f0000000000006a8194479700a02b92bec8d05eae1f24fdd7b80d3dde04c22f689594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4acd7acf1dfe79d6771903b76e2ae47d972651390c22d641030e1ddac018dc3116e1803af10a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f00000000000000001000ba96edb95ede0e1957c2a2754258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548941d5d16297757310d9daebd5a3dabbced3b051129cd60a37d397643324e6f0aadf978d639650000000000000000570b0acbcaa196e6b46e213a34c1a550e7c2d8cee7a278cee591f360e345d37dc9f8991a16c08d72317e42d2ac9126acd76130ef1086016697e4d51c4b42b2efc8edab88d46bc3d5d6e5a634c912bc40513643bf44cb416b3149040220aa39035ae46d16d879fc815a5cb84b0d5c8ad970128adf8dec1171e860ca54ce5d6a5aa0327bca4f49a710bf8a8399071237fe5d764e2034873c94a4f21287f3bce3eeb69e94df2e14e4ab10cc7834b304bc879b80255991dd7aac2e92c9e7c411c019d229c1f1e563152f1c5ae9cda3e808000000a0c779d624c5a2b7491b8f73e767389ecd1dee951353bb22b7caf89468871520823715cfebd04189c6c6b34bd8a6541f6bc0630000000000f94e85f5111add3a3cb5bcace95f38465402c39df835754ef33056b0e1134187822c001a25304f3e00b44675d0a25a21dc4023c642cc6f5a75c45a29ab933600acf9a2d471b73a73178cdf309e5d53311996215b44295dfddc1dd6b81132e999366e460d15d366e84da02b8afc40c47e733f804460ed8300ec34eab2ed80097bd32ff1a6143ab1476037e474ca876187c85bed4391215cd77e6a1fd6399a498b96b9b0cca93255acb08c67e50004c5af6fd5b4ce7c1ebc9202bd7b329a4d2530486d5999dd7f90ebecca37f2869135438f05407b1fd7481daf9ec94b799c12e714d573e2a6331f496254f254a60c52b2026ed6a72c82cd191490fabe7b151f92e5d700f21830d613fbe490f305b3845a78817e59bf7ed36471dbca01d39e50ae2535460e1d2f2614940647233a02d5000000000000000000f70e52f0d56f6a4dcf7e57c03d4b4add0500000000000000320304d0d2b308c5ed3956eae263035d703f862224e9818a3d7ac270793a7bf2af87585293960a80ac63c54e55063bf8d24639e561253ef0caf6c58118120d8acecc0528f0d81d291009fc46401baf9c22d1c452a5b61b7a1b9adfcc17f5ad99dcdf935923185db7b14a7fa7babc1f53df70618bb73aa810b756696f26653b84cf842ae433fda59fbe312be11bb7dfecdc38c1c1f688d2724568cc396fca7c74984b7f7bd000000000000003ff3e5857fc6598c933610be374909dc8622b0722259e922f40d7862f7ea72f1754f07711de7600000000000000000000000000c4cb643e73ad8a45f0c7164484540e66e29943aa72297d831ce6c978866a55ed53130c6747f569c9c9abe724b4fc647b17401d2201e8c201e7d6ffa1fa122677f7393ed4fe8a93306f048b6703b04544e42a9cd937ef8d98ee8d878a12a627791c5c2d9fc6de65356be92fd98fdbe819686c7bd3be5bd0ce627c8357675f752c73a502d25c31c831078f098c34295bfe90e882843003841f4c0c65dc1810a50000000000000015911cb03e743c482199757d35df5b59fe0a0c5240c85498d818578e2d65c4ff4acbee037498222b1f81f3726a244da1fd6b8c195f1303bedb744045f31e1547d7bc3c3eae68b8da059a59c8c37e3639c2c4eb3d8229ac24d2ce12bc0e5db4a8202d72e64d5c5eacd0d0c0cd7a879ed967f5a2bd39ae4cf7daf7c9fa1777d54fb5920c8434163f75062c62455bf6e23817a85d"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r4, 0xfeffff, 0x113, 0x3f00f000, &(0x7f0000000700)="c45c573d395de5b2891a7d637a223920f181c2e57d71483cfb2d075a3fa67258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0x4a, 0xffffff0c}, 0x40) 0s ago: executing program 1 (id=1275): r0 = socket$kcm(0x11, 0x3, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r3) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x400001, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0x10}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40088c1}, 0x404d004) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r6, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600006fb96dbcf706e10500000086ddffff1144ee1611d4b8bf4a31accb", 0xee19}], 0x1}, 0x0) kernel console output (not intermixed with test programs): syz.2.154': attribute type 10 has an invalid length. [ 113.806254][ T6256] FAT-fs (loop1): error, clusters badly computed (52 != 163892) [ 113.822902][ T6282] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 113.839476][ T6256] FAT-fs (loop1): error, clusters badly computed (53 != 163893) [ 113.885374][ T6282] team0: Failed to send options change via netlink (err -105) [ 113.913673][ T6282] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 113.943730][ T6282] team0: Port device dummy0 removed [ 113.951964][ T6256] FAT-fs (loop1): error, clusters badly computed (54 != 163894) [ 113.965295][ T6256] FAT-fs (loop1): error, clusters badly computed (55 != 163895) [ 113.985934][ T6282] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 113.999573][ T6256] FAT-fs (loop1): error, clusters badly computed (56 != 163896) [ 114.008966][ T6256] FAT-fs (loop1): error, clusters badly computed (57 != 163897) [ 114.029236][ T6256] FAT-fs (loop1): error, clusters badly computed (58 != 163898) [ 114.058182][ T6256] FAT-fs (loop1): error, clusters badly computed (59 != 163899) [ 114.067036][ T6256] FAT-fs (loop1): error, clusters badly computed (60 != 163900) [ 114.075091][ T6256] FAT-fs (loop1): error, clusters badly computed (61 != 163901) [ 114.083100][ T6256] FAT-fs (loop1): error, clusters badly computed (62 != 163902) [ 114.091105][ T6256] FAT-fs (loop1): error, clusters badly computed (63 != 163903) [ 114.099100][ T6256] FAT-fs (loop1): error, clusters badly computed (64 != 163904) [ 114.107088][ T6256] FAT-fs (loop1): error, clusters badly computed (65 != 163905) [ 114.115015][ T6256] FAT-fs (loop1): error, clusters badly computed (66 != 163906) [ 114.124542][ T6256] FAT-fs (loop1): error, clusters badly computed (67 != 163907) [ 114.214684][ T6286] bridge1: entered promiscuous mode [ 114.220277][ T6286] bridge1: entered allmulticast mode [ 114.365015][ T6256] FAT-fs (loop1): error, clusters badly computed (68 != 163908) [ 114.481853][ T6256] FAT-fs (loop1): error, clusters badly computed (69 != 163909) [ 114.607192][ T6256] FAT-fs (loop1): error, clusters badly computed (70 != 163910) [ 114.782515][ T6256] FAT-fs (loop1): error, clusters badly computed (71 != 163911) [ 114.821943][ T6256] FAT-fs (loop1): error, clusters badly computed (72 != 163912) [ 114.869758][ T6256] FAT-fs (loop1): error, clusters badly computed (73 != 163913) [ 114.920891][ T6256] FAT-fs (loop1): error, clusters badly computed (74 != 163914) [ 114.928873][ T6256] FAT-fs (loop1): error, clusters badly computed (75 != 163915) [ 114.969571][ T6256] FAT-fs (loop1): error, clusters badly computed (76 != 163916) [ 114.977581][ T6256] FAT-fs (loop1): error, clusters badly computed (77 != 163917) [ 115.008726][ T6256] FAT-fs (loop1): error, clusters badly computed (78 != 163918) [ 115.017060][ T6256] FAT-fs (loop1): error, clusters badly computed (79 != 163919) [ 115.046149][ T6291] loop3: detected capacity change from 0 to 512 [ 115.051226][ T6289] netlink: 532 bytes leftover after parsing attributes in process `syz.2.157'. [ 115.052890][ T6256] FAT-fs (loop1): error, clusters badly computed (80 != 163920) [ 115.080306][ T6256] FAT-fs (loop1): error, clusters badly computed (81 != 163921) [ 115.088506][ T6256] FAT-fs (loop1): error, clusters badly computed (82 != 163922) [ 115.114901][ T6256] FAT-fs (loop1): error, clusters badly computed (83 != 163923) [ 115.132506][ T6256] FAT-fs (loop1): error, clusters badly computed (84 != 163924) [ 115.147892][ T6291] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 115.161892][ T6256] FAT-fs (loop1): error, clusters badly computed (85 != 163925) [ 115.170265][ T6256] FAT-fs (loop1): error, clusters badly computed (86 != 163926) [ 115.178224][ T6256] FAT-fs (loop1): error, clusters badly computed (87 != 163927) [ 115.186377][ T6291] ext4 filesystem being mounted at /34/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 115.219134][ T6256] FAT-fs (loop1): error, clusters badly computed (88 != 163928) [ 115.227384][ T6256] FAT-fs (loop1): error, clusters badly computed (89 != 163929) [ 115.235526][ T6256] FAT-fs (loop1): error, clusters badly computed (90 != 163930) [ 115.243635][ T6256] FAT-fs (loop1): error, clusters badly computed (91 != 163931) [ 115.251644][ T6256] FAT-fs (loop1): error, clusters badly computed (92 != 163932) [ 115.259580][ T6256] FAT-fs (loop1): error, clusters badly computed (93 != 163933) [ 115.285330][ T6256] FAT-fs (loop1): error, clusters badly computed (94 != 163934) [ 115.309581][ T6256] FAT-fs (loop1): error, clusters badly computed (95 != 163935) [ 115.317480][ T6256] FAT-fs (loop1): error, clusters badly computed (96 != 163936) [ 115.359837][ T6256] FAT-fs (loop1): error, clusters badly computed (97 != 163937) [ 115.415077][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 116.006530][ T6324] loop0: detected capacity change from 0 to 512 [ 116.113249][ T6327] netlink: 596 bytes leftover after parsing attributes in process `syz.3.172'. [ 116.162112][ T6324] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 116.203754][ T6324] ext4 filesystem being mounted at /46/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 116.372258][ T6336] loop1: detected capacity change from 0 to 512 [ 116.432683][ T6336] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.445645][ T6336] ext4 filesystem being mounted at /36/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 116.538751][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 116.688395][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.018580][ T6360] netlink: 596 bytes leftover after parsing attributes in process `syz.1.183'. [ 117.352621][ T6369] loop0: detected capacity change from 0 to 512 [ 117.453053][ T6369] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 117.491063][ T6369] ext4 filesystem being mounted at /49/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 117.652961][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 117.961315][ T6393] netlink: 596 bytes leftover after parsing attributes in process `syz.3.193'. [ 118.287776][ T6405] loop1: detected capacity change from 0 to 512 [ 118.366630][ T6405] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 118.426318][ T6405] ext4 filesystem being mounted at /43/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 118.623866][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 118.834510][ T6425] loop3: detected capacity change from 0 to 512 [ 118.879341][ T6425] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.912251][ T6425] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 118.998549][ T6425] EXT4-fs error (device loop3): ext4_empty_dir:3139: inode #12: comm syz.3.205: Directory hole found for htree leaf block 0 [ 119.120088][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.323270][ T6436] loop1: detected capacity change from 0 to 512 [ 119.437088][ T6436] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 119.505889][ T6436] ext4 filesystem being mounted at /46/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 119.614428][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 120.413607][ T6471] loop1: detected capacity change from 0 to 512 [ 120.435794][ T6471] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 120.449185][ T6471] ext4 filesystem being mounted at /49/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 120.559700][ T6475] bridge2: entered promiscuous mode [ 120.565062][ T6475] bridge2: entered allmulticast mode [ 121.306936][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 121.700090][ T6491] netlink: 596 bytes leftover after parsing attributes in process `syz.1.232'. [ 121.863965][ T6497] loop1: detected capacity change from 0 to 512 [ 121.888931][ T6497] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.917697][ T6497] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 121.981151][ T6501] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 121.990460][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.399971][ T6515] netlink: 596 bytes leftover after parsing attributes in process `syz.2.243'. [ 122.465506][ T6520] loop1: detected capacity change from 0 to 512 [ 122.502004][ T6520] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 122.520282][ T6520] ext4 filesystem being mounted at /55/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 122.635836][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 122.796195][ T6530] Cannot find add_set index 1 as target [ 122.859787][ T6532] loop3: detected capacity change from 0 to 1024 [ 122.919704][ T6532] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 122.993704][ T6532] EXT4-fs error (device loop3): ext4_ext_check_inode:530: inode #11: comm syz.3.250: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 123.014455][ T6532] EXT4-fs error (device loop3): ext4_orphan_get:1409: comm syz.3.250: couldn't read orphan inode 11 (err -117) [ 123.030161][ T6532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.087125][ T6532] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 123.186472][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.200812][ T6546] netlink: 596 bytes leftover after parsing attributes in process `syz.1.255'. [ 123.216097][ T6543] loop2: detected capacity change from 0 to 512 [ 123.324053][ T6543] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 123.347735][ T6550] loop3: detected capacity change from 0 to 512 [ 123.380209][ T6543] ext4 filesystem being mounted at /72/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 123.528549][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 123.536870][ T6550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.550462][ T6550] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 123.654265][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.654295][ T6558] loop1: detected capacity change from 0 to 1024 [ 123.671240][ T6558] ======================================================= [ 123.671240][ T6558] WARNING: The mand mount option has been deprecated and [ 123.671240][ T6558] and is ignored by this kernel. Remove the mand [ 123.671240][ T6558] option from the mount to silence this warning. [ 123.671240][ T6558] ======================================================= [ 123.780638][ T6558] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 123.793074][ T6558] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 124.013491][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 124.217221][ T6575] loop3: detected capacity change from 0 to 512 [ 124.309930][ T6575] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 124.313638][ T6581] netlink: 36 bytes leftover after parsing attributes in process `syz.0.269'. [ 124.361404][ T6575] ext4 filesystem being mounted at /58/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 124.523444][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 125.035121][ T6605] netlink: 36 bytes leftover after parsing attributes in process `syz.3.280'. [ 125.064589][ T6608] loop2: detected capacity change from 0 to 512 [ 125.168487][ T6608] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 125.249782][ T6608] ext4 filesystem being mounted at /79/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 125.474340][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 126.345997][ T6626] bridge1: entered promiscuous mode [ 126.352801][ T6626] bridge1: entered allmulticast mode [ 126.497488][ T6638] netlink: 36 bytes leftover after parsing attributes in process `syz.2.292'. [ 126.796578][ T6648] loop2: detected capacity change from 0 to 512 [ 126.902737][ T6648] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 126.959571][ T6648] ext4 filesystem being mounted at /82/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 127.250259][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 127.441752][ T6666] bridge2: entered promiscuous mode [ 127.447143][ T6666] bridge2: entered allmulticast mode [ 128.296178][ T6672] netlink: 36 bytes leftover after parsing attributes in process `syz.1.305'. [ 128.636891][ T6687] loop3: detected capacity change from 0 to 512 [ 128.689642][ T6689] loop1: detected capacity change from 0 to 512 [ 128.711788][ T6687] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 128.733895][ T6687] ext4 filesystem being mounted at /68/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 128.777947][ T6689] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.802969][ T6689] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 128.852547][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 128.998534][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.114387][ T6703] netlink: 36 bytes leftover after parsing attributes in process `syz.2.316'. [ 129.605698][ T6721] loop1: detected capacity change from 0 to 512 [ 129.703632][ T6721] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 129.746722][ T6730] netlink: 36 bytes leftover after parsing attributes in process `syz.0.328'. [ 129.766233][ T6721] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 130.026358][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 130.340119][ T6749] netlink: 36 bytes leftover after parsing attributes in process `syz.3.338'. [ 130.565220][ T6761] loop2: detected capacity change from 0 to 512 [ 130.657233][ T6761] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 130.679549][ T6761] ext4 filesystem being mounted at /92/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 130.787070][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 131.183741][ T6781] netlink: 36 bytes leftover after parsing attributes in process `syz.0.351'. [ 132.108988][ T6804] netlink: 'syz.0.361': attribute type 1 has an invalid length. [ 132.129573][ T6804] netlink: 'syz.0.361': attribute type 2 has an invalid length. [ 132.164238][ T6804] netlink: 'syz.0.361': attribute type 1 has an invalid length. [ 132.182793][ T6804] netlink: 'syz.0.361': attribute type 2 has an invalid length. [ 132.204967][ T6804] netlink: 'syz.0.361': attribute type 2 has an invalid length. [ 132.229700][ T6804] netlink: 'syz.0.361': attribute type 2 has an invalid length. [ 132.267382][ T6804] netlink: 'syz.0.361': attribute type 2 has an invalid length. [ 132.275139][ T6810] netlink: 36 bytes leftover after parsing attributes in process `syz.1.363'. [ 132.579239][ T6819] loop3: detected capacity change from 0 to 512 [ 133.215745][ T6819] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 133.375992][ T6819] ext4 filesystem being mounted at /82/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 133.427398][ T6824] bridge3: entered promiscuous mode [ 133.433126][ T6824] bridge3: entered allmulticast mode [ 133.556802][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.566025][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.722306][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 134.090047][ T6847] netlink: 36 bytes leftover after parsing attributes in process `syz.0.375'. [ 135.117873][ T6866] loop3: detected capacity change from 0 to 512 [ 135.233903][ T6866] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 135.273726][ T6861] bridge1: entered promiscuous mode [ 135.279082][ T6861] bridge1: entered allmulticast mode [ 135.289475][ T6866] ext4 filesystem being mounted at /86/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 135.480082][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 135.859941][ T6880] netlink: 36 bytes leftover after parsing attributes in process `syz.0.388'. [ 136.455294][ T6895] bridge2: entered promiscuous mode [ 136.461173][ T6895] bridge2: entered allmulticast mode [ 137.377091][ T6906] netlink: 36 bytes leftover after parsing attributes in process `syz.2.400'. [ 138.295646][ T6930] netlink: 36 bytes leftover after parsing attributes in process `syz.2.412'. [ 138.949006][ T6937] loop3: detected capacity change from 0 to 1764 [ 139.250524][ T6949] loop1: detected capacity change from 0 to 512 [ 139.291338][ T6949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.349549][ T6955] netlink: 36 bytes leftover after parsing attributes in process `syz.3.424'. [ 139.365991][ T6949] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 139.553419][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.379976][ T6966] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 140.693460][ T6978] loop2: detected capacity change from 0 to 512 [ 140.726380][ T6978] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 140.748277][ T6978] ext4 filesystem being mounted at /112/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 140.834789][ T6982] Illegal XDP return value 4294967274 on prog (id 19) dev N/A, expect packet loss! [ 140.911830][ T6984] netlink: 36 bytes leftover after parsing attributes in process `syz.3.433'. [ 140.953767][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 141.097517][ T6988] loop1: detected capacity change from 0 to 512 [ 141.216564][ T6988] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.329979][ T6997] bridge4: entered promiscuous mode [ 141.335326][ T6997] bridge4: entered allmulticast mode [ 141.380888][ T6988] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.865615][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.187552][ T7022] netlink: 36 bytes leftover after parsing attributes in process `syz.3.445'. [ 143.967534][ T7047] netlink: 36 bytes leftover after parsing attributes in process `syz.2.457'. [ 144.802895][ T7073] netlink: 36 bytes leftover after parsing attributes in process `syz.2.468'. [ 144.978225][ T7077] bridge5: entered promiscuous mode [ 144.983726][ T7077] bridge5: entered allmulticast mode [ 145.839821][ T7086] netlink: 532 bytes leftover after parsing attributes in process `syz.2.474'. [ 146.101930][ T7097] netlink: 36 bytes leftover after parsing attributes in process `syz.1.478'. [ 146.493841][ T7111] netlink: 532 bytes leftover after parsing attributes in process `syz.0.485'. [ 146.630630][ T7112] bridge2: entered promiscuous mode [ 146.635990][ T7112] bridge2: entered allmulticast mode [ 147.355322][ T7119] skbuff: bad partial csum: csum=65535/2 headroom=4 headlen=65543 [ 147.456571][ T7123] netlink: 36 bytes leftover after parsing attributes in process `syz.1.490'. [ 147.650399][ T7130] overlayfs: failed to clone lowerpath [ 147.767290][ T7134] netlink: 532 bytes leftover after parsing attributes in process `syz.1.495'. [ 148.139980][ T7148] tmpfs: Bad value for 'mpol' [ 148.424409][ T7160] netlink: 532 bytes leftover after parsing attributes in process `syz.3.507'. [ 149.043640][ T7188] netlink: 532 bytes leftover after parsing attributes in process `syz.0.521'. [ 149.388555][ T7203] tmpfs: Bad value for 'mpol' [ 149.709091][ T7214] netlink: 532 bytes leftover after parsing attributes in process `syz.1.532'. [ 149.889815][ T7222] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 150.010175][ T7226] netlink: 600 bytes leftover after parsing attributes in process `syz.1.538'. [ 150.331385][ T7232] bridge3: entered promiscuous mode [ 150.336923][ T7232] bridge3: entered allmulticast mode [ 151.053911][ T7237] overlayfs: failed to clone lowerpath [ 151.133677][ T7239] netlink: 532 bytes leftover after parsing attributes in process `syz.1.543'. [ 151.481306][ T28] audit: type=1326 audit(1775971201.808:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7252 comm="syz.2.550" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff98af9c819 code=0x0 [ 151.677354][ T7264] netlink: 532 bytes leftover after parsing attributes in process `syz.1.554'. [ 152.023396][ T7270] bridge4: entered promiscuous mode [ 152.029921][ T7270] bridge4: entered allmulticast mode [ 152.937123][ T7281] netlink: 532 bytes leftover after parsing attributes in process `syz.3.564'. [ 153.460931][ T7302] block device autoloading is deprecated and will be removed. [ 153.726703][ T7310] netlink: 532 bytes leftover after parsing attributes in process `syz.0.574'. [ 154.301477][ T7334] netlink: 532 bytes leftover after parsing attributes in process `syz.0.586'. [ 154.889850][ T7358] netlink: 532 bytes leftover after parsing attributes in process `syz.1.596'. [ 155.434048][ T7379] block nbd0: NBD_DISCONNECT [ 156.597551][ T7386] netlink: 532 bytes leftover after parsing attributes in process `syz.3.607'. [ 157.273797][ T7394] random: crng reseeded on system resumption [ 157.564182][ T7399] bridge3: entered promiscuous mode [ 157.569687][ T7399] bridge3: entered allmulticast mode [ 158.625400][ T7415] netlink: 532 bytes leftover after parsing attributes in process `syz.0.618'. [ 158.779374][ T5821] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 159.153243][ T5821] usb 3-1: unable to get BOS descriptor or descriptor too short [ 160.477124][ T5821] usb 3-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 160.512365][ T5821] usb 3-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 160.657168][ T5821] usb 3-1: config 1 interface 0 has no altsetting 0 [ 160.680195][ T5821] usb 3-1: string descriptor 0 read error: -22 [ 160.696931][ T5821] usb 3-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 160.721271][ T5821] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.216790][ T5821] input: HID 0458:5012 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/0003:0458:5012.0001/input/input5 [ 161.405010][ T5821] input: HID 0458:5012 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/0003:0458:5012.0001/input/input6 [ 161.581771][ T5821] kye 0003:0458:5012.0001: input,hiddev0,hidraw0: USB HID vff.7f Device [HID 0458:5012] on usb-dummy_hcd.2-1/input0 [ 161.625543][ T5821] usb 3-1: USB disconnect, device number 2 [ 161.887823][ T7434] fido_id[7434]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 162.678535][ T7439] bridge5: entered promiscuous mode [ 162.684299][ T7439] bridge5: entered allmulticast mode [ 162.939769][ T7451] netlink: 532 bytes leftover after parsing attributes in process `syz.0.627'. [ 163.199220][ T7454] netlink: 12 bytes leftover after parsing attributes in process `syz.2.629'. [ 164.340800][ T7454] 8021q: adding VLAN 0 to HW filter on device bond1 [ 164.359018][ T7463] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 164.376410][ T7463] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 165.390799][ T7469] bond1 (unregistering): Released all slaves [ 166.268856][ T7478] bridge6: entered promiscuous mode [ 166.274263][ T7478] bridge6: entered allmulticast mode [ 167.361556][ T7512] bridge7: entered promiscuous mode [ 167.366967][ T7512] bridge7: entered allmulticast mode [ 168.485729][ T7522] siw: device registration error -23 [ 168.658881][ T7525] netlink: 12 bytes leftover after parsing attributes in process `syz.1.648'. [ 168.829607][ C0] vcan0: j1939_tp_rxtimer: 0xffff888026458800: rx timeout, send abort [ 168.837976][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888026458800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 170.307181][ T7525] 8021q: adding VLAN 0 to HW filter on device bond1 [ 172.690755][ T7521] bond1 (unregistering): Released all slaves [ 173.292066][ T7547] Bluetooth: MGMT ver 1.22 [ 173.364249][ T7547] loop2: detected capacity change from 0 to 7 [ 173.388741][ T7547] Dev loop2: unable to read RDB block 7 [ 173.401708][ T7547] loop2: unable to read partition table [ 173.407619][ T7547] loop2: partition table beyond EOD, truncated [ 173.438492][ T7547] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑච) failed (rc=-5) [ 173.583978][ T5138] Dev loop2: unable to read RDB block 7 [ 173.594331][ T5138] loop2: unable to read partition table [ 173.689974][ T5138] loop2: partition table beyond EOD, truncated [ 174.134172][ T7562] bridge3: entered promiscuous mode [ 174.139552][ T7562] bridge3: entered allmulticast mode [ 176.885408][ T7578] netlink: 12 bytes leftover after parsing attributes in process `syz.0.662'. [ 176.919161][ T7578] 8021q: adding VLAN 0 to HW filter on device bond1 [ 177.133231][ T7578] bond1: (slave macvlan1): Enslaving as an active interface with an up link [ 177.551421][ T7586] bond1 (unregistering): (slave macvlan1): Releasing backup interface [ 177.576747][ T7586] bond1 (unregistering): Released all slaves [ 178.277069][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d5de800: rx timeout, send abort [ 178.285719][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805d5de800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 178.348790][ T7603] bridge4: entered promiscuous mode [ 178.354307][ T7603] bridge4: entered allmulticast mode [ 179.354397][ T7609] binder: 7608:7609 ioctl c0306201 0 returned -14 [ 179.495776][ T7613] binder: 7608:7613 ioctl c0306201 0 returned -14 [ 180.327149][ T7609] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 180.561518][ T7609] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 181.206143][ T7609] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 181.292731][ T7609] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 181.325658][ T7609] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 181.352522][ T7609] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 181.377204][ T7609] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 181.391298][ T7609] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 181.405980][ T7609] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 181.426229][ T7609] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 181.435256][ T7609] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 181.457334][ T7609] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 181.507169][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 181.795249][ T7639] capability: warning: `syz.1.676' uses 32-bit capabilities (legacy support in use) [ 182.630565][ T7649] bridge5: entered promiscuous mode [ 182.635873][ T7649] bridge5: entered allmulticast mode [ 183.399368][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 183.420479][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 183.504395][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 183.652547][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 184.603912][ T7648] siw: device registration error -23 [ 185.429473][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 185.499482][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 185.579365][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 185.659351][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 186.619398][ T5801] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 186.814197][ T5801] usb 4-1: unable to get BOS descriptor or descriptor too short [ 186.840075][ T5801] usb 4-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 186.867908][ T5801] usb 4-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 186.881862][ T5801] usb 4-1: config 1 interface 0 has no altsetting 0 [ 187.171003][ T5801] usb 4-1: string descriptor 0 read error: -22 [ 187.177507][ T5801] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 187.186769][ T5801] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 187.549402][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 187.580467][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 187.659392][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 188.427818][ T7696] netlink: 532 bytes leftover after parsing attributes in process `syz.2.692'. [ 188.747730][ T7698] netlink: 104 bytes leftover after parsing attributes in process `syz.2.693'. ³Ps¤¬ý¹æå_§e[ 189.613979][ T5801] input: HID 0458:5012 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/0003:0458:5012.0002/input/input7 [ 189.635271][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880260a1c00: rx timeout, send abort [ 189.643872][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880260a1c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 189.728347][ T5801] input: HID 0458:5012 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/0003:0458:5012.0002/input/input8 [ 189.831480][ T5801] kye 0003:0458:5012.0002: input,hiddev0,hidraw0: USB HID vff.7f Device [HID 0458:5012] on usb-dummy_hcd.3-1/input0 [ 189.899406][ T5801] usb 4-1: USB disconnect, device number 5 [ 190.087156][ T7715] fido_id[7715]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 190.303469][ T7718] binder: 7717:7718 ioctl c0306201 0 returned -14 [ 190.444894][ T7724] binder: 7717:7724 ioctl c0306201 0 returned -14 [ 191.121464][ T7718] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 191.202418][ T7718] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 191.273344][ T7718] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 191.340686][ T7718] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 191.825968][ T7737] netlink: 532 bytes leftover after parsing attributes in process `syz.1.705'. [ 192.132555][ T7740] bridge4: entered promiscuous mode [ 192.137911][ T7740] bridge4: entered allmulticast mode [ 192.510666][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 192.822555][ T7747] netlink: 56 bytes leftover after parsing attributes in process `syz.0.715'. [ 193.273482][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 193.339404][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 193.429330][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 194.796034][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.802622][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.901429][ T7766] netlink: 92 bytes leftover after parsing attributes in process `syz.0.714'. [ 196.179040][ T7768] netlink: 532 bytes leftover after parsing attributes in process `syz.0.716'. [ 196.197856][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d468400: rx timeout, send abort [ 196.206758][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805d468400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 196.394887][ T7770] binder: 7769:7770 ioctl c0306201 0 returned -14 [ 196.520466][ T7774] binder: 7769:7774 ioctl c0306201 0 returned -14 [ 197.199565][ T7770] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 197.266594][ T7770] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 197.317552][ T7770] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 197.406182][ T7770] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 197.883314][ T7783] netlink: 56 bytes leftover after parsing attributes in process `syz.3.720'. [ 198.721592][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 198.748701][ T7787] bridge6: entered promiscuous mode [ 198.754196][ T7787] bridge6: entered allmulticast mode [ 199.280451][ C1] vcan0: j1939_tp_rxtimer: 0xffff888025598800: rx timeout, send abort [ 199.288889][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888025598800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 199.349326][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 199.355438][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 199.499317][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 199.620475][ T7798] netlink: 104 bytes leftover after parsing attributes in process `syz.3.725'. [ 199.744519][ T7800] lo speed is unknown, defaulting to 1000 [ 199.750890][ T7800] lo speed is unknown, defaulting to 1000 [ 199.761220][ T7800] lo speed is unknown, defaulting to 1000 [ 199.820872][ T7800] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 200.162141][ T7800] lo speed is unknown, defaulting to 1000 [ 200.177086][ T7800] lo speed is unknown, defaulting to 1000 [ 200.191231][ T7800] lo speed is unknown, defaulting to 1000 [ 200.203254][ T7800] lo speed is unknown, defaulting to 1000 [ 200.695925][ T7812] netlink: 56 bytes leftover after parsing attributes in process `syz.0.730'. [ 201.369385][ T7828] bridge5: entered promiscuous mode [ 201.374821][ T7828] bridge5: entered allmulticast mode [ 202.564772][ T7841] netlink: 56 bytes leftover after parsing attributes in process `syz.1.741'. [ 202.968619][ T7849] netlink: 596 bytes leftover after parsing attributes in process `syz.1.743'. [ 204.454672][ C0] vcan0: j1939_tp_rxtimer: 0xffff888026569400: rx timeout, send abort [ 204.463376][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888026569400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 204.931036][ T7860] tipc: Enabling of bearer rejected, failed to enable media [ 205.382133][ T7869] bridge8: entered promiscuous mode [ 205.387827][ T7869] bridge8: entered allmulticast mode [ 206.295463][ T7878] netlink: 56 bytes leftover after parsing attributes in process `syz.0.751'. [ 206.510141][ T7880] tipc: Started in network mode [ 206.515224][ T7880] tipc: Node identity 12c1d833326f, cluster identity 6 [ 206.539737][ T7880] tipc: Enabled bearer , priority 0 [ 206.560023][ T7880] syzkaller0: entered promiscuous mode [ 206.567930][ T7880] syzkaller0: entered allmulticast mode [ 206.588544][ T7884] netlink: 532 bytes leftover after parsing attributes in process `syz.2.754'. [ 206.726742][ T7885] tipc: Resetting bearer [ 206.789634][ T7879] tipc: Resetting bearer [ 206.890483][ T7879] tipc: Disabling bearer [ 207.154392][ T7891] binder: 7890:7891 ioctl c0306201 0 returned -14 [ 207.309602][ T7897] binder: 7890:7897 ioctl c0306201 0 returned -14 [ 207.841674][ T7891] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 207.869900][ T7906] bridge9: entered promiscuous mode [ 207.875365][ T7906] bridge9: entered allmulticast mode [ 207.886044][ T7891] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 208.323905][ T7891] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 208.577816][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d3b7c00: rx timeout, send abort [ 208.589354][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805d3b7c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 208.619476][ T7891] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 209.187396][ T28] audit: type=1326 audit(1775971259.508:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7910 comm="syz.1.762" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7facee19c819 code=0x0 [ 209.205346][ T7913] netlink: 532 bytes leftover after parsing attributes in process `syz.0.763'. [ 209.264332][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 209.281686][ T5084] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 209.608306][ T7918] netlink: 8 bytes leftover after parsing attributes in process `syz.2.765'. [ 209.927058][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 210.539981][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 210.699365][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 210.989508][ T965] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 211.055599][ T7937] binder: 7936:7937 ioctl c0306201 0 returned -14 [ 211.110745][ T7939] netlink: 532 bytes leftover after parsing attributes in process `syz.3.773'. [ 211.271431][ T7940] bridge6: entered promiscuous mode [ 211.276769][ T7940] bridge6: entered allmulticast mode [ 211.435006][ T7943] binder: 7936:7943 ioctl c0306201 0 returned -14 [ 211.880852][ T7937] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 211.929727][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 212.043578][ T7937] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 212.056798][ T7937] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 212.059070][ T965] usb 1-1: unable to get BOS descriptor or descriptor too short [ 212.073567][ T7937] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 212.086806][ T965] usb 1-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 212.102515][ T965] usb 1-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 212.166658][ T965] usb 1-1: config 1 interface 0 has no altsetting 0 [ 212.238055][ T965] usb 1-1: string descriptor 0 read error: -22 [ 212.258070][ T965] usb 1-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 212.292937][ T965] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.456552][ T7955] block nbd1: NBD_DISCONNECT [ 212.679420][ T5801] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 212.877714][ T5801] usb 3-1: config 0 has an invalid interface number: 64 but max is 0 [ 212.885855][ T965] input: HID 0458:5012 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/0003:0458:5012.0003/input/input9 [ 212.908497][ T965] input: HID 0458:5012 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/0003:0458:5012.0003/input/input10 [ 212.934057][ T5801] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 212.986929][ T5801] usb 3-1: config 0 has no interface number 0 [ 213.023429][ T5801] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 213.066846][ T5801] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.131044][ T965] kye 0003:0458:5012.0003: input,hiddev0,hidraw0: USB HID vff.7f Device [HID 0458:5012] on usb-dummy_hcd.0-1/input0 [ 213.169406][ T5801] usb 3-1: Product: syz [ 213.173666][ T5801] usb 3-1: Manufacturer: syz [ 213.178309][ T5801] usb 3-1: SerialNumber: syz [ 213.226753][ T965] usb 1-1: USB disconnect, device number 2 [ 213.252668][ T5801] usb 3-1: config 0 descriptor?? [ 213.468680][ T7956] fido_id[7956]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 213.500365][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 213.544125][ T7963] netlink: 48 bytes leftover after parsing attributes in process `syz.2.777'. [ 213.579182][ T7963] netlink: 48 bytes leftover after parsing attributes in process `syz.2.777'. [ 213.737233][ T7970] block nbd3: NBD_DISCONNECT [ 213.747026][ T7968] tipc: Started in network mode [ 213.757409][ T7968] tipc: Node identity fa3455f45e4, cluster identity 6 [ 213.766616][ T7968] tipc: Enabled bearer , priority 0 [ 214.059342][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 214.059373][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 214.139360][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 214.891207][ T5801] tipc: Node number set to 2759087604 [ 214.899319][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 215.540378][ T7968] syzkaller0: entered promiscuous mode [ 215.575730][ T7974] siw: device registration error -23 [ 215.681524][ T7968] syzkaller0: entered allmulticast mode [ 215.951894][ T5774] usb 3-1: USB disconnect, device number 3 [ 216.177306][ T7968] tipc: Resetting bearer [ 216.242997][ T7967] tipc: Resetting bearer [ 216.312776][ T7967] tipc: Disabling bearer [ 218.478496][ T7988] bridge7: entered promiscuous mode [ 218.484161][ T7988] bridge7: entered allmulticast mode [ 218.485083][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.499589][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.584105][ T5893] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.593336][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.896567][ T7992] syzkaller0: entered promiscuous mode [ 218.902230][ T7992] syzkaller0: entered allmulticast mode [ 219.019514][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.862157][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.950902][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 221.145371][ T8001] netlink: 532 bytes leftover after parsing attributes in process `syz.0.790'. [ 221.207873][ T8006] block nbd1: NBD_DISCONNECT [ 221.980307][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.059831][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.409416][ T23] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 222.518966][ T8019] bridge7: entered promiscuous mode [ 222.524508][ T8019] bridge7: entered allmulticast mode [ 223.131480][ T8024] binder: 8023:8024 ioctl c0306201 0 returned -14 [ 223.267442][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.268741][ T8026] binder: 8023:8026 ioctl c0306201 0 returned -14 [ 223.357310][ T8028] netlink: 44 bytes leftover after parsing attributes in process `syz.1.800'. [ 223.391214][ T23] usb 1-1: unable to get BOS descriptor or descriptor too short [ 223.402302][ T23] usb 1-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 223.413500][ T23] usb 1-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 223.449295][ T23] usb 1-1: config 1 interface 0 has no altsetting 0 [ 223.459736][ T23] usb 1-1: string descriptor 0 read error: -22 [ 223.466202][ T23] usb 1-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 223.484382][ T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.933861][ T8024] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 223.944946][ T8024] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 223.979521][ T8024] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 223.998159][ T8024] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 224.084482][ T23] input: HID 0458:5012 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/0003:0458:5012.0004/input/input11 [ 224.229831][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.240445][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.250048][ T23] input: HID 0458:5012 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/0003:0458:5012.0004/input/input12 [ 224.261975][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.294276][ T23] kye 0003:0458:5012.0004: input,hiddev0,hidraw0: USB HID vff.7f Device [HID 0458:5012] on usb-dummy_hcd.0-1/input0 [ 224.378489][ T23] usb 1-1: USB disconnect, device number 3 [ 224.381257][ T8037] netlink: 532 bytes leftover after parsing attributes in process `syz.3.803'. [ 224.498284][ T8038] fido_id[8038]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory [ 224.683934][ T8040] block nbd3: NBD_DISCONNECT [ 225.339586][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 225.339697][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.534322][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.979316][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 226.320273][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.329690][ T965] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.356499][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 226.362726][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 226.379569][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.533273][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.681103][ T965] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 228.249656][ T8056] netlink: 44 bytes leftover after parsing attributes in process `syz.2.810'. [ 228.258846][ T8056] tipc: Started in network mode [ 228.263846][ T8056] tipc: Node identity eba60000, cluster identity 6 [ 228.286270][ T8056] tipc: Node number set to 3953524736 [ 228.312577][ T8059] netlink: 532 bytes leftover after parsing attributes in process `syz.3.812'. [ 228.510509][ T8065] binder: 8064:8065 ioctl c0306201 0 returned -14 [ 228.583561][ T8067] block nbd2: NBD_DISCONNECT [ 228.658782][ T8071] bridge8: entered promiscuous mode [ 228.664133][ T8071] bridge8: entered allmulticast mode [ 229.405354][ T8074] binder: 8064:8074 ioctl c0306201 0 returned -14 [ 229.637557][ T8065] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 229.653068][ T8065] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 229.661172][ T8065] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 229.669543][ T8065] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 229.999514][ T11] net_ratelimit: 10 callbacks suppressed [ 229.999534][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.014477][ T23] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 230.779310][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 230.779666][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.659410][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 231.739408][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 231.745753][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 232.248097][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 232.261441][ T1131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 232.270616][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 232.287387][ T965] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 232.311069][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 232.320488][ T5802] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 232.378907][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 232.388928][ T5802] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 232.388931][ T23] usb 1-1: device descriptor read/all, error -71 [ 232.654502][ T8093] netlink: 532 bytes leftover after parsing attributes in process `syz.1.821'. [ 233.091401][ T8098] netlink: 44 bytes leftover after parsing attributes in process `syz.1.823'. [ 233.401294][ T8103] block nbd0: NBD_DISCONNECT [ 233.613712][ T8108] bridge9: entered promiscuous mode [ 233.619426][ T8108] bridge9: entered allmulticast mode [ 234.466213][ T8114] binder: 8113:8114 ioctl c0306201 0 returned -14 [ 234.495524][ T8116] netlink: 532 bytes leftover after parsing attributes in process `syz.1.830'. [ 234.587823][ T8123] binder: 8113:8123 ioctl c0306201 0 returned -14 [ 234.649356][ T27] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 234.881944][ T27] usb 4-1: unable to get BOS descriptor or descriptor too short [ 234.896926][ T27] usb 4-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 234.908777][ T27] usb 4-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 234.923555][ T27] usb 4-1: config 1 interface 0 has no altsetting 0 [ 234.934445][ T27] usb 4-1: string descriptor 0 read error: -22 [ 234.941013][ T27] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 234.950780][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.280965][ T8114] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 235.298113][ T8114] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 235.305046][ T8114] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 235.318590][ T8114] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 235.391701][ C1] raw-gadget.0 gadget.3: ignoring, device is not running [ 235.414484][ T27] usbhid 4-1:1.0: can't add hid device: -32 [ 235.430563][ T8127] netlink: 36 bytes leftover after parsing attributes in process `syz.0.833'. [ 235.449713][ T27] usbhid: probe of 4-1:1.0 failed with error -32 [ 235.460476][ T27] usb 4-1: USB disconnect, device number 6 [ 235.616987][ T8131] net_ratelimit: 10 callbacks suppressed [ 235.617008][ T8131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.747271][ T8131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.861781][ T8131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.877452][ T8131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.903806][ T8138] block nbd2: NBD_DISCONNECT [ 235.909373][ T8131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 236.050767][ T8130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 236.160909][ T8144] bridge10: entered promiscuous mode [ 236.166299][ T8144] bridge10: entered allmulticast mode [ 236.249488][ T8145] netlink: 532 bytes leftover after parsing attributes in process `syz.3.840'. [ 236.699632][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 236.999812][ T8149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.008314][ T8149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.063023][ T8149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.072102][ T8152] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.088875][ T8154] netlink: 36 bytes leftover after parsing attributes in process `syz.2.843'. [ 237.107814][ T8157] binder: 8155:8157 ioctl c0306201 0 returned -14 [ 237.349334][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 237.349539][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 237.355568][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 237.920376][ T8157] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 237.930049][ T8157] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 237.940442][ T8157] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 237.953925][ T8157] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 238.364213][ T8178] netlink: 532 bytes leftover after parsing attributes in process `syz.1.852'. [ 238.532953][ T8181] bridge6: entered promiscuous mode [ 238.538303][ T8181] bridge6: entered allmulticast mode [ 238.608213][ T8182] netlink: 36 bytes leftover after parsing attributes in process `syz.1.853'. [ 238.788843][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880255cf800: rx timeout, send abort [ 238.797541][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880255cf800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 239.238981][ T8185] block nbd1: NBD_DISCONNECT [ 239.244120][ T27] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 239.259714][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 239.444512][ T27] usb 1-1: unable to get BOS descriptor or descriptor too short [ 239.454767][ T27] usb 1-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 239.466067][ T27] usb 1-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 239.504810][ T27] usb 1-1: config 1 interface 0 has no altsetting 0 [ 239.532671][ T27] usb 1-1: string descriptor 0 read error: -22 [ 239.541942][ T27] usb 1-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 239.551696][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.639914][ T8195] siw: device registration error -23 [ 239.821853][ T8197] binder: 8196:8197 ioctl c0306201 0 returned -14 [ 239.979476][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 239.979480][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 239.979544][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 240.526950][ T8197] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 240.572573][ T8197] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 240.626159][ T8197] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 240.673402][ T8197] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 240.860276][ T49] net_ratelimit: 7 callbacks suppressed [ 240.860293][ T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.875188][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.892157][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.901032][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.994077][ T8205] netlink: 532 bytes leftover after parsing attributes in process `syz.2.861'. [ 241.032407][ T8207] netlink: 36 bytes leftover after parsing attributes in process `syz.1.862'. [ 241.256856][ T8214] block nbd2: NBD_DISCONNECT [ 241.402375][ T27] usbhid 1-1:1.0: can't add hid device: -71 [ 241.418034][ T27] usbhid: probe of 1-1:1.0 failed with error -71 [ 241.500350][ T8217] bridge11: entered promiscuous mode [ 241.505802][ T8217] bridge11: entered allmulticast mode [ 241.556362][ T27] usb 1-1: USB disconnect, device number 6 [ 242.119403][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 242.351369][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 242.699432][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 242.699472][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 242.779422][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 242.836231][ T8234] binder: 8232:8234 ioctl c0306201 0 returned -14 [ 243.423056][ T8241] netlink: 36 bytes leftover after parsing attributes in process `syz.2.872'. [ 243.603955][ T8234] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 243.616629][ T8234] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 243.632681][ T8234] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 243.639570][ T8234] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 244.027118][ T8244] netlink: 36 bytes leftover after parsing attributes in process `syz.0.881'. [ 244.099821][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805cc58c00: rx timeout, send abort [ 244.108481][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805cc58c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 244.179112][ T8246] tipc: Enabled bearer , priority 0 [ 244.236669][ T8249] siw: device registration error -23 [ 244.306750][ T8250] syzkaller0: entered promiscuous mode [ 244.365256][ T8250] syzkaller0: entered allmulticast mode [ 244.939777][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 244.978214][ T8250] tipc: Resetting bearer [ 245.169543][ T8254] block nbd0: NBD_DISCONNECT [ 245.354981][ T8254] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.364204][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.511308][ T8245] tipc: Resetting bearer [ 245.909064][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 245.951843][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 245.951912][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 246.087081][ T3531] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 246.717977][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 246.943326][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 247.019878][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 247.097834][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 247.122518][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 247.131653][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 247.139845][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 247.148071][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 247.261132][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 247.270267][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 247.305775][ T8245] tipc: Disabling bearer [ 248.920199][ T8267] bridge8: entered promiscuous mode [ 248.925595][ T8267] bridge8: entered allmulticast mode [ 249.629412][ T5804] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 249.672953][ T8277] binder: 8276:8277 ioctl c0306201 0 returned -14 [ 249.734717][ T8280] binder: 8276:8280 ioctl c0306201 0 returned -14 [ 249.805974][ T8282] block nbd2: NBD_DISCONNECT [ 249.833799][ T5804] usb 4-1: unable to get BOS descriptor or descriptor too short [ 249.852651][ T5804] usb 4-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 249.863927][ T5804] usb 4-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 249.877846][ T5804] usb 4-1: config 1 interface 0 has no altsetting 0 [ 249.890616][ T5804] usb 4-1: string descriptor 0 read error: -22 [ 249.897239][ T5804] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 249.917618][ T5804] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.536330][ T8277] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 250.558457][ T8277] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 250.568443][ T8277] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 250.575142][ T8277] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 250.777245][ T5804] usbhid 4-1:1.0: can't add hid device: -71 [ 250.787910][ T5804] usbhid: probe of 4-1:1.0 failed with error -71 [ 250.800426][ T5804] usb 4-1: USB disconnect, device number 7 [ 251.743843][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 252.193715][ T8299] tipc: Started in network mode [ 252.198928][ T8299] tipc: Node identity 62d80eb69c9a, cluster identity 6 [ 252.216489][ T8299] tipc: Enabled bearer , priority 0 [ 252.237301][ T8299] syzkaller0: entered promiscuous mode [ 252.250429][ T8299] syzkaller0: entered allmulticast mode [ 252.282029][ T8301] net_ratelimit: 7 callbacks suppressed [ 252.282049][ T8301] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.297317][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.374732][ T8299] tipc: Resetting bearer [ 252.379882][ T3531] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.389095][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.397736][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.406783][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.417587][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.426037][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.435876][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.455730][ T8298] tipc: Resetting bearer [ 252.629910][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 252.629913][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 252.629964][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 253.162082][ C1] vcan0: j1939_tp_rxtimer: 0xffff88801dfc4c00: rx timeout, send abort [ 253.170597][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88801dfc4c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 253.279722][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 253.400547][ T8298] tipc: Disabling bearer [ 253.506152][ T5774] tipc: Node number set to 4265742006 [ 253.803628][ T8320] block nbd0: NBD_DISCONNECT [ 253.877939][ T8323] bridge12: entered promiscuous mode [ 253.883635][ T8323] bridge12: entered allmulticast mode [ 253.893890][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 253.990669][ T8322] binder: 8321:8322 ioctl c0306201 0 returned -14 [ 254.737119][ T8327] binder: 8321:8327 ioctl c0306201 0 returned -14 [ 254.878011][ T8322] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 254.884668][ T8322] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 254.891464][ T8322] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 254.897703][ T8322] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 255.216169][ T8338] netlink: 44 bytes leftover after parsing attributes in process `syz.0.902'. [ 255.239551][ T23] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 255.444955][ T23] usb 4-1: unable to get BOS descriptor or descriptor too short [ 255.464767][ T23] usb 4-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 255.479344][ T23] usb 4-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 255.493067][ T23] usb 4-1: config 1 interface 0 has no altsetting 0 [ 255.510359][ T23] usb 4-1: string descriptor 0 read error: -22 [ 255.517581][ T23] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 255.527042][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.265772][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.274250][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.329452][ T23] usbhid 4-1:1.0: can't add hid device: -71 [ 256.359632][ T23] usbhid: probe of 4-1:1.0 failed with error -71 [ 256.390789][ T23] usb 4-1: USB disconnect, device number 8 [ 256.859849][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 256.939507][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 256.939538][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 256.945780][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 257.162402][ C0] vcan0: j1939_tp_rxtimer: 0xffff888025c69c00: rx timeout, send abort [ 257.170997][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888025c69c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 257.912969][ T8358] block nbd1: NBD_DISCONNECT [ 258.104254][ T8361] binder: 8360:8361 ioctl c0306201 0 returned -14 [ 258.140238][ T3531] net_ratelimit: 9 callbacks suppressed [ 258.140256][ T3531] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 258.158194][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 258.170753][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 258.177052][ T8364] binder: 8360:8364 ioctl c0306201 0 returned -14 [ 258.195322][ T8363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 258.204232][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 258.263289][ T8368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 258.271777][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 258.914730][ T8361] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 258.949812][ T8361] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 258.991348][ T8361] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 259.019958][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 259.053775][ T8361] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 259.469316][ T23] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 259.702647][ T23] usb 2-1: unable to get BOS descriptor or descriptor too short [ 259.759383][ T23] usb 2-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 259.821349][ T23] usb 2-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 259.872295][ T23] usb 2-1: config 1 interface 0 has no altsetting 0 [ 259.916207][ T23] usb 2-1: string descriptor 0 read error: -22 [ 259.939355][ T23] usb 2-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 259.986356][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.219324][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 260.797410][ T8399] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.806351][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.863190][ T23] usbhid 2-1:1.0: can't add hid device: -71 [ 260.875339][ T23] usbhid: probe of 2-1:1.0 failed with error -71 [ 260.906103][ T23] usb 2-1: USB disconnect, device number 2 [ 261.019726][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 261.025952][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 261.675247][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805e3cb000: rx timeout, send abort [ 261.685282][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805e3cb000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 261.863082][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 261.981801][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 262.256690][ T8411] block nbd2: NBD_DISCONNECT [ 262.583458][ T8416] binder: 8415:8416 ioctl c0306201 0 returned -14 [ 262.757039][ T8419] binder: 8415:8419 ioctl c0306201 0 returned -14 [ 263.019566][ T5774] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 263.251360][ T5774] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 263.283605][ T5774] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 263.392271][ T8416] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 263.401168][ T8416] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 263.410652][ T5774] usb 2-1: Product: syz [ 263.415216][ T5774] usb 2-1: Manufacturer: syz [ 263.422552][ T5774] usb 2-1: SerialNumber: syz [ 263.423226][ T8416] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 263.438851][ T5774] usb 2-1: config 0 descriptor?? [ 263.464837][ T8416] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 263.818184][ T5821] usb 2-1: USB disconnect, device number 3 [ 263.821830][ T8435] net_ratelimit: 5 callbacks suppressed [ 263.821846][ T8435] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 263.840376][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.859314][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 265.419395][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 265.499404][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 265.505580][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 267.428191][ T8456] block nbd3: NBD_DISCONNECT [ 267.679424][ T5821] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 267.740703][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.753671][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.762074][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.770428][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.778996][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.788296][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.797351][ T5802] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.811903][ T8459] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 267.823510][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.932314][ T5821] usb 3-1: unable to get BOS descriptor or descriptor too short [ 267.945983][ T5821] usb 3-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 267.961929][ T5821] usb 3-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 267.995407][ T5821] usb 3-1: config 1 interface 0 has no altsetting 0 [ 268.013985][ T5821] usb 3-1: string descriptor 0 read error: -22 [ 268.020537][ T5821] usb 3-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 268.041665][ T5821] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.440953][ T8462] binder: 8461:8462 ioctl c0306201 0 returned -14 [ 268.462176][ T8462] binder: 8461:8462 ioctl c0306201 0 returned -14 [ 268.681948][ T5821] usbhid 3-1:1.0: can't add hid device: -71 [ 268.688145][ T5821] usbhid: probe of 3-1:1.0 failed with error -71 [ 268.790979][ T5821] usb 3-1: USB disconnect, device number 4 [ 268.949465][ T5804] net_ratelimit: 3 callbacks suppressed [ 268.949492][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 270.029949][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 270.104324][ T5802] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 270.165415][ T8481] block nbd3: NBD_DISCONNECT [ 270.279065][ T8485] binder: 8484:8485 ioctl c0306201 0 returned -14 [ 270.288530][ T8485] binder: 8484:8485 ioctl c0306201 0 returned -14 [ 270.394968][ T8487] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 270.404139][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 270.503337][ T5802] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 137 [ 270.583730][ T5802] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 270.620727][ T5802] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 270.640209][ T5802] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 270.714461][ T5802] usb 2-1: Product: syz [ 270.790518][ T5802] usb 2-1: Manufacturer: syz [ 270.797431][ T5802] usb 2-1: SerialNumber: syz [ 270.821686][ T8472] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 270.869680][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 271.691371][ T5802] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 271.810223][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 272.100980][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805cc7c800: rx timeout, send abort [ 272.110291][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805cc7c800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 272.310850][ T8499] netlink: 8 bytes leftover after parsing attributes in process `syz.1.941'. [ 272.341645][ T5804] usb 2-1: USB disconnect, device number 4 [ 272.358294][ T5804] usblp0: removed [ 272.859620][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 272.979346][ T5821] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 273.182733][ T5821] usb 4-1: unable to get BOS descriptor or descriptor too short [ 273.211395][ T5821] usb 4-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 273.232902][ T5821] usb 4-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 273.269292][ T5821] usb 4-1: config 1 interface 0 has no altsetting 0 [ 273.284457][ T5821] usb 4-1: string descriptor 0 read error: -22 [ 273.292248][ T5821] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 273.309828][ T5821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.389485][ T8515] block nbd2: NBD_DISCONNECT [ 273.433248][ T8517] binder: 8516:8517 ioctl c0306201 0 returned -14 [ 273.457906][ T8517] binder: 8516:8517 ioctl c0306201 0 returned -14 [ 273.500853][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 273.510054][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 273.518950][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 274.128130][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 274.485799][ T5821] usbhid 4-1:1.0: can't add hid device: -71 [ 274.498962][ T5821] usbhid: probe of 4-1:1.0 failed with error -71 [ 274.509719][ T5821] usb 4-1: USB disconnect, device number 9 [ 276.153811][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 276.491186][ T8535] syz.0.962: attempt to access beyond end of device [ 276.491186][ T8535] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 276.504248][ T8535] exFAT-fs (nbd0): unable to read boot sector [ 276.510446][ T8535] exFAT-fs (nbd0): failed to read boot sector [ 276.516520][ T8535] exFAT-fs (nbd0): failed to recognize exfat type [ 276.619515][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 276.720301][ T8536] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 276.729084][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 277.184383][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 277.816760][ T28] audit: type=1326 audit(1775971328.138:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8531 comm="syz.2.963" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff98af9c819 code=0x0 [ 277.967284][ T8544] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 277.975935][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 278.198045][ T8547] binder: 8546:8547 ioctl c0306201 200000000180 returned -14 [ 278.317166][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 278.687730][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 279.052045][ T8554] binder: 8553:8554 ioctl c0306201 0 returned -14 [ 279.174881][ T8555] binder: 8553:8555 ioctl c0306201 0 returned -14 [ 279.352859][ T27] net_ratelimit: 2 callbacks suppressed [ 279.352873][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 279.578815][ T8540] bridge0: port 2(bridge_slave_1) entered disabled state [ 279.586869][ T8540] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.840690][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805df3d000: rx timeout, send abort [ 279.849282][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805df3d000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 279.986333][ T8562] block nbd1: NBD_DISCONNECT [ 280.415025][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 281.441632][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 281.570868][ T8540] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 281.597009][ T8540] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 281.823314][ T965] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 281.934511][ T8540] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.944257][ T8540] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.953714][ T8540] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.963794][ T8540] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 282.061565][ T5821] lo speed is unknown, defaulting to 1000 [ 282.100915][ T8554] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 282.132957][ T8554] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 282.146067][ T8554] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 282.176690][ T8554] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 282.307685][ T8585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.976'. [ 282.472316][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 282.529599][ T5821] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 282.752620][ T5821] usb 1-1: unable to get BOS descriptor or descriptor too short [ 282.770880][ T5821] usb 1-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 282.795666][ T5821] usb 1-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 282.814077][ T5821] usb 1-1: config 1 interface 0 has no altsetting 0 [ 282.826244][ T5821] usb 1-1: string descriptor 0 read error: -22 [ 282.841286][ T5821] usb 1-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 282.853050][ T5821] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.501746][ T5821] usbhid 1-1:1.0: can't add hid device: -71 [ 283.511781][ T5821] usbhid: probe of 1-1:1.0 failed with error -71 [ 283.538917][ T5821] usb 1-1: USB disconnect, device number 7 [ 283.666075][ T8596] block nbd3: NBD_DISCONNECT [ 284.139393][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 284.145726][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 284.222755][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 284.233909][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 284.238523][ T8608] binder: 8607:8608 ioctl c0306201 0 returned -14 [ 284.310907][ T8609] binder: 8607:8609 ioctl c0306201 0 returned -14 [ 285.492366][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.501156][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.510378][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.520023][ T8608] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 285.526256][ T8608] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 285.527258][ T8573] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.548873][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.560879][ T8574] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.614161][ T8613] 9pnet_virtio: no channels available for device syz [ 285.624616][ T8608] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 285.632857][ T8608] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 286.379518][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 286.939821][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.471961][ C0] vcan0: j1939_tp_rxtimer: 0xffff888024722800: rx timeout, send abort [ 287.481252][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888024722800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 287.569966][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.614509][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 287.667814][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 287.668177][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 287.693795][ T8640] block nbd0: NBD_DISCONNECT [ 288.059289][ T8574] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 288.253532][ T8648] binder: 8647:8648 ioctl c0306201 0 returned -14 [ 288.267651][ T8574] usb 4-1: unable to get BOS descriptor or descriptor too short [ 288.280222][ T8574] usb 4-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 288.291508][ T8574] usb 4-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 288.305097][ T8574] usb 4-1: config 1 interface 0 has no altsetting 0 [ 288.317208][ T8574] usb 4-1: string descriptor 0 read error: -22 [ 288.324464][ T8574] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 288.334083][ T8574] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.098970][ T8648] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 289.150213][ T8574] usbhid 4-1:1.0: can't add hid device: -71 [ 289.164100][ T8574] usbhid: probe of 4-1:1.0 failed with error -71 [ 289.194355][ T8648] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 289.280955][ T8648] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 289.288808][ T8574] usb 4-1: USB disconnect, device number 10 [ 289.342019][ T8648] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 289.808874][ T8657] syzkaller0: entered promiscuous mode [ 289.814661][ T8657] syzkaller0: entered allmulticast mode [ 290.489266][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 291.555811][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 291.562405][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 291.568713][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 292.187226][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 292.808606][ T5774] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 292.906165][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 292.918725][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 292.935982][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 292.945602][ T8574] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 293.029564][ T5774] usb 1-1: Using ep0 maxpacket: 16 [ 293.061000][ T5774] usb 1-1: config 0 has no interfaces? [ 293.088917][ T5774] usb 1-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 293.098747][ T5774] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.145259][ T5774] usb 1-1: Product: syz [ 293.176434][ T5774] usb 1-1: Manufacturer: syz [ 293.190960][ T5774] usb 1-1: SerialNumber: syz [ 293.243193][ T5774] usb 1-1: config 0 descriptor?? [ 293.353647][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 293.453806][ T8680] block nbd2: NBD_DISCONNECT [ 294.221937][ T5774] usb 1-1: USB disconnect, device number 8 [ 294.900418][ T8687] binder: 8686:8687 ioctl c0306201 0 returned -14 [ 295.979585][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 296.358489][ T8678] warning: `syz.3.1006' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 296.459943][ T8687] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 296.490703][ T8687] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 296.513696][ T8687] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 296.520301][ T8687] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 297.245797][ T5869] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 297.512716][ T5869] usb 4-1: unable to get BOS descriptor or descriptor too short [ 297.831091][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 298.101139][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805d43e000: rx timeout, send abort [ 298.111053][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805d43e000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 298.539362][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 298.545614][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 298.552202][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 298.552228][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 299.007126][ T8713] binder_alloc: 8712: pid 8712 spamming oneway? 2 buffers allocated for a total size of 5120 [ 299.021880][ T8713] binder_alloc: 8712: pid 8712 spamming oneway? 3 buffers allocated for a total size of 5128 [ 299.029651][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.252123][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.271340][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.281238][ T8574] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.325271][ T5869] usb 4-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 299.339739][ T8716] block nbd0: NBD_DISCONNECT [ 299.353328][ T5869] usb 4-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 299.367089][ T5869] usb 4-1: config 1 interface 0 has no altsetting 0 [ 299.378159][ T5869] usb 4-1: string descriptor 0 read error: -22 [ 299.384810][ T5869] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 299.394046][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.740881][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.752766][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.763113][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.802505][ T5869] usbhid 4-1:1.0: can't add hid device: -71 [ 299.818826][ T5869] usbhid: probe of 4-1:1.0 failed with error -71 [ 299.860083][ T5869] usb 4-1: USB disconnect, device number 11 [ 299.879597][ T8724] binder: 8722:8724 ioctl c0306201 0 returned -14 [ 300.694201][ T8724] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 300.719507][ T8724] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 300.735964][ T8724] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 300.749747][ T8724] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 301.121573][ T8740] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 301.129959][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 301.355321][ T5769] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 302.139337][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 302.779391][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 302.785505][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 302.869353][ T5771] Bluetooth: hci1: command 0x0c1a tx timeout [ 303.600034][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.859716][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.861329][ T8757] block nbd0: NBD_DISCONNECT [ 305.249653][ T8574] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 305.303154][ T8765] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 305.312201][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 305.321442][ T5869] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 305.431943][ T8768] binder: 8766:8768 ioctl c0306201 0 returned -14 [ 305.449512][ T8574] usb 4-1: Using ep0 maxpacket: 16 [ 305.468438][ T8574] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 305.483357][ T8574] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 305.496203][ T8574] usb 4-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 305.511820][ T8574] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.531748][ T5869] usb 3-1: unable to get BOS descriptor or descriptor too short [ 305.535496][ T8574] usb 4-1: config 0 descriptor?? [ 305.547669][ T5869] usb 3-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 305.576512][ T5869] usb 3-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 305.595440][ T5869] usb 3-1: config 1 interface 0 has no altsetting 0 [ 305.606321][ T5869] usb 3-1: string descriptor 0 read error: -22 [ 305.615864][ T5869] usb 3-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 305.629115][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 306.208496][ T8767] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 306.217046][ T8767] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 306.229426][ T8767] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 306.235958][ T8767] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 306.271843][ T5869] usbhid 3-1:1.0: can't add hid device: -71 [ 306.287543][ T8574] usbhid 4-1:0.0: can't add hid device: -71 [ 306.295216][ T8574] usbhid: probe of 4-1:0.0 failed with error -71 [ 306.302213][ T5869] usbhid: probe of 3-1:1.0 failed with error -71 [ 306.310843][ T8574] usb 4-1: USB disconnect, device number 12 [ 306.334062][ T5869] usb 3-1: USB disconnect, device number 5 [ 306.649774][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!! [ 306.766753][ T8781] sd 0:0:1:0: PR command failed: 1026 [ 306.780294][ T8781] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 306.787199][ T8781] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 306.796397][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.810238][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.823675][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.841777][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.051374][ T8793] block nbd0: NBD_DISCONNECT [ 307.502040][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 308.196014][ T8806] binder: 8803:8806 ioctl c0306201 0 returned -14 [ 308.348219][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 308.348418][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 308.354670][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 308.834548][ T5084] Bluetooth: hci2: Malformed LE Event: 0x0d [ 308.950831][ T8805] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 308.966303][ T8805] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 308.975191][ T8805] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 308.988178][ T8805] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 309.344800][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 309.559485][ T5869] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 309.777282][ T5869] usb 1-1: unable to get BOS descriptor or descriptor too short [ 309.812637][ T5869] usb 1-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 309.825398][ T8834] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 309.836004][ T8834] random: crng reseeded on system resumption [ 309.865016][ T5869] usb 1-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 309.879869][ T5869] usb 1-1: config 1 interface 0 has no altsetting 0 [ 309.940056][ T5869] usb 1-1: string descriptor 0 read error: -22 [ 309.949425][ T5869] usb 1-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 309.961521][ T5869] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.982273][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.219517][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 310.899602][ T5869] usbhid 1-1:1.0: can't add hid device: -71 [ 310.951198][ T5869] usbhid: probe of 1-1:1.0 failed with error -71 [ 311.029520][ T5869] usb 1-1: USB disconnect, device number 9 [ 311.076356][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 311.076365][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 311.076415][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 314.038446][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 314.048317][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 314.057202][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 314.066096][ T8574] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 314.087844][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805deb6000: rx timeout, send abort [ 314.096418][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805deb6000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 314.326583][ T8862] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 314.335365][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 314.463296][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 314.472807][ T8574] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 314.517026][ T8871] binder: 8867:8871 ioctl c0306201 0 returned -14 [ 315.100213][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.122495][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.240313][ T8868] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 315.264379][ T8868] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 315.293876][ T8868] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 315.316860][ T8868] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 315.629390][ T5774] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 315.936634][ T5774] usb 3-1: unable to get BOS descriptor or descriptor too short [ 316.064784][ T5774] usb 3-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 316.098528][ T5774] usb 3-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 316.121062][ T8886] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1068'. [ 316.309433][ T5774] usb 3-1: config 1 interface 0 has no altsetting 0 [ 316.319981][ T5774] usb 3-1: string descriptor 0 read error: -22 [ 316.326708][ T5774] usb 3-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 316.336359][ T5774] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 316.674636][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 316.832694][ T8898] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1072'. [ 317.379312][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 317.385514][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 317.401761][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 318.260798][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.319561][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.520092][ T8902] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.531226][ T5774] usbhid 3-1:1.0: can't add hid device: -71 [ 318.544642][ T5774] usbhid: probe of 3-1:1.0 failed with error -71 [ 318.574320][ T8902] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.593389][ T5774] usb 3-1: USB disconnect, device number 6 [ 318.609623][ T8902] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.638766][ T8904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.679221][ T8904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.706168][ T8902] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.580132][ T11] net_ratelimit: 6 callbacks suppressed [ 319.580153][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.594655][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.605358][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.624226][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.675166][ T8917] hub 8-0:1.0: USB hub found [ 319.684486][ T8917] hub 8-0:1.0: 1 port detected [ 319.731725][ T8909] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 319.751033][ T8909] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 319.768089][ T8909] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 319.785147][ T8909] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 320.232464][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.244811][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.278773][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.684092][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.859666][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 321.019243][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 321.397998][ T8930] ipvlan2: entered promiscuous mode [ 321.405892][ T8932] sg_write: data in/out 28/38 bytes for SCSI command 0x5d-- guessing data in; [ 321.405892][ T8932] program syz.2.1082 not setting count and/or reply_len properly [ 321.431632][ T8930] team0: Device ipvlan2 failed to register rx_handler [ 321.819657][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 321.826345][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 321.832669][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 322.060736][ T27] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 322.177201][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805d504c00: rx timeout, send abort [ 322.185770][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805d504c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 322.342836][ T27] usb 4-1: unable to get BOS descriptor or descriptor too short [ 322.361061][ T27] usb 4-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 322.493940][ T27] usb 4-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 322.512734][ T27] usb 4-1: config 1 interface 0 has no altsetting 0 [ 322.524204][ T27] usb 4-1: string descriptor 0 read error: -22 [ 322.532162][ T27] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 322.541578][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 323.191833][ T27] usbhid 4-1:1.0: can't add hid device: -71 [ 323.235964][ T27] usbhid: probe of 4-1:1.0 failed with error -71 [ 323.348483][ T27] usb 4-1: USB disconnect, device number 13 [ 323.693400][ T8949] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 323.709779][ T8949] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 323.716250][ T8949] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 323.749555][ T8949] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 324.847124][ T8962] 9pnet_virtio: no channels available for device syz [ 325.019349][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 325.033253][ T8965] netlink: 'syz.1.1094': attribute type 12 has an invalid length. [ 325.070477][ T8967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.078847][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.087363][ T8965] netlink: 'syz.1.1094': attribute type 29 has an invalid length. [ 325.134226][ T8965] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1094'. [ 325.164359][ T8965] netlink: 59 bytes leftover after parsing attributes in process `syz.1.1094'. [ 325.550774][ T3531] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.560095][ T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.639466][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.648181][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.739429][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 325.745689][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 325.819866][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 325.980608][ T3531] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.993834][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.006462][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.020358][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.820438][ C1] vcan0: j1939_tp_rxtimer: 0xffff88801c320800: rx timeout, send abort [ 326.829037][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88801c320800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 327.298948][ T8979] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 327.368102][ T8979] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 327.469268][ T8979] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 327.505461][ T8979] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 328.408592][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 329.499475][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 329.505672][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 329.579607][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 329.608205][ T9025] binder: 9024:9025 ioctl c0306201 0 returned -14 [ 330.384892][ C0] vcan0: j1939_tp_rxtimer: 0xffff88801f334400: rx timeout, send abort [ 330.393612][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88801f334400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 330.409389][ T9025] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 330.522883][ T9025] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 330.575589][ T9025] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 330.649674][ T9025] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 330.757511][ T9035] net_ratelimit: 1 callbacks suppressed [ 330.757529][ T9035] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.771630][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.659248][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 332.360645][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.368834][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.377900][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.388420][ T3531] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.401334][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.413061][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.421621][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.539306][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 332.745215][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 332.751377][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 334.599485][ T9073] binder: 9069:9073 ioctl c0306201 0 returned -14 [ 335.403523][ T9073] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 335.438327][ T9073] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 335.445102][ T9073] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 335.459563][ T9073] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 335.682714][ T9081] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 336.860019][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 337.499466][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 337.505916][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 337.512042][ T5084] Bluetooth: hci1: command 0x0c1a tx timeout [ 337.519213][ T59] net_ratelimit: 1 callbacks suppressed [ 337.519229][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 338.477444][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 338.486310][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 339.422525][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 339.431449][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 339.460157][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 341.513756][ T9109] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1138'. [ 341.654291][ T9113] binder: 9112:9113 ioctl c0306201 0 returned -14 [ 342.475466][ T9113] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 342.531563][ T9113] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 342.588554][ T9113] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 342.619659][ T9113] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 342.631435][ T9120] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1141'. [ 343.999989][ T5771] Bluetooth: hci0: command 0x0c1a tx timeout [ 344.607907][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 344.619431][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 344.699725][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 345.087181][ T9157] binder: 9155:9157 ioctl c0306201 0 returned -14 [ 345.169925][ T9159] binder: 9155:9159 ioctl c0306201 0 returned -14 [ 345.182580][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 345.198122][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 345.219776][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 345.247952][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 345.310804][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 345.354337][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 346.019735][ T9157] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 346.027462][ T9157] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 346.040132][ T9157] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 346.056588][ T9157] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 346.466525][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 346.475761][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 346.493531][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 347.306697][ T9178] binder: 9177:9178 ioctl c0306201 0 returned -14 [ 347.331680][ T9178] binder: 9177:9178 ioctl c0306201 0 returned -14 [ 347.368650][ T8572] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 347.620589][ T8572] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 347.655308][ T8572] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 347.707653][ T8572] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 347.754412][ T8572] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 348.048542][ T8572] usb 2-1: USB disconnect, device number 5 [ 348.059358][ T5771] Bluetooth: hci0: command 0x0c1a tx timeout [ 348.065556][ T5771] Bluetooth: hci2: command 0x0c1a tx timeout [ 348.065658][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 348.071657][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 349.579576][ T8573] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 349.879898][ T9197] binder: 9196:9197 ioctl c0306201 0 returned -14 [ 349.979805][ T9198] binder: 9196:9198 ioctl c0306201 0 returned -14 [ 351.181289][ T9197] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 351.187783][ T9197] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 351.195680][ T9197] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 351.209005][ T9197] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 351.257594][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 351.273472][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 351.301244][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 351.348436][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 351.550581][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 351.658735][ T9214] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1168'. [ 352.060351][ T5084] Bluetooth: hci0: command 0x0c1a tx timeout [ 352.230567][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 352.239809][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 352.260065][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 352.269278][ T8572] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 352.477672][ T8572] usb 2-1: unable to get BOS descriptor or descriptor too short [ 352.491551][ T8572] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 352.510089][ T8572] usb 2-1: can't read configurations, error -71 [ 352.781319][ T5821] kernel read not supported for file /dsp1 (pid: 5821 comm: kworker/0:5) [ 353.043941][ T9231] binder: 9230:9231 ioctl c0306201 0 returned -14 [ 353.133577][ T9235] binder: 9230:9235 ioctl c0306201 0 returned -14 [ 353.259447][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 353.264003][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 353.272229][ T5771] Bluetooth: hci3: command 0x0c1a tx timeout [ 353.500908][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 354.070075][ T9231] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 354.086673][ T9231] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 354.115302][ T9231] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 354.131761][ T9231] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 354.386103][ T9247] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 355.189212][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 355.738208][ T9269] binder: 9268:9269 ioctl c0306201 0 returned -14 [ 356.199484][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 356.205864][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 356.215752][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 356.567544][ T9269] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 356.608804][ T9269] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 356.654607][ T9269] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 356.677989][ T9269] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 356.701186][ T3463] net_ratelimit: 1 callbacks suppressed [ 356.701204][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 356.789353][ T5869] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 357.530132][ T1131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 357.836202][ T5869] usb 1-1: unable to get BOS descriptor or descriptor too short [ 357.899250][ T5771] Bluetooth: hci0: command 0x0c1a tx timeout [ 357.946041][ T5869] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 357.955083][ T5869] usb 1-1: can't read configurations, error -71 [ 358.621112][ T5771] Bluetooth: hci1: command 0x0c1a tx timeout [ 358.632997][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 358.642179][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 358.651397][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 358.661123][ T8573] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 358.699411][ T5771] Bluetooth: hci2: command 0x0c1a tx timeout [ 358.705577][ T5771] Bluetooth: hci3: command 0x0c1a tx timeout [ 358.792976][ T9314] binder: 9313:9314 ioctl c0306201 0 returned -14 [ 359.797253][ T9314] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 359.803963][ T9314] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 359.812286][ T9314] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 359.818732][ T9314] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 361.019241][ T5771] Bluetooth: hci0: command 0x0c1a tx timeout [ 361.819352][ T5771] Bluetooth: hci2: command 0x0c1a tx timeout [ 361.825456][ T5771] Bluetooth: hci3: command 0x0c1a tx timeout [ 361.831549][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 362.857478][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 363.100753][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 363.434170][ T8573] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 363.482858][ T9350] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1212'. [ 363.503478][ T9351] binder: 9348:9351 ioctl c0306201 0 returned -14 [ 363.671875][ T8573] usb 1-1: unable to get BOS descriptor or descriptor too short [ 363.706242][ T8573] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 363.824259][ T8573] usb 1-1: can't read configurations, error -71 [ 364.320047][ T9351] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 364.391212][ T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 364.400782][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 364.417164][ T9351] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 364.465881][ T5893] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 364.474874][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 364.497288][ T9351] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 364.571623][ T9351] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 365.469238][ T8573] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 365.579353][ T5771] Bluetooth: hci0: command 0x0c1a tx timeout [ 367.246389][ T8573] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 137 [ 367.612239][ T8573] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 367.615078][ T5771] Bluetooth: hci1: command 0x0c1a tx timeout [ 367.632015][ T5084] Bluetooth: hci3: command 0x0c1a tx timeout [ 367.632343][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 367.638694][ T5084] Bluetooth: hci2: command 0x0c1a tx timeout [ 367.655882][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 367.665026][ T8573] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 367.679230][ T8573] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 367.719298][ T8573] usb 1-1: Product: syz [ 367.735013][ T8573] usb 1-1: Manufacturer: syz [ 367.759307][ T8573] usb 1-1: SerialNumber: syz [ 367.804816][ T9368] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 367.852625][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 367.860997][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 368.021191][ T5771] Bluetooth: hci3: unexpected event for opcode 0x2032 [ 368.021548][ T8573] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 13 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 368.094264][ T8573] usb 1-1: USB disconnect, device number 13 [ 368.200078][ T8573] usblp0: removed [ 368.222259][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 368.249285][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 369.532548][ T5869] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 369.799537][ T5869] usb 2-1: unable to get BOS descriptor or descriptor too short [ 369.900724][ T5869] usb 2-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 369.912212][ T5869] usb 2-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 369.948918][ T5869] usb 2-1: config 1 interface 0 has no altsetting 0 [ 369.958476][ T5869] usb 2-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 369.967644][ T5869] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 369.978661][ T5869] usb 2-1: Product: syz [ 369.983509][ T5869] usb 2-1: Manufacturer: syz [ 369.988258][ T5869] usb 2-1: SerialNumber: syz [ 370.140494][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 370.149937][ T5893] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 370.158847][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 370.245683][ T5869] usbhid 2-1:1.0: can't add hid device: -71 [ 370.265725][ T5869] usbhid: probe of 2-1:1.0 failed with error -71 [ 370.295809][ T5869] usb 2-1: USB disconnect, device number 8 [ 370.431584][ T9398] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 370.442060][ T9398] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 370.455342][ T9398] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 370.477041][ T9398] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 370.733919][ T9415] binder: 9414:9415 unknown command 1074553619 [ 370.744784][ T9415] binder: 9414:9415 ioctl c0306201 200000000540 returned -22 [ 370.765827][ T9415] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1232'. [ 371.679361][ T9436] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 371.687753][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 371.749240][ T5771] Bluetooth: hci0: command 0x0c1a tx timeout [ 371.854621][ T9439] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1236'. [ 372.239465][ T9455] netlink: 'syz.0.1242': attribute type 5 has an invalid length. [ 372.247524][ T9455] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1242'. [ 372.298596][ T9458] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 372.307175][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 372.359276][ T8573] usb 4-1: new low-speed USB device number 14 using dummy_hcd [ 372.459358][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 372.465746][ T5771] Bluetooth: hci3: command 0x0c1a tx timeout [ 372.539304][ T5771] Bluetooth: hci2: command 0x0c1a tx timeout [ 372.969047][ T9448] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 373.011978][ T9448] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 373.046966][ T9448] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 373.087124][ T9448] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 373.377932][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 373.387123][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 373.397470][ T8573] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 373.405561][ T8573] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 373.424752][ T8573] usb 4-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 373.436779][ T5869] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 373.437528][ T8573] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 373.458982][ T8573] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 373.463228][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 373.474712][ T8573] usb 4-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 373.492316][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 373.678683][ T5869] usb 2-1: unable to get BOS descriptor or descriptor too short [ 373.714426][ T5869] usb 2-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30 [ 373.714651][ T5869] usb 2-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 373.714760][ T5869] usb 2-1: config 1 interface 0 has no altsetting 0 [ 373.726375][ T5869] usb 2-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40 [ 373.726408][ T5869] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 373.726430][ T5869] usb 2-1: Product: syz [ 373.726447][ T5869] usb 2-1: Manufacturer: syz [ 373.726463][ T5869] usb 2-1: SerialNumber: syz [ 373.831649][ T8573] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 373.831718][ T8573] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 373.831745][ T8573] usb 4-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 373.924391][ T8573] usb 4-1: string descriptor 0 read error: -22 [ 373.949392][ T8573] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 373.963365][ T8573] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 373.978395][ T5869] usbhid 2-1:1.0: can't add hid device: -71 [ 373.980148][ T3463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 373.993245][ T5869] usbhid: probe of 2-1:1.0 failed with error -71 [ 373.993483][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 374.005112][ T5869] usb 2-1: USB disconnect, device number 9 [ 374.044181][ T8573] adutux 4-1:168.0: interrupt endpoints not found [ 374.229569][ T5771] Bluetooth: hci0: command 0x0c1a tx timeout [ 374.294618][ T8573] usb 4-1: USB disconnect, device number 14 [ 374.462179][ T9479] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 374.471583][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.019466][ T5771] Bluetooth: hci1: command 0x0c1a tx timeout [ 375.193817][ T9494] 9pnet_virtio: no channels available for device syz [ 376.194365][ T5771] Bluetooth: hci2: command 0x0c1a tx timeout [ 376.200890][ T5771] Bluetooth: hci3: command 0x0c1a tx timeout [ 376.213717][ T9490] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 376.244828][ T9490] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 376.275102][ T9490] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 376.305906][ T9490] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 377.575761][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 377.646324][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 378.829671][ T9511] 9pnet_virtio: no channels available for device syz [ 379.546805][ T9511] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1258'. [ 379.578581][ T5769] Bluetooth: hci0: command 0x0c1a tx timeout [ 379.584789][ T5769] Bluetooth: hci3: command 0x0c1a tx timeout [ 379.591333][ T5769] Bluetooth: hci1: command 0x0c1a tx timeout [ 379.592474][ T5771] Bluetooth: hci2: command 0x0c1a tx timeout [ 379.600002][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.632988][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.951871][ T9511] syz.2.1258 (9511) used greatest stack depth: 16784 bytes left [ 380.008610][ T12] net_ratelimit: 1 callbacks suppressed [ 380.008631][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 380.032646][ T1087] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 380.083231][ T9517] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 380.092338][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 380.142648][ T9518] 9pnet_virtio: no channels available for device syz [ 380.569705][ T8573] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 381.056308][ T9534] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 381.449035][ T9540] binder: 9538:9540 ioctl c0306201 0 returned -14 [ 381.456978][ T9540] binder: 9538:9540 ioctl c0306201 0 returned -14 [ 383.174080][ T9562] [ 383.176670][ T9562] ============================= [ 383.182022][ T9562] WARNING: suspicious RCU usage [ 383.187111][ T9562] syzkaller #0 Not tainted [ 383.191711][ T9562] ----------------------------- [ 383.196590][ T9562] net/mac80211/iface.c:378 suspicious rcu_dereference_protected() usage! [ 383.205454][ T9562] [ 383.205454][ T9562] other info that might help us debug this: [ 383.205454][ T9562] [ 383.215800][ T9562] [ 383.215800][ T9562] rcu_scheduler_active = 2, debug_locks = 1 [ 383.224094][ T9562] 1 lock held by syz.3.1273/9562: [ 383.229531][ T9562] #0: ffffffff8e3c2748 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x30c/0x1c40 [ 383.238858][ T9562] [ 383.238858][ T9562] stack backtrace: [ 383.244983][ T9562] CPU: 1 PID: 9562 Comm: syz.3.1273 Not tainted syzkaller #0 [ 383.252410][ T9562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 383.262510][ T9562] Call Trace: [ 383.265825][ T9562] [ 383.268881][ T9562] dump_stack_lvl+0x18c/0x250 [ 383.273620][ T9562] ? show_regs_print_info+0x20/0x20 [ 383.278874][ T9562] ? load_image+0x420/0x420 [ 383.283445][ T9562] lockdep_rcu_suspicious+0x1e1/0x300 [ 383.288868][ T9562] ieee80211_check_concurrent_iface+0x475/0x950 [ 383.295188][ T9562] ieee80211_open+0xc1/0x200 [ 383.299916][ T9562] __dev_open+0x2cb/0x430 [ 383.304330][ T9562] ? dev_open+0x190/0x190 [ 383.308735][ T9562] __dev_change_flags+0x211/0x6a0 [ 383.314016][ T9562] ? dev_get_flags+0x1c0/0x1c0 [ 383.319014][ T9562] ? mutex_lock_nested+0x20/0x20 [ 383.324002][ T9562] ? apparmor_capable+0x137/0x1a0 [ 383.329079][ T9562] dev_change_flags+0x88/0x1a0 [ 383.333907][ T9562] devinet_ioctl+0x95c/0x1c40 [ 383.338667][ T9562] ? inet_ifa_byprefix+0x2a0/0x2a0 [ 383.344201][ T9562] ? _copy_from_user+0xa5/0xe0 [ 383.349048][ T9562] ? get_user_ifreq+0x12b/0x180 [ 383.354120][ T9562] inet_ioctl+0x42b/0x560 [ 383.358701][ T9562] ? tomoyo_path_number_perm+0x217/0x620 [ 383.364479][ T9562] ? inet_shutdown+0x370/0x370 [ 383.369481][ T9562] ? slab_free_freelist_hook+0x130/0x1a0 [ 383.375159][ T9562] ? tomoyo_path_number_perm+0x500/0x620 [ 383.380848][ T9562] ? __kmem_cache_free+0xba/0x1e0 [ 383.386111][ T9562] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 383.391643][ T9562] sock_do_ioctl+0xfc/0x310 [ 383.396398][ T9562] ? sock_show_fdinfo+0xb0/0xb0 [ 383.401308][ T9562] sock_ioctl+0x5ba/0x7e0 [ 383.405682][ T9562] ? sock_poll+0x3e0/0x3e0 [ 383.410150][ T9562] ? bpf_lsm_file_ioctl+0x9/0x10 [ 383.415152][ T9562] ? security_file_ioctl+0x80/0xa0 [ 383.420561][ T9562] ? sock_poll+0x3e0/0x3e0 [ 383.425026][ T9562] __se_sys_ioctl+0xfd/0x170 [ 383.429666][ T9562] do_syscall_64+0x55/0xa0 [ 383.434321][ T9562] ? clear_bhb_loop+0x40/0x90 [ 383.439043][ T9562] ? clear_bhb_loop+0x40/0x90 [ 383.443877][ T9562] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 383.449843][ T9562] RIP: 0033:0x7f23ed59c819 [ 383.454402][ T9562] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 383.474060][ T9562] RSP: 002b:00007f23ee37c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 383.482789][ T9562] RAX: ffffffffffffffda RBX: 00007f23ed815fa0 RCX: 00007f23ed59c819 [ 383.491106][ T9562] RDX: 0000200000002280 RSI: 0000000000008914 RDI: 0000000000000006 [ 383.499140][ T9562] RBP: 00007f23ed632c91 R08: 0000000000000000 R09: 0000000000000000 [ 383.507184][ T9562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 383.515321][ T9562] R13: 00007f23ed816038 R14: 00007f23ed815fa0 R15: 00007ffdbd2f5e28 [ 383.523366][ T9562] [ 383.579616][ T8573] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 384.137096][ T9570] syzkaller0: entered promiscuous mode [ 384.149553][ T9570] syzkaller0: entered allmulticast mode [ 384.220189][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 384.229202][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 384.238061][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 385.499756][ T1131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 385.508333][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 387.259465][ T8572] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 388.060114][ T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 388.069070][ T5869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 388.077998][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 390.631074][ T1131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 391.112260][ T8573] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 391.259920][ T1131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog