last executing test programs: 3m21.136909772s ago: executing program 1 (id=23008): r0 = userfaultfd(0x80801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x54d}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil) close_range(r0, 0xffffffffffffffff, 0x0) 3m21.039275544s ago: executing program 1 (id=23009): r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0) r2 = syz_open_dev$loop(&(0x7f00000001c0), 0x5, 0x88000) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000001280)={r1, 0x0, {0x2a12, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x13, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9603dda1af1ea80000000000000000000000deff00000000000000000000000014a2648f00", "2809e8dbe108038948224ad54afac11d875397bdb22d0000b420a1a93c7540f4767f9e01177d3dd40600000061ac00", "90be8b1c55f96400", [0x7fc, 0x1]}}) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) 3m20.962732882s ago: executing program 1 (id=23010): sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) io_setup(0x9, &(0x7f0000000340)=0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x14, 0x2, &(0x7f0000000900)=ANY=[@ANYBLOB="186a000013000000000000000310"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$xdp(0x2c, 0x3, 0x0) io_submit(r0, 0x2000000000000211, &(0x7f0000000840)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x8, 0x9, r1, 0x0}]) 3m20.82888764s ago: executing program 1 (id=23011): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x4) 3m19.949697058s ago: executing program 1 (id=23012): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) setsockopt$inet6_tcp_int(r0, 0x11a, 0x2, &(0x7f0000000000)=0x304, 0x4) 3m19.692059305s ago: executing program 1 (id=23013): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmsg$unix(r0, &(0x7f00000000c0)={&(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4040801}, 0x20008840) recvmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/57, 0x39}, 0x8}], 0x3ffffffffffff2e, 0x1000400000de, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 3m19.438180088s ago: executing program 32 (id=23013): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmsg$unix(r0, &(0x7f00000000c0)={&(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4040801}, 0x20008840) recvmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/57, 0x39}, 0x8}], 0x3ffffffffffff2e, 0x1000400000de, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 2m10.039912429s ago: executing program 3 (id=23850): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000540)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x9}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000000)=@sack_info={r2, 0x69e, 0xffff}, &(0x7f0000000040)=0xc) 2m9.091420643s ago: executing program 3 (id=23863): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x24, r1, 0x200, 0x70bd2b, 0x2, {}, [@NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r1, 0x1, 0x14, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}}, 0x28}}, 0x0) 2m8.983464381s ago: executing program 3 (id=23865): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8000001f) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x4) fcntl$notify(r1, 0x402, 0x8000003d) close_range(r0, r1, 0x0) 2m8.902934743s ago: executing program 3 (id=23866): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 2m7.981394978s ago: executing program 3 (id=23877): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000000)={0x0, 0x40000105, 0x0, 0x0}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x26b, 0x0, 0xfffffffffffffffc}]}) 2m7.68782053s ago: executing program 3 (id=23881): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00001700000000001c0037800b0001006970768a616e08000c0002800600010000000000050027"], 0x44}, 0x1, 0x0, 0x0, 0x4008010}, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0) 2m7.504579985s ago: executing program 33 (id=23881): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00001700000000001c0037800b0001006970768a616e08000c0002800600010000000000050027"], 0x44}, 0x1, 0x0, 0x0, 0x4008010}, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0) 5.402729702s ago: executing program 0 (id=25294): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) ptrace$poke(0x4, r1, &(0x7f00000011c0), 0xfffffffffffffffd) 5.139946867s ago: executing program 0 (id=25297): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) r1 = eventfd2(0xff, 0x80801) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000080)={0x0, r1}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x1, r1}) read$eventfd(r1, &(0x7f00000000c0), 0x8) 5.025299321s ago: executing program 0 (id=25298): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000f1d566201e043c40d7cc000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000002c0)={0x84, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 4.08962703s ago: executing program 2 (id=25305): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x0, 0x14}, @ipv4=@udp={{0x6, 0x4, 0x3, 0x1b, 0xfc0, 0x66, 0x0, 0x40, 0x11, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1a}, {[@timestamp={0x44, 0x4, 0x1c, 0x0, 0x6}]}}, {0x4e20, 0x4e23, 0xfa8, 0x0, @wg=@data={0x4, 0x2, 0x8, "e8771ac366586e56f446dcd22ec94c672f1cd650516a2fbeddd0cb5cffc4ef63a1c2be9551171e48bb8559ac9077c099289048d76df434e4ec536c04816b127eb525176f5737b934b37a9d109ea3aa64d0fb30013becb29f6a39d4cbdbc4e2540996ed75b90498301c99df853d4baac4654e6f1a06cf03a87aa2d2d74199bcafa0dc84a8ea112fba51687b8727bb905c7b42a0c9b26559b4ecc397c6a33731df0fca1aee35968435e8129f8e6d52a0754fcaa693706c4557af6be8821983e702fdd3dac90b6cbe00b1fe59f5bcd890dbb87c0d8d80ba8727e4ff6b89af3ecda43705a9dc113396c950947e85193eabe1364909509babcad37d21392d071480ff4f69dc5db442263d4608ff94e5157c65bb35c3f4a7af6bfb562a317cf13292abdbd5ac3f31d47da6fe5e8be324c78b37e2f351955bbf5f18f86a0cd98d68dca14aea59917ce05e0dc0e3a2033d22a506109db846c49f8c7d575c02349736311e40bc497c9a7da1fe4f94d8e601a5cff4cbd63ed730a01c7f07dd74d603b951557b93e551b0e028232412d568dadc29c2c9e01ca85b83d779cd3b918f9c73ba471ee9079fc42b511b45c3d4f80a46f8e9ad22a05ef5422348ff415b2131e2b2ae0ef5fab9f678bc5ef02d611655d6264e0755e176ade135a971851bd22666ae753ff5135bf14a005cea45a8b163706ea52af786f2b48362ec8619f8f728ab9fee21bcc9e000d1c470a51cec5a510f06de4dc52fc82e0be10fe0ac55f09e086cdb7f5d5f935033e4925a6ca1b1ea42f511dafd63a3cc32bcfe20aca26adb6eded22fc956b96cf2b70b5e78dbf4c2da06438c9be342f44f1dbc9bc4e453bad09f8e7d2b611e9f33f681c4342e31fee49d613b170d9ae6c93c7ece1bf0d8aaf00870b6896b8fee4ee9d705608a044ec3537ae6c46b5345e4c41576911757d4ed5bdee8e14f73df14b88af36b4c303346d88b424fea428c77cabc55198fafbcec9b027f9a9759638d733fe2dec7996ddba717fd7e0f0188f9213701c304a2b01186c72a8cfdcb87dd9c8711ec0c438eb7c229b8dfbec5c14bfeec20810b4be8944f7d6f44e5bb8839b84afe25a8654ac821efb9c850394d452873db8e9f05de381103b1278f3b34ec0b920d3aa111c82fe424588debe04dd75ac991c5f650f0b8e72c1783d975d663fc0d939f32bca98650141b381af26436c6352d98a6e30843d956ad68f998851b8c64c49a59ca6937355ac4412009cd0a2e4cacf5b02063908f7937e7563e6f63703adc5aff159f3628eb64071fc74e4e66e142113a176c2a649d653f55e833a3f184f91995547a79f46c7ca02813136c920fe6f69fe466656518478ccb84c02d751a502dff90558ce066d9be71c8fa800d7a1d56b5ca52be3122aae2cfbfe1b11d454ad72bdf7fd9d450a74734594f5e566ac2a37ca8b648fee012bf7f83f1126743b0f4791592e17dfca010a3dafeac81b88c5a47d948fc772fe4b48146b10aa319a13ca4f4dc05861859929d3c1d69967d18290cc87777a4231a6ce8dc2a4e34450e3a7659c05e5e12239d768ef8394f82278b975a68497571d1e5191ac329a66b5219f3f7f20f21261cdc3028a3662b6c10198bf7d3d513b5b823d4703cb29d89b84da69a6358a269769a8b23712c6291e77fc4da837e0857b4bbc08bba0659c55a1e06fdf1736df13948824a37515f8c49de6d502519077197debfc74709ed564315279ec804c7a0305526b14efcab44364105aa805efd97f0444d6016e35712dba75b038ea63917e6163614a3a6c694d7612e00cddab8bd31f6ba146d08e949d50ed3b0ef8fd3412ffd020bfabbcfbc5c3fa436022de3fd973869066871ec639653f3b4b5f01374adf3b60940d241a5dda6df550662ccb1a4575e2419baf1a76a246c9b7f39a05c03d832aa28293a54c619865fed0fdccd570859ffc7b1844ea8cff1e12389382e39211e665fec9d82faf11fd2300412d24dab176515aff938a6b12b5427b7fa6b42a3042248977b2f4eae9d96534a85b9ed500f62866d39f5301a3b6e60d392248fcfad25c2803c875e00010f40caca1a5932e00765c3b52427a2a8d6875a73ccb3b8e78dd27555994bf4358b2e577efe8886939515be37889e3656a5e0a949619f0f0b9cae7dc59a2415bec72df3439e563cfe69b7952abfad6cb6a979c146355e590ace810017d04075f23a1554a81bcdfb82c2396fd61fe95cd0f9c2e394bdbb0900648675ec09b94b1d4672e613be577cb398bb5d188b7c09865e2edbb273f8d9b0ae836f24b34ae6cd22e37e1ab31c835c23bd8f6deb49402f19406b0c7cddfbe357ab496910a8efa939dd9ab91de3ba67d07103063fbf9ee6fbd7b61c6b65ebe735cfab2c1162b379a3cbcbdb14d82b7f2e707ddd896ac5085ef5b15da85663df079bd5ef6180c775a4b7d645630aa9ea704f69ec8ea052f8f41e62f0e6f78a5a846e9130c53eb29a7bab9b102bf08729243f6ffe0ee6f28e98e4d0c1f49813aa04c2774f1f076310d923e900fe1c609bc5a308421fb82a12b03b9be47ce6d88635bb1722739d1abcdbc28133de131d2151d76f565be56813bb3edcf4d870f4acd0bfe5b30d60ef065158bf7b8401096a1647de88c7b0144eacecabfdf9d48d91573e82f2efecab095339e799e36ab3ee1eb66db9f9c21d96bcb2b7bf4ab01e8e56df8c4bca2bed7732472468a3b447024bc997adff639ba35e2af10f661199c4a8a2b2a8e3e59ff4ed5da468c1c2c41001efc0529636ce4ef9dd6b28deed0ad5a758abd2a3a3f024f56dd17fb4b1af62a6b91f24973071a9982df0047f85280f4a5decece67fc02428f830343e910fef6f3467c9d7776a06c133a50752cff4aa72bcbb9e4dbd8489e2e3698aae45a8753071fb6d803943d171adb60e8fcec9865e46df8fa120b939537a05b63daec7e0ecf9713c491646f04435364de697fbabf3c72d08a24f1bf34212bcdb7d5e038ac28ff76d5243b695e7faa1211a940da618930d79acdc6fdc7c9f2f4a5435d3f748ec68429f5ca2548315801cf73d74816f1ece3dfa6fb557ac105ad28d4532e1c8c6b5ab3526fbe73916dbe123acb4ac89c1b5a0664b81e216453db066e3c4318006ba3e25ed6cfe22c80f17619b7372947013749c7d04f13277f81f4461492d9237c5961be4d30965607a4d5db095070df02230cc87d9ab8633e60de83aedf8814e632bac8566bbfcdf159c9a2a7944be1a61792b8af10dd28d0ebadf7e4f231af099450813c5e27f934112e11124b01106615cee48aee88947f31a1839b83ad5c8326e30f318ae57b56becaec7094c4e7d2a377bfcb0c29ce046623e6ec120ea63c53cef94deb3d813d4b1749009084c3ade1675b55490b9d1faa03d7a2fd34921d62c31d7ef1f181883ac312dbb08b2600edce0ba197d1704485e2f155ec659de742a22628270968905324381f203a1ad7ac30b252d4c3ff9915fe32c16cbf4684a7c517b9a2ecec2433685f4741b6f02f8aa2bd0f6bf370962f38214899129012a0d36ba14c0a3e93742d063f09f0c1e838fc1095b065089c91d02a4b2e1d0a49d2294682a38d578424d1e81ff959b33f746114b795319a047d65f5e3b7a347e6cf8b0fad9eaea3db5eca7e953f77bc6c23de8f938bb505013f5c39173cb69312af98d5ff14715794c729f41490297c2b418eef11841a788eaaa7ebdb77880b64701aee50371f542e79831321833dda60213fa741ec197419d83f61c06397a47a75f50b986c53e6fdf8a6e07008e1a29b1774ceb11429a1ecec05bf80da802239c58f226ab5eb34d522ff62bc0528d87e716793e56c48352648291470bb592981acc06c2ba1547e11babf3f1d22f5e01e1f759c05816cdfe0c986c58ebbd08d8449807cd2579d5b7265930f696f8aff73e247cec12c0d1fdbcc4880245b866c2cab8b6bdf0951c2c6beccab7513ba28545036d164b407e1228a831e3b37f9c56721c347d499c1c29b8a972d2d1cfeb47f20975b4eb0b62e25dfa4ef116e62e415cde22bc039d1ccb9e70a5599881bb8b61f680670b787afc8734ac8c39ca50fbed619e54ac1421bc2584d4f7027593e12f738ba0f2d5fe03fcc7168056332477eb0b26c0579d54d8537f941acc183fdca495a7ffa10f0d3189f8c32742d5564c97e26b659969f7060a7c8864445c252c5b1755a3e8473ef9b0909eb74cabb553c3d6ab58f12ed75703d9139a4f57ef71af90815a5273e64282582623c41c51352d12ce48e0712f50ab3dc528619e1e16b52452204b3c7e1e16556e8fbdf0d623216186ff5ca84ad730ff457b06e766e085d5dee40a308fae8b4e19e18245a3ed02967f07441903c149ae9da5fe238194009ded2a3d80a67e1c3abdfb63fad0155529c48a748ef499252d5d3e912304b1d11ee77dc25427e5e9a115583a692558aef65faba0e1f0bc4aa6b6ac21d4fe4741feac17a7c6b5699384e30f7236f400d9df6d658add13b4f0a4b16a77d1f9e6b4d3045f7ba7ee68ce171008e635496ad631f59846b7895aa329390d2ad9980b6586d383a740f1e1b0883a3fddc4126c2d09fd5815dd892692e1c3b7eb2951b766bd4bca19896f75dbfaf51ad4ca9f97d00049082091e3c6cdf16026b1de4603ac7afde08a7a8ffd110636d3d063c2bb6fa84bfd7fff8ad04d0c812fe14a77bd3a9b9fdcc3e0fbaf5ac2475130987f81ac8c9898f95112aa597f40ec11e04684e45b56d81e11180f59b606886306fbc62c076a12a41238ccd74d3154f312f10f3ad215d64a468cb15eae30a3f7f7e5cf6a87dbd813df8093d2b3586693ddee6a5c1b0caaec1ef419657b89692bbd2a7064767cf5b4c3ef6d120557b4df5e7ee6094f935870edc070ae3e96c850a61356c5d79008fc98728dd87470a98aa1c1ab6056990110c0b3108e50b573d77ad4856c03da8098c8fd176685803db471a642dfb9a9ef2d14e186eea96219ea0fa03cc28d7ea2686e61c3f46f15c23213a6432d77ffea182ec26dbf9118a2fc082bdee517e0974982819a7a996b7a30f5901dd3c44b3344bdf93a61ecc4cddb969d3b94e6f4910a9b38ff886d5c96a820092f112ee6eb0ce094940280a2040862157497b3a3374a4d62c34d1fdf6826811db1ea7f28b64f22304e2246dcee44ca361370c0d1727f951dbdb1a329368a5dd76ba4486ce508a28d0ce2eb95daab36caf101dc2351c4efdf3ec70221888dad522b0d51a0b9765a410ca8cf00baaeb074d310cdd908e76586e59d0c7c27eb5557e474ac54525c237d5b2eedccab12b0f96fa2c00239e2017dfeb645fdd748d5c21684181b81464d32909b4995f274a9717f224c1e34cd41c8d12b9f13daeae3f65510c6ecf94956d630db0478fbf87c7d7c75221046a1a1886696f89e427b94139164b99b88d83b633122b5d9483f4261be27d01d6011cee48b1c24a3aff62c4d04f9dfb00e1a7a1013f97e87306147b7da305a36077cf0a7618563a754e34e65c2ee95932eb2da4b73ca83f3afcce93d8d59357ca7b5d9f37e5ba475be39bb8870af109d95527b44777ff8f55ace0adf84f73ce065371a4ce78b22d7a6bbf1bbae4c57b44262ddff39f4ce8b858f89737f33786445cbaf271959da24"}}}}, 0xfce) 4.040010793s ago: executing program 5 (id=25306): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000000)={0x28, 0x2, r1, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000001}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000001100)={0x28, 0x3, r1, 0x0, &(0x7f0000001000)='Q', 0x1, 0x100000000}) ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f0000000380)={0x28, 0x4, r1, r1, 0x11000, 0x5, 0x9}) 3.961229492s ago: executing program 5 (id=25308): unshare(0x6a040000) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x419, 0x600, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x80, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a300000000014000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000) 3.724739225s ago: executing program 2 (id=25310): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x8049}], 0x1, 0x8040010) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1, 0x0, 0x0, 0xf5000000}, 0x0) 3.476508472s ago: executing program 4 (id=25312): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x8, 0x4, 0x4, 0x4}, 0x50) r1 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x4) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0, 0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000340)=r2}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r3}, &(0x7f0000000380), &(0x7f00000002c0)=r2}, 0x20) 3.432050574s ago: executing program 2 (id=25313): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x2150, 0xc000, 0x3, 0xc4}) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001480)}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='*'], 0x50) io_uring_enter(r0, 0x2219, 0xcf74, 0x16, 0x0, 0x0) 3.377455233s ago: executing program 4 (id=25314): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, 0xffffffffffffffff}) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x60042, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) close_range(r1, 0xffffffffffffffff, 0x0) 3.319815025s ago: executing program 4 (id=25315): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301000009210000000122010009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000"], 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x400, 0x48940) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f00000000c0)=""/84) 2.997155217s ago: executing program 2 (id=25316): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @rand_addr=' \x01\x00'}}}, &(0x7f0000000040)=0x84) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={r3, 0xeb000000}, 0x8) 2.929536559s ago: executing program 2 (id=25317): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6161, 0x4d15, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, &(0x7f0000000440)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, 0x0, &(0x7f0000000680)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f0000000200)={0x2c, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xc01}}, 0x0, 0x0, 0x0}, 0x0) 2.574164012s ago: executing program 5 (id=25319): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x4, 0x2}, 0x4) 2.364926474s ago: executing program 5 (id=25320): syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x2, "d2903a4e"}]}}, 0x0}, 0x0) r0 = memfd_create(&(0x7f0000000780)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\nh<\x99\xaa\xe1\xf3\xb8Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev<\x97\x1a2_\x82\xfa\x15h$\x01\xdd\xe5\xceC\x19\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xb2\xf5\x1e5.\xc1\xa1\x05\x92\x82d\x0e\xf5PMjIt\xc5u~Tw\xbeNg\xb5\xeeP\x9c\xce\xfaS\xa7\xec0\xf4\xd2\xc2+@\x12=\xaa\b\xd2&\x19k6\xc7\xa6+\x04V\xc3\xe1\xd3\fZZ\x1cJo\xa5(& \r\xf1\xa4\xb8\xc23\x16\xc3\xaejA/', 0x0) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = dup(r1) bind$unix(r2, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) 1.931324719s ago: executing program 0 (id=25325): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x84, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000100)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x1, r1, 0x0, 0x80, 0xfffffff7ffffffff}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x2, r1, 0x0, &(0x7f0000000040)='~', 0x1, 0x8}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000500)={0x28, 0x4, r1, 0x0, &(0x7f0000000380)='s', 0x1, 0x136}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000004c0)={0x28, 0x4, r1, 0x0, &(0x7f0000000400)='M', 0x1, 0x5}) 1.828704947s ago: executing program 0 (id=25327): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000) preadv2(r0, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000180)=""/149, 0x95}], 0x2, 0x100005, 0x1, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000280)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) 1.737005134s ago: executing program 5 (id=25329): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328) setsockopt$inet_tcp_int(r0, 0x6, 0x2a, &(0x7f0000000440)=0x102, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 1.643875335s ago: executing program 0 (id=25330): syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000002000040257d15a44000010400010902"], 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, &(0x7f0000000100)) 1.481274422s ago: executing program 5 (id=25331): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0) syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') 1.002127249s ago: executing program 6 (id=25335): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0) write$uinput_user_dev(r1, &(0x7f0000000a00)={'syz1\x00', {0x6ec9, 0x7, 0x5, 0x5}, 0x3e, [0x9, 0x2, 0x8, 0x2, 0x5334, 0x400, 0x80000000, 0x5, 0x8, 0x0, 0x6, 0xf5, 0x9, 0x39, 0x747d5a13, 0x8, 0xfffffb9a, 0xfffffffc, 0x4, 0xfffffffb, 0x4, 0x3, 0x4, 0xf252, 0x4, 0x800, 0x300000, 0x7, 0xe, 0x4623b, 0x0, 0x0, 0x1ff, 0x8000, 0x3ff, 0x3, 0x400000d, 0xf, 0xba55, 0x8da8, 0x0, 0x200, 0x2, 0x400008, 0xe, 0x4, 0x2, 0x0, 0x8, 0x9, 0x1, 0x199f, 0x8, 0xfffffffe, 0x9, 0x1, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x9, 0x7, 0x5], [0x6, 0x1e, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x5, 0x7, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0x7, 0x3, 0x9, 0x10000, 0x400, 0x8000, 0x3, 0x1, 0x297, 0x5, 0x0, 0x981, 0x4, 0x100, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x1000001, 0x10, 0xfffffff9, 0x7ff, 0x5, 0x1, 0xfffffffd, 0x6, 0x5, 0x800, 0xffff, 0x1, 0x96, 0xfffffffd, 0x101, 0x0, 0x1, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x7, 0x6, 0x12, 0x1, 0x1, 0x8, 0x6, 0x200, 0x3], [0x401, 0xc584, 0xffff, 0xcd4, 0x7, 0x1e, 0x7, 0x5, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x5, 0x80000001, 0x8, 0xffffffff, 0x1000, 0x2, 0x10, 0x1, 0xfffffff9, 0xe55, 0x10, 0x80000001, 0x4, 0x4, 0x5, 0x9, 0x2, 0x20000005, 0x80, 0x9, 0x9, 0x47, 0x2, 0x3, 0x4, 0x7, 0x6d7e, 0x3, 0x1f1, 0x8001, 0xbf23, 0x6, 0x8, 0x95a, 0xffffffff, 0x4, 0x3, 0x6, 0x100fffd, 0x2005, 0x7, 0x4, 0xeb, 0x9, 0x5, 0x6, 0xd9, 0x0, 0x401, 0x5, 0x5], [0x108e, 0x7fff, 0x3, 0x3, 0x88, 0x2, 0x6, 0x4, 0x3, 0x2, 0x763, 0xb, 0x402, 0x800, 0x2, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x1e0, 0x4, 0xe47, 0x3, 0x3, 0x3, 0x200, 0x1000, 0x3b, 0x2, 0x5, 0x800, 0xa80a, 0x65f413f9, 0x4, 0x80000008, 0x8a8, 0x2, 0x40, 0x7, 0x1, 0x2, 0x4, 0x10, 0x0, 0x0, 0x7fff, 0x2, 0xfffffff8, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0x7, 0xe, 0x2, 0xe, 0x10, 0x133, 0x6]}, 0x45c) ioctl$UI_DEV_CREATE(r1, 0x5501) readv(r1, &(0x7f0000001900)=[{0x0, 0xea}], 0x1) 740.284443ms ago: executing program 6 (id=25336): bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000000000000", @ANYRES32=0x0, @ANYBLOB="feffffff000010"], 0x50) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000740)) ioctl$VHOST_GET_VRING_ENDIAN(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000001980)=0x1) 588.433603ms ago: executing program 6 (id=25337): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0x3a0af83a) shutdown(r0, 0x1) listen(r0, 0x28) poll(&(0x7f0000000340)=[{r0, 0x629}], 0x1, 0x400) shutdown(r0, 0x0) 319.87495ms ago: executing program 6 (id=25338): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000ce34000000000000000000850000002e00000095"], &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$nl_route(0x10, 0x3, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000380)=r0, 0x4) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=@ipmr_delroute={0x1c, 0x19, 0x1, 0x70bd28, 0x25dfdbfc, {0x80, 0x10, 0x20, 0x2, 0x0, 0x2, 0xfd, 0x3, 0x1400}}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) sendmsg$nl_route_sched(r1, &(0x7f0000001d00)={0x0, 0x0, &(0x7f0000001cc0)={&(0x7f0000001c80)=@getchain={0x24, 0x66, 0x5c411f9f9387ae4, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x5, 0xfff3}, {0xf, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x400c000}, 0x0) 233.017037ms ago: executing program 6 (id=25339): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000040)=0x80000001, 0x4) listen(r0, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4) connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10) 195.005943ms ago: executing program 4 (id=25340): socket$inet6_sctp(0xa, 0x5, 0x84) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x800) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f00000001c0)={0x3e, 0x2, 0x3, 0x2, 0x0, 0x8000000000000000, 0xf89}, 0x0, 0x0, 0x0, 0x0) 86.683008ms ago: executing program 6 (id=25341): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) 84.344859ms ago: executing program 4 (id=25342): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x7}, &(0x7f0000000180)=0x8) 1.044199ms ago: executing program 2 (id=25343): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) preadv(0xffffffffffffffff, &(0x7f0000000440)=[{0x0}], 0x1, 0x4, 0x80000000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mprotect(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 4 (id=25344): unshare(0x26000400) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = mq_open(&(0x7f00000004c0)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xednux\x02\xc7\x12\xec\xca7\xbc\x1fS\x1c\x05y\x91\xe5\x9aL\xa9u\b\x00\x00\x00\xa0pC\x19\x9b\vY\x186\xa4\xe7\x1eg{`\xfa\xf3n\x8fIj6f\xfb\x13-g\x19(a6\x18\xe24nz\x83w8\xff\xfb\x83\f\x9a\xda\xc5w\x8eo\x02\xa3\xc1\x83\x91\xc6\xfd\x8c\xc4s\x03\x16\xa4+\xce|^\x98K_0\x8a\xb0\xff~\x1e\xd92\xb4r\xd8\xe7', 0x40, 0x110, 0x0) mq_timedreceive(r1, 0x0, 0xfffffffffffffee3, 0x2000000, 0x0) kernel console output (not intermixed with test programs): error -22 [ 1335.100449][ T5984] usb 4-1: USB disconnect, device number 57 [ 1336.701075][ T5984] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 1336.852894][ T5984] usb 3-1: config index 0 descriptor too short (expected 45, got 36) [ 1336.862701][ T5984] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1336.875454][ T5984] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1336.887870][ T5984] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1336.901291][ T5984] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1336.914889][ T5984] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1336.925045][ T5984] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1336.936508][ T5984] usb 3-1: config 0 descriptor?? [ 1336.946490][T24091] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 1337.022707][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1337.395183][ T5984] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0 [ 1337.403192][ T5984] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0 [ 1337.421891][ T5984] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0 [ 1337.437425][ T5984] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0 [ 1337.446464][ T5984] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0 [ 1337.470925][ T5984] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0 [ 1337.486156][ T5984] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0 [ 1337.501947][ T5984] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0 [ 1337.509540][ T5984] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0 [ 1337.517475][ T5984] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0 [ 1337.534220][ T5984] plantronics 0003:047F:FFFF.00C3: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 1337.619258][T24113] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1337.628662][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1337.793612][ T5984] usb 3-1: USB disconnect, device number 19 [ 1338.062966][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1338.081168][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1338.701059][ T5967] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 1338.925204][ T5967] usb 3-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e [ 1338.946543][ T5967] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1338.958218][ T5967] usb 3-1: Product: syz [ 1338.963329][ T5967] usb 3-1: Manufacturer: syz [ 1338.968103][ T5967] usb 3-1: SerialNumber: syz [ 1338.984116][ T5967] usb 3-1: config 0 descriptor?? [ 1339.101129][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1339.174779][T24139] syzkaller1: entered promiscuous mode [ 1339.192147][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1339.201525][T24139] syzkaller1: entered allmulticast mode [ 1339.244408][T24144] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1339.632653][ T5967] mos7840 3-1:0.0: required endpoints missing [ 1339.657845][ T5967] usb 3-1: USB disconnect, device number 20 [ 1339.740941][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1339.787473][T24164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1339.797282][T24164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1339.921671][ T5984] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 1340.082865][ T5984] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD4, changing to 0x84 [ 1340.095325][ T5984] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 51544, setting to 1024 [ 1340.107123][ T5984] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024 [ 1340.123418][ T5984] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1340.132850][ T5984] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1340.142584][ T5984] usb 4-1: Product: syz [ 1340.147029][ T5984] usb 4-1: Manufacturer: syz [ 1340.152578][ T5984] usb 4-1: SerialNumber: syz [ 1340.160498][ T5984] usb 4-1: config 0 descriptor?? [ 1340.166818][T24160] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1340.379687][T24160] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1340.611708][ T5984] usb 4-1: USB disconnect, device number 58 [ 1340.860857][T18728] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 1341.010744][T18728] usb 6-1: Using ep0 maxpacket: 32 [ 1341.017937][T18728] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 1341.033756][T18728] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 1341.047069][T18728] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0 [ 1341.057156][T18728] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11 [ 1341.068843][T18728] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024 [ 1341.082821][T18728] usb 6-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36 [ 1341.092810][T18728] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1341.102359][T18728] usb 6-1: Product: syz [ 1341.107098][T18728] usb 6-1: Manufacturer: syz [ 1341.111779][T18728] usb 6-1: SerialNumber: syz [ 1341.121478][T18728] usb 6-1: config 0 descriptor?? [ 1341.150965][T24196] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1341.699142][T24210] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1341.737313][T18728] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 1341.755619][T18728] input input227: Device does not respond to id packet M [ 1341.771591][T18728] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 1341.780821][T18728] input input227: Device does not respond to id packet P [ 1341.798421][T18728] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 1341.808333][T18728] input input227: Device does not respond to id packet B [ 1341.831087][T18728] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 1341.837133][T18728] input input227: Device does not respond to id packet N [ 1341.851011][T18728] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 1341.860198][T18728] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 1341.868428][T18728] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 1341.874922][T18728] iforce 6-1:0.0: usb_submit_urb failed: -71 [ 1341.888500][T18728] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input227 [ 1341.919912][T18728] usb 6-1: USB disconnect, device number 7 [ 1342.229630][T24223] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1342.233343][T18728] net_ratelimit: 37 callbacks suppressed [ 1342.233364][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1342.251085][ T5984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1342.590881][ T5984] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 1342.753778][ T5984] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1342.765449][ T5984] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1342.775580][ T5984] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1342.789222][ T5984] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1342.798959][ T5984] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1342.816304][ T5984] usb 4-1: config 0 descriptor?? [ 1343.261308][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1343.275521][ T5984] plantronics 0003:047F:FFFF.00C4: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 1343.302014][ T5967] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 1343.435804][T24258] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1343.465286][ T5967] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1343.475944][ T5967] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1343.494279][ T5967] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1343.510963][ T5967] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1343.517453][T18728] usb 4-1: USB disconnect, device number 59 [ 1343.531386][ T5967] usb 6-1: Product: syz [ 1343.536258][ T5967] usb 6-1: Manufacturer: syz [ 1343.550639][ T5967] usb 6-1: SerialNumber: syz [ 1343.734384][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1343.768999][ T5967] usb 6-1: 0:2 : does not exist [ 1343.807867][ T5967] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 1343.857127][ T5967] usb 6-1: USB disconnect, device number 8 [ 1343.937687][T30297] udevd[30297]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1344.044710][ T5984] hid_parser_main: 5 callbacks suppressed [ 1344.044732][ T5984] hid-generic 0000:0000:0000.00C5: unknown main item tag 0x0 [ 1344.104271][ T5984] hid-generic 0000:0000:0000.00C5: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1344.300827][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1344.380885][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1344.460863][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1344.964051][T24310] veth1_to_bond: Caught tx_queue_len zero misconfig [ 1345.261987][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1345.341073][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1345.778261][T24331] syzkaller1: entered promiscuous mode [ 1345.785094][T24331] syzkaller1: entered allmulticast mode [ 1345.802318][T24332] af_packet: tpacket_rcv: packet too big, clamped from 32 to 4294967272. macoff=96 [ 1346.191037][T24343] netlink: 156 bytes leftover after parsing attributes in process `syz.3.23653'. [ 1347.141607][T24365] syzkaller1: entered promiscuous mode [ 1347.166991][T24365] syzkaller1: entered allmulticast mode [ 1347.383553][T24373] netlink: 6 bytes leftover after parsing attributes in process `syz.4.23664'. [ 1347.411069][T24373] net_ratelimit: 3 callbacks suppressed [ 1347.411087][T24373] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1347.443062][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1347.650350][T24380] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1348.300886][ T5984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1348.511511][T24408] input: syz1 as /devices/virtual/input/input228 [ 1348.545248][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1348.751526][T24413] lo: Caught tx_queue_len zero misconfig [ 1349.083175][T22946] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 1349.248034][T22946] usb 3-1: Using ep0 maxpacket: 32 [ 1349.255570][T22946] usb 3-1: config 0 has an invalid interface number: 38 but max is 0 [ 1349.283841][T22946] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1349.311444][T22946] usb 3-1: config 0 has no interface number 0 [ 1349.317580][T22946] usb 3-1: config 0 interface 38 altsetting 157 endpoint 0x6 has invalid wMaxPacketSize 0 [ 1349.340036][T22946] usb 3-1: config 0 interface 38 altsetting 157 bulk endpoint 0x6 has invalid maxpacket 0 [ 1349.374189][T22946] usb 3-1: config 0 interface 38 altsetting 157 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1349.406583][T22946] usb 3-1: config 0 interface 38 has no altsetting 0 [ 1349.424913][T22946] usb 3-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=7f.b3 [ 1349.455833][T22946] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1349.484564][T22946] usb 3-1: Product: syz [ 1349.492236][T22946] usb 3-1: Manufacturer: syz [ 1349.496860][T22946] usb 3-1: SerialNumber: syz [ 1349.566721][T22946] usb 3-1: config 0 descriptor?? [ 1349.580875][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1349.609790][T22946] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 1350.508730][T22946] input: gspca_pac7302 as /devices/platform/dummy_hcd.2/usb3/3-1/input/input229 [ 1350.541605][ T5984] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 1350.622956][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1350.725489][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1350.736739][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1350.760682][ T5984] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1350.781280][ T5984] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1350.792312][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1350.813732][ T5984] usb 6-1: config 0 descriptor?? [ 1350.858363][ T5967] usb 3-1: USB disconnect, device number 21 [ 1351.007829][T24465] vivid-001: disconnect [ 1351.034030][ T6731] vivid-001: reconnect [ 1351.152675][T24470] netlink: 8 bytes leftover after parsing attributes in process `syz.3.23702'. [ 1351.273108][ T5984] plantronics 0003:047F:FFFF.00C6: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 1351.279552][T24475] xt_hashlimit: size too large, truncated to 1048576 [ 1351.340877][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1351.350247][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1351.358725][ T5984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1351.527688][ T5984] usb 6-1: USB disconnect, device number 9 [ 1351.661042][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1352.145104][ T5984] IPVS: starting estimator thread 0... [ 1352.155660][T24496] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1352.286678][T24497] IPVS: using max 37 ests per chain, 88800 per kthread [ 1352.682677][T24512] input: syz1 as /devices/virtual/input/input231 [ 1352.700907][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1353.744217][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1353.920693][ T6731] usb 4-1: new high-speed USB device number 60 using dummy_hcd [ 1354.072738][ T6731] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1354.084264][ T6731] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1354.094472][ T6731] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1354.120096][ T6731] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1354.139636][ T6731] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1354.169288][ T6731] usb 4-1: config 0 descriptor?? [ 1354.383392][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1354.600069][ T6731] plantronics 0003:047F:FFFF.00C7: reserved main item tag 0xe [ 1354.616327][ T6731] plantronics 0003:047F:FFFF.00C7: unknown main item tag 0x0 [ 1354.643696][ T6731] plantronics 0003:047F:FFFF.00C7: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 1354.784308][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1354.875309][ T6711] usb 4-1: USB disconnect, device number 60 [ 1355.057068][T24591] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1355.442129][T18728] hid-generic 0000:0000:0000.00C8: unknown main item tag 0x0 [ 1355.471570][T18728] hid-generic 0000:0000:0000.00C8: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1355.535648][T24604] input: syz1 as /devices/virtual/input/input232 [ 1355.827691][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1355.941991][T24616] syzkaller1: entered promiscuous mode [ 1355.948049][T24616] syzkaller1: entered allmulticast mode [ 1356.088026][T24621] loop3: detected capacity change from 0 to 7 [ 1356.104988][T24621] Dev loop3: unable to read RDB block 7 [ 1356.113811][T24621] loop3: AHDI p3 p4 [ 1356.120727][T18728] usb 4-1: new high-speed USB device number 61 using dummy_hcd [ 1356.128975][T24621] loop3: partition table partially beyond EOD, truncated [ 1356.148758][T24621] loop3: p3 start 1702000233 is beyond EOD, truncated [ 1356.291904][T18728] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 1356.310241][T18728] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 1356.325320][T18728] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 1356.338799][T18728] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 1356.349599][T18728] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1356.375841][T18728] usb 4-1: Product: syz [ 1356.380044][T18728] usb 4-1: Manufacturer: syz [ 1356.392256][T18728] usb 4-1: SerialNumber: syz [ 1356.400102][T24629] netlink: 4 bytes leftover after parsing attributes in process `syz.5.23771'. [ 1356.411067][T18728] usb 4-1: config 0 descriptor?? [ 1356.416881][T24613] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1356.426222][T24631] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1356.431387][T24613] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1356.443411][T18728] usb 4-1: ucan: probing device on interface #0 [ 1356.445102][T24631] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1356.759879][T24629] team0 (unregistering): Port device team_slave_0 removed [ 1356.783119][T24641] vivid-004: ================= START STATUS ================= [ 1356.797803][T24629] team0 (unregistering): Port device team_slave_1 removed [ 1356.811019][T24641] vivid-004: Radio HW Seek Mode: Bounded [ 1356.828558][T24641] vivid-004: Radio Programmable HW Seek: false [ 1356.835517][T24641] vivid-004: RDS Rx I/O Mode: Block I/O [ 1356.842612][T24641] vivid-004: Generate RBDS Instead of RDS: false [ 1356.849117][T24641] vivid-004: RDS Reception: true [ 1356.857752][T24641] vivid-004: RDS Program Type: 0 inactive [ 1356.865496][T24641] vivid-004: RDS PS Name: inactive [ 1356.871423][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1356.876974][T24641] vivid-004: RDS Radio Text: inactive [ 1356.887006][T24641] vivid-004: RDS Traffic Announcement: false inactive [ 1356.894130][T24641] vivid-004: RDS Traffic Program: false inactive [ 1356.903225][T24641] vivid-004: RDS Music: false inactive [ 1356.913168][T24641] vivid-004: ================== END STATUS ================== [ 1357.108089][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1357.115017][T18728] ucan 4-1:0.0 can0: registered device [ 1357.289202][T18728] ucan 4-1:0.0 can0: firmware string: L>z^ɉw{f,=}̫eRJ(=#gE}ut+|H!R$8g[- }q>ArŴ,xp|JB *~|X8-eo! [ 1357.380713][ T5967] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 1357.421192][ T5984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1357.525381][T18728] usb 4-1: USB disconnect, device number 61 [ 1357.551382][ T5967] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 1357.562583][ T5967] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1357.581494][ T5967] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1357.597306][ T5967] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1357.612527][ T5967] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1357.634548][ T5967] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1357.651470][T24669] netlink: 420 bytes leftover after parsing attributes in process `syz.0.23785'. [ 1357.662148][ T5967] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1357.679232][ T5967] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1357.701028][ T5967] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1357.748271][ T5967] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1357.768524][ T5967] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1357.777765][ T5967] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1357.797150][ T5967] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1357.806169][ T5967] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1357.818819][ T5967] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1357.831770][T24674] fuse: Unknown parameter '1 [ 1357.831770][T24674] TracerPid: 0 [ 1357.831770][T24674] Uid: 0 0 0 0 [ 1357.831770][T24674] Gid: 0 0 0 0 [ 1357.831770][T24674] FDSize: 256 [ 1357.831770][T24674] Groups: 0 65534 [ 1357.831770][T24674] NStgid: 9268 [ 1357.831770][T24674] NSpid: 9269 [ 1357.831770][T24674] NSpgid: 9268 [ 1357.831770][T24674] NSsid: 0 [ 1357.831770][T24674] Kthread: 0 [ 1357.831770][T24674] VmPeak: 104080 kB [ 1357.831770][T24674] VmSize: 104080 kB [ 1357.831770][T24674] VmLck: 0 kB [ 1357.831770][T24674] VmPin: 0 kB [ 1357.831770][T24674] VmHWM: 23540 kB [ 1357.831770][T24674] VmRSS: 23540 kB [ 1357.831770][T24674] RssAnon: 1344 kB [ 1357.831770][T24674] RssFile: 22196 kB [ 1357.831770][T24674] RssShmem: 0 kB [ 1357.831770][T24674] VmData: 36584 kB [ 1357.831770][T24674] VmStk: 132 kB [ 1357.831770][T24674] VmExe: 1684 kB [ 1357.831770][T24674] VmLib: 8 kB [ 1357.831770][T24674] VmPTE: 132 kB [ 1357.831770][T24674] VmSwap: 0 kB [ 1357.831770][T24674] HugetlbPages: 0 kB [ 1357.831770][T24674] CoreDumping: 0 [ 1357.831770][T24674] THP_enabled: 1 [ 1357.831770][T24674] untag_mask: 0xffffffffffffffff [ 1357.831770][T24674] Threads: 2 [ 1357.831770][T24674] SigQ: 0/13015 [ 1357.831770][T24674] SigPnd: 0000000000000000 [ 1357.831770][T24674] ShdPnd: 0000000000000000 [ 1357.831770][T24674] SigBlk: 0000000000000000 [ 1357.831770][T24674] SigIgn: fffffffefffaba35 [ 1357.831770][T24674] SigCgt: 0000000100010440 [ 1357.831770][T24674] CapInh: 0000000000000000 [ 1357.831770][T24674] CapPrm: 000001ffff77ffff [ 1357.831770][T24674] CapEff: 000001ffff77ffff [ 1357.831770][T24674] CapBnd: 000001ffffffffff [ 1357.831770][T24674] CapAmb: 0000000000000000 [ 1357.831770][T24674] NoNewPrivs: 0 [ 1357.831770][T24674] Seccomp: 0 [ 1357.831770][T24674] Seccomp_filters: 0 [ 1357.831770][T24674] Speculation_Store_Bypass: thread vulnerable [ 1357.831770][T24674] SpeculationIndirectBranch: conditional enabled [ 1357.831942][ T5967] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1358.036183][ T5967] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1358.048987][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1358.065429][ T5967] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1358.091457][ T5967] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1358.109819][ T5967] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1358.155268][ T5967] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1358.195727][ T5967] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1358.212425][ T5967] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1358.228167][ T5967] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1358.242708][T24684] binder: 24683:24684 ioctl c0306201 0 returned -14 [ 1358.250255][ T5967] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1358.267515][ T5967] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 1358.277504][ T5967] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 1358.287356][ T5967] usb 6-1: Product: syz [ 1358.292684][ T5967] usb 6-1: Manufacturer: syz [ 1358.297785][ T5967] usb 6-1: SerialNumber: syz [ 1358.309805][ T5967] usb 6-1: config 0 descriptor?? [ 1358.321551][ T5967] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 1358.536952][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 1358.536997][ T30] audit: type=1326 audit(1764795869.955:15405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24688 comm="syz.0.23789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fedc372b829 code=0x7ffc0000 [ 1358.602779][ T30] audit: type=1326 audit(1764795869.995:15406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24688 comm="syz.0.23789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fedc372b829 code=0x7ffc0000 [ 1358.644240][ T30] audit: type=1326 audit(1764795869.995:15407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24688 comm="syz.0.23789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc378f749 code=0x7ffc0000 [ 1358.698989][ T30] audit: type=1326 audit(1764795869.995:15408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24688 comm="syz.0.23789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fedc372b829 code=0x7ffc0000 [ 1358.743221][ T30] audit: type=1326 audit(1764795869.995:15409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24688 comm="syz.0.23789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fedc372b829 code=0x7ffc0000 [ 1358.773691][ C0] usb 6-1: yurex_control_callback - control failed: -71 [ 1358.786120][ T5967] usb 6-1: USB disconnect, device number 10 [ 1358.798385][ T5967] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 1358.828581][ T30] audit: type=1326 audit(1764795869.995:15410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24688 comm="syz.0.23789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc378f749 code=0x7ffc0000 [ 1358.854388][ T30] audit: type=1326 audit(1764795869.995:15411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24688 comm="syz.0.23789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc378f749 code=0x7ffc0000 [ 1358.881754][ T30] audit: type=1326 audit(1764795869.995:15412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24688 comm="syz.0.23789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fedc372b829 code=0x7ffc0000 [ 1358.904705][ T30] audit: type=1326 audit(1764795869.995:15413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24688 comm="syz.0.23789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fedc372b829 code=0x7ffc0000 [ 1358.948781][ T30] audit: type=1326 audit(1764795869.995:15414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24688 comm="syz.0.23789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fedc372b829 code=0x7ffc0000 [ 1359.101976][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1359.924699][T24748] netlink: 4 bytes leftover after parsing attributes in process `syz.4.23809'. [ 1360.141757][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1360.292290][T24766] vlan0: entered allmulticast mode [ 1360.310257][T24766] bridge0: port 3(vlan0) entered blocking state [ 1360.331571][T24766] bridge0: port 3(vlan0) entered disabled state [ 1360.344248][T24766] vlan0: entered promiscuous mode [ 1360.462265][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1361.183573][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1361.241666][T24799] netlink: 'syz.3.23832': attribute type 5 has an invalid length. [ 1361.773732][T24824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1361.782965][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1361.791580][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1361.800071][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1362.120838][T24824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1362.455783][T24842] netlink: 64 bytes leftover after parsing attributes in process `syz.2.23849'. [ 1363.160872][T24824] net_ratelimit: 7 callbacks suppressed [ 1363.160893][T24824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1363.174912][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1363.263471][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1363.295342][T24869] netlink: 4 bytes leftover after parsing attributes in process `syz.3.23863'. [ 1363.511903][T24824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1363.520298][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1363.793767][T24824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1363.802252][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1363.815099][T24891] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.23873'. [ 1364.258242][T24900] netlink: 8 bytes leftover after parsing attributes in process `syz.2.23876'. [ 1364.278465][T24900] netlink: 8 bytes leftover after parsing attributes in process `syz.2.23876'. [ 1364.313862][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1364.995591][T24918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1365.231326][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1365.243186][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1365.251308][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1365.259377][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1365.268011][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1365.343346][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1365.491782][T24934] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1365.798508][T24926] chnl_net:caif_netlink_parms(): no params data found [ 1366.099292][T24926] bridge0: port 1(bridge_slave_0) entered blocking state [ 1366.143778][T24926] bridge0: port 1(bridge_slave_0) entered disabled state [ 1366.172005][T24926] bridge_slave_0: entered allmulticast mode [ 1366.181998][T24926] bridge_slave_0: entered promiscuous mode [ 1366.202838][T24926] bridge0: port 2(bridge_slave_1) entered blocking state [ 1366.210107][T24926] bridge0: port 2(bridge_slave_1) entered disabled state [ 1366.240854][T24926] bridge_slave_1: entered allmulticast mode [ 1366.248671][T24926] bridge_slave_1: entered promiscuous mode [ 1366.252565][T24967] netlink: 4 bytes leftover after parsing attributes in process `syz.5.23905'. [ 1366.279372][T24967] netlink: 4 bytes leftover after parsing attributes in process `syz.5.23905'. [ 1366.374610][T24926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1366.388650][T24926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1366.479286][T24926] team0: Port device team_slave_0 added [ 1366.494113][T24926] team0: Port device team_slave_1 added [ 1366.603514][T24926] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1366.610495][T24926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1366.644815][T24926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1366.660477][T24926] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1366.668516][T24926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1366.696829][T24926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1366.714248][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 1366.721384][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 1366.851503][T24926] hsr_slave_0: entered promiscuous mode [ 1366.864534][T24926] hsr_slave_1: entered promiscuous mode [ 1366.891811][T24926] debugfs: 'hsr0' already exists in 'hsr' [ 1366.897579][T24926] Cannot create hsr debugfs directory [ 1367.101217][ T6711] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 1367.274189][ T6711] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1367.312426][ T6711] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1367.344749][ T8536] Bluetooth: hci0: command tx timeout [ 1367.353365][ T6711] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1367.416821][ T6711] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1367.446454][T24926] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1367.459612][ T6711] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1367.478110][T24926] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1367.505646][ T6711] usb 6-1: config 0 descriptor?? [ 1367.554673][T24926] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1367.612888][ T30] kauditd_printk_skb: 90 callbacks suppressed [ 1367.612905][ T30] audit: type=1326 audit(1764795879.025:15505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24998 comm="syz.4.23920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e858f749 code=0x7ffc0000 [ 1367.646571][T24926] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1367.650000][ T30] audit: type=1326 audit(1764795879.035:15506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24998 comm="syz.4.23920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e858f749 code=0x7ffc0000 [ 1367.680125][ T30] audit: type=1326 audit(1764795879.035:15507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24998 comm="syz.4.23920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fb9e858f749 code=0x7ffc0000 [ 1367.706678][T24999] IPVS: Scheduler module ip_vs_ not found [ 1367.714572][ T30] audit: type=1326 audit(1764795879.035:15508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24998 comm="syz.4.23920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e858f749 code=0x7ffc0000 [ 1367.776115][ T30] audit: type=1326 audit(1764795879.035:15509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24998 comm="syz.4.23920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e858f749 code=0x7ffc0000 [ 1367.818685][ T30] audit: type=1326 audit(1764795879.065:15510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24998 comm="syz.4.23920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb9e858f749 code=0x7ffc0000 [ 1367.873758][ T30] audit: type=1326 audit(1764795879.065:15511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24998 comm="syz.4.23920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e858f749 code=0x7ffc0000 [ 1367.902424][ T30] audit: type=1326 audit(1764795879.065:15512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24998 comm="syz.4.23920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e858f749 code=0x7ffc0000 [ 1367.925569][ T30] audit: type=1326 audit(1764795879.065:15513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24998 comm="syz.4.23920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb9e858f749 code=0x7ffc0000 [ 1367.984709][ T6711] plantronics 0003:047F:FFFF.00C9: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 1367.998963][T24926] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1368.018769][ T30] audit: type=1326 audit(1764795879.135:15514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24998 comm="syz.4.23920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9e858f749 code=0x7ffc0000 [ 1368.073453][T24926] 8021q: adding VLAN 0 to HW filter on device team0 [ 1368.097424][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state [ 1368.104644][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1368.146671][ T177] bridge0: port 2(bridge_slave_1) entered blocking state [ 1368.153890][ T177] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1368.307945][T24926] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1368.380993][ C0] net_ratelimit: 15 callbacks suppressed [ 1368.381013][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1368.396600][T24926] veth0_vlan: entered promiscuous mode [ 1368.419554][T24926] veth1_vlan: entered promiscuous mode [ 1368.459844][T24926] veth0_macvtap: entered promiscuous mode [ 1368.467945][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1368.481350][T24926] veth1_macvtap: entered promiscuous mode [ 1368.501545][T24926] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1368.533458][T24926] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1368.553825][ T132] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1368.564038][ T132] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1368.578647][ T132] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1368.589615][ T132] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1368.730435][ T3503] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1368.757747][ T3503] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1368.798043][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1368.811348][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1368.850693][ T6731] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 1368.948824][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1369.042652][ T6731] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1369.121579][ T6731] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1369.150719][ T6731] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1369.165035][ T6731] usb 3-1: Product: syz [ 1369.201065][ T6731] usb 3-1: Manufacturer: syz [ 1369.205715][ T6731] usb 3-1: SerialNumber: syz [ 1369.260988][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1369.322734][T25040] netlink: 'syz.0.23933': attribute type 4 has an invalid length. [ 1369.430924][ T8536] Bluetooth: hci0: command tx timeout [ 1369.503790][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1370.074945][ T185] usb 6-1: USB disconnect, device number 11 [ 1370.224991][T25066] batadv_slave_1: entered promiscuous mode [ 1370.241371][T25064] batadv_slave_1: left promiscuous mode [ 1370.354884][ T6731] cdc_ncm 3-1:1.0: bind() failure [ 1370.367217][ T6731] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 1370.384060][ T6731] cdc_ncm 3-1:1.1: bind() failure [ 1370.415525][ T6731] usb 3-1: USB disconnect, device number 22 [ 1370.558972][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1370.696437][T25079] netlink: 12 bytes leftover after parsing attributes in process `syz.6.23950'. [ 1371.419892][T25104] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1371.430614][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1371.511124][ T8536] Bluetooth: hci0: command tx timeout [ 1371.581407][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1371.652858][T25113] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1372.120886][ T185] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 1372.273877][ T185] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1372.285043][ T185] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1372.296603][ T185] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1372.306048][ T185] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 1372.316405][ T185] usb 6-1: Manufacturer: syz [ 1372.323666][ T185] usb 6-1: config 0 descriptor?? [ 1373.152011][ T185] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.00CA/input/input233 [ 1373.226286][ T185] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.00CA/input/input234 [ 1373.244762][ T185] input: syz Touch Strip as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.00CA/input/input235 [ 1373.266520][ T185] input: syz Dial as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.00CA/input/input236 [ 1373.286058][ T185] uclogic 0003:256C:006D.00CA: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.5-1/input0 [ 1373.522034][ T185] usb 6-1: USB disconnect, device number 12 [ 1373.562350][T25141] fido_id[25141]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory [ 1373.581937][ T8536] Bluetooth: hci0: command tx timeout [ 1373.672329][ T6730] net_ratelimit: 10 callbacks suppressed [ 1373.672345][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1373.745839][T25143] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 1374.116596][T25154] netlink: 3 bytes leftover after parsing attributes in process `syz.5.23984'. [ 1374.373483][T25166] netlink: 'syz.0.23991': attribute type 1 has an invalid length. [ 1374.432426][T25166] netlink: 76 bytes leftover after parsing attributes in process `syz.0.23991'. [ 1374.701416][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1375.254034][T25194] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1375.664356][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1375.740780][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1376.151852][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1376.300773][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1376.300842][ T5967] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 1376.317418][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1376.502534][ T5967] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1376.508371][T25232] netlink: 'syz.4.24018': attribute type 10 has an invalid length. [ 1376.548459][ T5967] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1376.570648][ T5967] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1376.588483][ T5967] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1376.622931][ T5967] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1376.641351][ T5967] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1376.672777][ T5967] usb 6-1: config 0 descriptor?? [ 1376.781352][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1377.104341][ T5967] plantronics 0003:047F:FFFF.00CB: unknown main item tag 0x0 [ 1377.118186][ T5967] plantronics 0003:047F:FFFF.00CB: unknown main item tag 0x0 [ 1377.128182][ T5967] plantronics 0003:047F:FFFF.00CB: unknown main item tag 0x0 [ 1377.135803][ T5967] plantronics 0003:047F:FFFF.00CB: unknown main item tag 0x0 [ 1377.143964][ T5967] plantronics 0003:047F:FFFF.00CB: unknown main item tag 0x0 [ 1377.175010][ T5967] plantronics 0003:047F:FFFF.00CB: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 1377.340738][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1377.415791][ T5967] usb 6-1: USB disconnect, device number 13 [ 1377.623605][T25262] netlink: 28 bytes leftover after parsing attributes in process `syz.6.24031'. [ 1378.806657][T18728] hid-generic 0000:0000:0000.00CC: unknown main item tag 0x0 [ 1378.821771][T18728] hid-generic 0000:0000:0000.00CC: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1378.861220][ T6730] net_ratelimit: 1 callbacks suppressed [ 1378.861237][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1379.180977][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1379.557661][T25315] netlink: 40 bytes leftover after parsing attributes in process `syz.0.24054'. [ 1379.578686][T25315] netlink: 80 bytes leftover after parsing attributes in process `syz.0.24054'. [ 1379.623649][T25315] netlink: 40 bytes leftover after parsing attributes in process `syz.0.24054'. [ 1379.662319][T25315] netlink: 80 bytes leftover after parsing attributes in process `syz.0.24054'. [ 1379.912042][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1380.941309][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1381.262504][ C1] vcan0: j1939_tp_rxtimer: 0xffff88804daa4000: rx timeout, send abort [ 1381.270937][ C1] vcan0: j1939_tp_rxtimer: 0xffff88804daa4c00: rx timeout, send abort [ 1381.279389][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88804daa4000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1381.296330][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88804daa4c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1381.638933][T25388] syzkaller1: entered promiscuous mode [ 1381.646496][T25388] syzkaller1: entered allmulticast mode [ 1381.844743][T25395] veth0_to_hsr: Caught tx_queue_len zero misconfig [ 1381.871218][ T185] usb 3-1: new full-speed USB device number 23 using dummy_hcd [ 1381.995329][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1382.037053][ T185] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 1382.072730][ T185] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64 [ 1382.099882][ T185] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1382.115736][ T185] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1382.129439][T25390] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 1382.137939][T25390] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 1382.197039][ T185] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 1382.220860][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1382.268994][T25403] dummy0: Caught tx_queue_len zero misconfig [ 1382.399461][T18728] usb 3-1: USB disconnect, device number 23 [ 1382.718654][T25410] tipc: Started in network mode [ 1382.737953][T25410] tipc: Node identity 8, cluster identity 4711 [ 1382.751222][T25410] tipc: Node number set to 8 [ 1383.031221][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1383.500847][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1384.079885][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1384.435607][T25444] netlink: 8 bytes leftover after parsing attributes in process `syz.4.24102'. [ 1384.487029][T25444] netlink: 'syz.4.24102': attribute type 5 has an invalid length. [ 1384.508344][T25444] netlink: 28 bytes leftover after parsing attributes in process `syz.4.24102'. [ 1384.522220][T25453] netlink: 'syz.5.24105': attribute type 3 has an invalid length. [ 1384.530169][T25453] netlink: 'syz.5.24105': attribute type 1 has an invalid length. [ 1384.538867][T25453] netlink: 100 bytes leftover after parsing attributes in process `syz.5.24105'. [ 1384.541571][T25444] geneve0: entered promiscuous mode [ 1384.567467][T25444] geneve0: entered allmulticast mode [ 1385.101076][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1385.271086][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1385.279490][ T185] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 1385.441085][ T185] usb 6-1: Using ep0 maxpacket: 8 [ 1385.448680][ T185] usb 6-1: config 0 has an invalid interface number: 31 but max is 0 [ 1385.467840][ T185] usb 6-1: config 0 has no interface number 0 [ 1385.487313][ T185] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 1385.506746][ T185] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1385.526966][ T185] usb 6-1: Product: syz [ 1385.531894][ T185] usb 6-1: Manufacturer: syz [ 1385.536539][ T185] usb 6-1: SerialNumber: syz [ 1385.561731][ T185] usb 6-1: config 0 descriptor?? [ 1385.731107][T25496] sctp: [Deprecated]: syz.6.24124 (pid 25496) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1385.731107][T25496] Use struct sctp_sack_info instead [ 1385.773304][ T185] uvcvideo 6-1:0.31: probe with driver uvcvideo failed with error -22 [ 1385.794634][ T185] usb 6-1: USB disconnect, device number 14 [ 1385.901233][ T6742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1386.140782][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1386.710665][ T6742] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 1386.870752][ T6742] usb 6-1: Using ep0 maxpacket: 8 [ 1386.893584][T25534] netlink: 36 bytes leftover after parsing attributes in process `syz.6.24141'. [ 1386.905272][ T6742] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 1386.927072][ T6742] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1386.948838][ T6742] usb 6-1: Product: syz [ 1386.960693][ T6742] usb 6-1: Manufacturer: syz [ 1386.965326][ T6742] usb 6-1: SerialNumber: syz [ 1386.983064][ T6742] usb 6-1: config 0 descriptor?? [ 1387.001717][ T6742] gspca_main: se401-2.14.0 probing 047d:5003 [ 1387.194429][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1387.427986][ T6742] gspca_se401: ExtraFeatures: 79 [ 1387.441224][ T6742] gspca_se401: Frame size: 0x0 1/16th janggu [ 1387.634505][ T6742] input: se401 as /devices/platform/dummy_hcd.5/usb6/6-1/input/input237 [ 1387.688223][ T6742] usb 6-1: USB disconnect, device number 15 [ 1388.220901][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1388.300988][ T6742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1388.957328][ T3443] tipc: Subscription rejected, illegal request [ 1389.261908][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1389.950719][ T6731] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 1389.996523][T25608] netlink: 64 bytes leftover after parsing attributes in process `syz.6.24172'. [ 1390.111772][ T6731] usb 3-1: Using ep0 maxpacket: 32 [ 1390.149217][T25615] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1390.222608][ T6731] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 1390.244804][ T6731] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1390.277363][ T6731] usb 3-1: config 0 descriptor?? [ 1390.311564][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1390.516109][T25626] syzkaller1: entered promiscuous mode [ 1390.524332][T25626] syzkaller1: entered allmulticast mode [ 1390.570783][ T6731] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 1390.601775][ T6731] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1390.630865][ T6731] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 1390.658877][ T6731] usb 3-1: media controller created [ 1390.721598][ T6731] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1390.866873][ T6731] az6027: usb out operation failed. (-71) [ 1390.876016][ T6731] az6027: usb out operation failed. (-71) [ 1390.930976][ T6731] stb0899_attach: Driver disabled by Kconfig [ 1390.936996][ T6731] az6027: no front-end attached [ 1390.936996][ T6731] [ 1390.970945][ T6731] az6027: usb out operation failed. (-71) [ 1390.976701][ T6731] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 1390.992925][ T6731] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input238 [ 1391.023423][ T6731] dvb-usb: schedule remote query interval to 400 msecs. [ 1391.030401][ T6731] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 1391.055956][ T6731] usb 3-1: USB disconnect, device number 24 [ 1391.180726][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1391.191667][ T6731] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 1391.344620][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1391.353450][ T6742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1392.161031][ T6742] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 1392.220775][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1392.314457][ T6742] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1392.323375][ T6742] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1392.334572][ T6742] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1392.346559][ T6742] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1392.361301][ T6742] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1392.394795][ T6742] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1392.405050][ T6742] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1392.413302][ T6742] usb 3-1: Product: syz [ 1392.417467][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1392.426506][ T6742] usb 3-1: Manufacturer: syz [ 1392.450311][ T6742] cdc_wdm 3-1:1.0: skipping garbage [ 1392.461183][ T6742] cdc_wdm 3-1:1.0: skipping garbage [ 1392.468920][ T6742] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 1392.476835][ T6742] cdc_wdm 3-1:1.0: Unknown control protocol [ 1392.795184][T25644] netlink: 4 bytes leftover after parsing attributes in process `syz.4.24189'. [ 1393.421869][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1393.441132][ T6730] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 1393.481661][ T6742] usb 3-1: USB disconnect, device number 25 [ 1393.577868][T25664] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1393.600686][ T6730] usb 6-1: Using ep0 maxpacket: 16 [ 1393.608134][ T6730] usb 6-1: New USB device found, idVendor=05ac, idProduct=0241, bcdDevice= 0.00 [ 1393.617998][ T6730] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1393.629772][ T6730] usb 6-1: config 0 descriptor?? [ 1393.643845][ T6730] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input239 [ 1393.897811][ T5191] bcm5974 6-1:0.0: could not read from device [ 1393.909230][ T5191] bcm5974 6-1:0.0: could not read from device [ 1393.921953][ T6730] usb 6-1: USB disconnect, device number 16 [ 1393.929930][ T5191] bcm5974 6-1:0.0: could not read from device [ 1393.938525][ T5191] bcm5974 6-1:0.0: could not read from device [ 1394.390276][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1394.461102][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1394.620834][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1395.501860][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1395.510003][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1395.660783][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1395.962826][T25728] netlink: 4 bytes leftover after parsing attributes in process `syz.6.24225'. [ 1396.053582][T25731] delete_channel: no stack [ 1396.123409][T25734] netlink: 4 bytes leftover after parsing attributes in process `syz.6.24229'. [ 1396.446682][T25744] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1396.500772][ T185] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 1396.542425][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1396.661702][ T185] usb 6-1: Using ep0 maxpacket: 16 [ 1396.675289][ T185] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1396.691449][ T185] usb 6-1: New USB device found, idVendor=0dfc, idProduct=0101, bcdDevice= 0.00 [ 1396.702427][ T185] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1396.717326][ T185] usb 6-1: config 0 descriptor?? [ 1396.840764][ T6731] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 1396.993641][ T6731] usb 3-1: Using ep0 maxpacket: 16 [ 1397.000503][ T6731] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1397.011739][ T6731] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1397.021850][ T6731] usb 3-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28 [ 1397.035064][ T6731] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1397.041781][ T6731] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 1397.052556][ T6731] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1397.063299][ T6731] usb 3-1: config 0 descriptor?? [ 1397.149893][ T185] hid-generic 0003:0DFC:0101.00CD: unknown main item tag 0x0 [ 1397.157634][ T185] hid-generic 0003:0DFC:0101.00CD: unknown main item tag 0x0 [ 1397.165170][ T185] hid-generic 0003:0DFC:0101.00CD: unknown main item tag 0x0 [ 1397.173232][ T185] hid-generic 0003:0DFC:0101.00CD: unknown main item tag 0x0 [ 1397.181280][ T185] hid-generic 0003:0DFC:0101.00CD: unknown main item tag 0x0 [ 1397.188691][ T185] hid-generic 0003:0DFC:0101.00CD: unknown main item tag 0x0 [ 1397.196380][ T185] hid-generic 0003:0DFC:0101.00CD: unknown main item tag 0x0 [ 1397.204154][ T185] hid-generic 0003:0DFC:0101.00CD: unknown main item tag 0x0 [ 1397.212024][ T185] hid-generic 0003:0DFC:0101.00CD: unknown main item tag 0x0 [ 1397.219594][ T185] hid-generic 0003:0DFC:0101.00CD: unknown main item tag 0x0 [ 1397.243569][ T185] hid-generic 0003:0DFC:0101.00CD: hidraw0: USB HID v0.00 Device [HID 0dfc:0101] on usb-dummy_hcd.5-1/input0 [ 1397.338807][ T185] usb 6-1: USB disconnect, device number 17 [ 1397.421917][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1397.432626][ T6742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1397.709346][ T6730] usb 3-1: USB disconnect, device number 26 [ 1398.617650][T25799] netlink: 16 bytes leftover after parsing attributes in process `syz.5.24256'. [ 1399.050760][T25811] netlink: 'syz.2.24262': attribute type 1 has an invalid length. [ 1399.401022][ T6742] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 1399.500773][ C1] net_ratelimit: 3 callbacks suppressed [ 1399.500794][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1399.561295][ T6742] usb 3-1: Using ep0 maxpacket: 16 [ 1399.577496][ T6742] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1399.603348][ T6742] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1399.621050][ T6742] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1399.627915][ T6742] usb 3-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 1399.638369][ T6742] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1399.659104][ T6742] usb 3-1: config 0 descriptor?? [ 1399.680277][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1400.075651][T25819] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1400.084823][T25819] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1400.095081][ T6742] hid (null): global environment stack underflow [ 1400.115429][ T6742] cougar 0003:060B:500A.00CF: global environment stack underflow [ 1400.123951][ T6742] cougar 0003:060B:500A.00CF: item 0 4 1 11 parsing failed [ 1400.132579][ T6742] cougar 0003:060B:500A.00CF: parse failed [ 1400.138459][ T6742] cougar 0003:060B:500A.00CF: probe with driver cougar failed with error -22 [ 1400.306146][ T6742] usb 3-1: USB disconnect, device number 27 [ 1400.461236][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1400.701516][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1401.744040][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1402.783588][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1402.961088][T25907] gretap0: entered promiscuous mode [ 1403.185695][T25920] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1403.194765][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1403.431344][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 1403.431361][ T30] audit: type=1326 audit(1764795914.855:15516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25927 comm="syz.6.24307" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6dce38f749 code=0x0 [ 1403.501371][ T6742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1403.740705][ T6731] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 1403.821528][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1403.910669][ T6731] usb 6-1: Using ep0 maxpacket: 16 [ 1403.918295][ T6731] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30 [ 1403.940784][ T6731] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1403.958845][ T6731] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1403.990772][ T6731] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129 [ 1404.005664][ T6731] usb 6-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 1404.021910][ T6731] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1404.033919][ T6731] usb 6-1: config 0 descriptor?? [ 1404.074753][T25942] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1404.151368][ T6742] usb 3-1: new full-speed USB device number 28 using dummy_hcd [ 1404.313349][ T6742] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1404.324926][ T6742] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1404.339763][ T6742] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1404.364335][ T6742] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1404.482480][ T6731] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.00D0/input/input240 [ 1404.578041][ T6731] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.00D0/input/input241 [ 1404.638628][ T6731] kye 0003:0458:5013.00D0: input,hiddev0,hidraw0: USB HID vff.fa Device [HID 0458:5013] on usb-dummy_hcd.5-1/input0 [ 1404.689963][ T6742] usb 3-1: GET_CAPABILITIES returned 0 [ 1404.696716][ T6731] usb 6-1: USB disconnect, device number 18 [ 1404.702600][ T6742] usbtmc 3-1:16.0: can't read capabilities [ 1404.812824][T25958] fido_id[25958]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 1404.862181][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1404.906354][ T6730] usb 3-1: USB disconnect, device number 28 [ 1405.101919][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1405.131302][T25964] netlink: 9 bytes leftover after parsing attributes in process `syz.6.24322'. [ 1405.149422][T25964] netlink: 9 bytes leftover after parsing attributes in process `syz.6.24322'. [ 1405.207508][T25966] netlink: 'syz.4.24323': attribute type 13 has an invalid length. [ 1405.272536][T25966] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2 [ 1405.304886][T25966] gretap2: default qdisc (pfifo_fast) fail, fallback to noqueue [ 1405.318186][T25966] gretap2: entered promiscuous mode [ 1405.332961][T25966] gretap2: entered allmulticast mode [ 1405.901338][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1406.060861][ T6730] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 1406.233741][ T6730] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1406.263772][ T6730] usb 3-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 1406.283862][ T6730] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1406.323637][ T6730] usb 3-1: config 0 descriptor?? [ 1406.544865][ T6742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1406.769762][T26015] netlink: 8 bytes leftover after parsing attributes in process `syz.6.24345'. [ 1406.942972][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1406.976469][T26023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1407.051160][T26025] netlink: 12 bytes leftover after parsing attributes in process `syz.6.24350'. [ 1407.391449][ T6731] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 1407.469402][ T6730] video4linux radio48: keene_cmd_set failed (-71) [ 1407.482718][ T6730] radio-keene 3-1:0.0: V4L2 device registered as radio48 [ 1407.511368][ T6730] usb 3-1: USB disconnect, device number 29 [ 1407.569489][ T6731] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1407.592495][ T6731] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1407.604725][ T6731] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1407.624612][ T6731] usb 6-1: config 0 descriptor?? [ 1407.637293][ T6731] pwc: Askey VC010 type 2 USB webcam detected. [ 1407.991495][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1408.246332][ T6731] pwc: recv_control_msg error -71 req 02 val 2700 [ 1408.254145][ T6731] pwc: recv_control_msg error -71 req 02 val 2c00 [ 1408.263687][ T6731] pwc: recv_control_msg error -71 req 04 val 1000 [ 1408.270848][ T6731] pwc: recv_control_msg error -71 req 04 val 1300 [ 1408.277850][ T6731] pwc: recv_control_msg error -71 req 04 val 1400 [ 1408.285112][ T6731] pwc: recv_control_msg error -71 req 02 val 2000 [ 1408.292302][ T6731] pwc: recv_control_msg error -71 req 02 val 2100 [ 1408.299267][ T6731] pwc: recv_control_msg error -71 req 04 val 1500 [ 1408.307342][ T6731] pwc: recv_control_msg error -71 req 02 val 2500 [ 1408.314600][ T6731] pwc: recv_control_msg error -71 req 02 val 2400 [ 1408.321931][ T6731] pwc: recv_control_msg error -71 req 02 val 2600 [ 1408.329019][ T6731] pwc: recv_control_msg error -71 req 02 val 2900 [ 1408.341518][ T6731] pwc: recv_control_msg error -71 req 02 val 2800 [ 1408.351171][ T6731] pwc: recv_control_msg error -71 req 04 val 1100 [ 1408.358072][ T6731] pwc: recv_control_msg error -71 req 04 val 1200 [ 1408.378796][ T6731] pwc: Registered as video103. [ 1408.390131][ T6731] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input242 [ 1408.407133][ T6731] usb 6-1: USB disconnect, device number 19 [ 1409.034705][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1409.583741][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1410.039013][T26105] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.24381'. [ 1410.062719][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1410.162707][T26109] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1410.284662][T26113] dlm: non-version read from control device 4 [ 1410.938615][T26139] netlink: 16 bytes leftover after parsing attributes in process `syz.6.24397'. [ 1411.111107][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1411.902805][T26167] dummy0: entered promiscuous mode [ 1411.909685][T26167] bond0: entered promiscuous mode [ 1411.915235][T26167] bond_slave_0: entered promiscuous mode [ 1411.921653][T26167] bond_slave_1: entered promiscuous mode [ 1411.930171][T26167] debugfs: 'hsr1' already exists in 'hsr' [ 1411.936506][T26167] Cannot create hsr debugfs directory [ 1411.942640][T26167] hsr1: entered allmulticast mode [ 1411.947923][T26167] dummy0: entered allmulticast mode [ 1411.954510][T26167] bond0: entered allmulticast mode [ 1411.970671][T26167] bond_slave_0: entered allmulticast mode [ 1411.985409][T26167] bond_slave_1: entered allmulticast mode [ 1412.142276][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1412.624007][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1412.748151][T26186] input: syz1 as /devices/virtual/input/input243 [ 1413.182942][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1413.231702][T26218] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1413.461522][ T30] audit: type=1326 audit(1764795924.885:15517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26224 comm="syz.5.24435" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb75d8f749 code=0x0 [ 1413.912604][T26243] netlink: 'syz.2.24442': attribute type 29 has an invalid length. [ 1413.924009][T26243] netlink: 'syz.2.24442': attribute type 29 has an invalid length. [ 1413.935883][T26243] netlink: 148 bytes leftover after parsing attributes in process `syz.2.24442'. [ 1414.126856][T26249] netlink: 20 bytes leftover after parsing attributes in process `syz.4.24446'. [ 1414.221002][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1414.670723][T22946] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 1414.703631][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1414.820700][T22946] usb 6-1: Using ep0 maxpacket: 8 [ 1414.831258][T22946] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 1414.839279][T22946] usb 6-1: config 0 has no interface number 0 [ 1414.861902][T22946] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1414.874778][T22946] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1414.883952][T22946] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1414.896533][T22946] usb 6-1: config 0 descriptor?? [ 1414.940373][T22946] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 1415.141988][T22946] usb 6-1: USB disconnect, device number 20 [ 1415.262470][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1415.360669][ T5967] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 1415.513042][ T5967] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1415.523715][ T5967] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1415.537385][ T5967] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1415.546641][ T5967] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1415.555075][ T5967] usb 3-1: Product: syz [ 1415.559258][ T5967] usb 3-1: Manufacturer: syz [ 1415.563932][ T5967] usb 3-1: SerialNumber: syz [ 1415.661231][ T6742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1415.740156][T26294] loop4: detected capacity change from 0 to 7 [ 1415.749196][T26294] Dev loop4: unable to read RDB block 7 [ 1415.755712][T26294] loop4: unable to read partition table [ 1415.762038][T26294] loop4: partition table beyond EOD, truncated [ 1415.770840][T26294] loop_reread_partitions: partition scan of loop4 (被x ) failed (rc=-5) [ 1416.305918][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1416.685026][ T5967] cdc_ncm 3-1:1.0: bind() failure [ 1416.711699][ T5967] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 1416.730687][ T5967] cdc_ncm 3-1:1.1: bind() failure [ 1416.759128][ T5967] usb 3-1: USB disconnect, device number 30 [ 1416.932031][T26329] batadv_slave_1: entered promiscuous mode [ 1416.939299][T26327] batadv_slave_1: left promiscuous mode [ 1417.108797][T26335] input: syz0 as /devices/virtual/input/input244 [ 1417.127509][T26335] input: failed to attach handler leds to device input244, error: -6 [ 1417.341027][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1417.905647][ T6742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1418.382903][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1418.703419][ T6742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1419.032032][T26389] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1419.061284][T26389] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1419.072632][T26389] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1419.632349][T26400] PID 26400 killed due to inadequate hugepage pool [ 1419.962041][T26408] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1419.982955][ T52] Bluetooth: hci3: command 0x0406 tx timeout [ 1420.561901][T22946] net_ratelimit: 4 callbacks suppressed [ 1420.561922][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1421.228876][T26439] netlink: 7 bytes leftover after parsing attributes in process `syz.5.24528'. [ 1421.268562][T26439] netlink: 7 bytes leftover after parsing attributes in process `syz.5.24528'. [ 1421.587809][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1421.601054][T26449] input: syz0 as /devices/virtual/input/input245 [ 1421.741000][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1421.885507][T26456] tmpfs: Unknown parameter 'smax' [ 1422.036427][T26461] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1422.099986][T26463] syzkaller1: entered promiscuous mode [ 1422.106018][T26463] syzkaller1: entered allmulticast mode [ 1422.637127][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1423.153705][T26501] netlink: 8 bytes leftover after parsing attributes in process `syz.5.24554'. [ 1423.243432][T26505] input: syz0 as /devices/virtual/input/input246 [ 1423.667195][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1424.449398][T26542] netlink: 56 bytes leftover after parsing attributes in process `syz.2.24569'. [ 1424.460071][T26542] netlink: 4 bytes leftover after parsing attributes in process `syz.2.24569'. [ 1424.706610][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1424.782104][ T6742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1425.452105][T26579] input: syz0 as /devices/virtual/input/input247 [ 1425.611052][ T5967] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 1425.746958][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1425.770777][ T5967] usb 6-1: Using ep0 maxpacket: 32 [ 1425.777921][ T5967] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 1425.787303][ T5967] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1425.807810][ T5967] usb 6-1: config 0 descriptor?? [ 1426.039293][ T5967] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 1426.071456][ T5967] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1426.098315][ T5967] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 1426.116869][ T5967] usb 6-1: media controller created [ 1426.151768][ T5967] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1426.246133][ T5967] az6027: usb out operation failed. (-71) [ 1426.267794][ T5967] az6027: usb out operation failed. (-71) [ 1426.280582][ T5967] stb0899_attach: Driver disabled by Kconfig [ 1426.286602][ T5967] az6027: no front-end attached [ 1426.286602][ T5967] [ 1426.318679][ T5967] az6027: usb out operation failed. (-71) [ 1426.332821][ T5967] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 1426.359556][ T5967] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input248 [ 1426.405773][ T5967] dvb-usb: schedule remote query interval to 400 msecs. [ 1426.413170][ T5967] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 1426.424788][ T5967] usb 6-1: USB disconnect, device number 21 [ 1426.494016][ T5967] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 1426.613054][T26594] input: syz1 as /devices/virtual/input/input249 [ 1426.788727][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1427.285142][ T30] audit: type=1326 audit(1764795938.705:15518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26588 comm="syz.2.24591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7fc00000 [ 1427.504872][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1427.821708][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1427.831735][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1427.935983][T26637] syzkaller1: entered promiscuous mode [ 1427.941870][T26637] syzkaller1: entered allmulticast mode [ 1428.044612][T26639] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1428.147848][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 1428.154463][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 1428.714270][T26651] netlink: 4 bytes leftover after parsing attributes in process `syz.0.24619'. [ 1428.847065][T26657] vxcan1: tx drop: invalid sa for name 0x0000000000000003 [ 1428.881574][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1428.946474][T26663] batadv_slave_0: entered promiscuous mode [ 1428.957360][T26662] batadv_slave_0: left promiscuous mode [ 1429.100828][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1429.375852][T26686] netlink: 24 bytes leftover after parsing attributes in process `syz.6.24634'. [ 1429.421353][ T6731] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 1429.570843][ T6731] usb 6-1: Using ep0 maxpacket: 8 [ 1429.582711][ T6731] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 1429.596125][ T6731] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 1429.611255][ T6731] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1429.627130][ T6731] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1429.641772][ T6731] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1429.670897][ T6731] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1429.889267][ T6731] usb 6-1: usb_control_msg returned -32 [ 1429.896832][ T6731] usbtmc 6-1:16.0: can't read capabilities [ 1429.907898][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1430.140895][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1430.677136][T26720] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1430.865055][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1430.873834][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1430.949946][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1431.047108][T26733] loop5: detected capacity change from 0 to 7 [ 1431.056485][ C1] blk_print_req_error: 10 callbacks suppressed [ 1431.056508][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1431.071906][ C1] buffer_io_error: 10 callbacks suppressed [ 1431.071924][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1431.086087][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1431.095353][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 1431.103473][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1431.112703][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1431.126621][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1431.135836][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1431.144268][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1431.153483][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1431.164435][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1431.173743][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1431.182368][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1431.191563][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1431.199749][T26733] ldm_validate_partition_table(): Disk read failed. [ 1431.207305][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1431.216535][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 1431.224777][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1431.234033][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1431.242101][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1431.251346][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 1431.259446][T26733] Dev loop5: unable to read RDB block 0 [ 1431.284283][T26733] loop5: unable to read partition table [ 1431.291114][T26733] loop5: partition table beyond EOD, truncated [ 1431.335233][T26733] loop_reread_partitions: partition scan of loop5 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 1431.374642][ T5206] ldm_validate_partition_table(): Disk read failed. [ 1431.382609][ T5206] Dev loop5: unable to read RDB block 0 [ 1431.392643][ T5206] loop5: unable to read partition table [ 1431.398538][ T5206] loop5: partition table beyond EOD, truncated [ 1431.990477][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1432.215079][ T6730] usb 6-1: USB disconnect, device number 22 [ 1432.298351][T26768] netlink: 4 bytes leftover after parsing attributes in process `syz.5.24670'. [ 1432.309244][T26768] chnl_net:caif_netlink_parms(): no params data found [ 1432.380944][T22946] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 1432.550931][T22946] usb 3-1: Using ep0 maxpacket: 16 [ 1432.560415][T22946] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1432.580461][T22946] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1432.595888][T22946] usb 3-1: Product: syz [ 1432.600091][T22946] usb 3-1: Manufacturer: syz [ 1432.605337][T22946] usb 3-1: SerialNumber: syz [ 1432.619932][T22946] r8152-cfgselector 3-1: Unknown version 0x0000 [ 1432.627403][T22946] r8152-cfgselector 3-1: config 0 descriptor?? [ 1432.848595][T22946] r8152-cfgselector 3-1: Needed 2 retries to read version [ 1432.856171][T22946] r8152-cfgselector 3-1: Unknown version 0x0000 [ 1432.871212][T22946] r8152-cfgselector 3-1: bad CDC descriptors [ 1432.877118][T26781] netlink: 24 bytes leftover after parsing attributes in process `syz.0.24675'. [ 1433.014205][T26787] netlink: 'syz.6.24678': attribute type 6 has an invalid length. [ 1433.023391][T26787] netlink: 8 bytes leftover after parsing attributes in process `syz.6.24678'. [ 1433.042801][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1433.094991][ T185] r8152-cfgselector 3-1: USB disconnect, device number 31 [ 1433.214655][T26795] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1433.280989][ T5967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1433.289353][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1433.666955][T26793] bridge0: entered promiscuous mode [ 1434.076083][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1434.223552][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1435.870028][T26870] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1435.880937][ T5967] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 1436.050662][ T5967] usb 6-1: Using ep0 maxpacket: 8 [ 1436.072340][ T5967] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 1436.110621][ T5967] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1436.133402][ T5967] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1436.157653][T22946] net_ratelimit: 2 callbacks suppressed [ 1436.157670][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1436.160711][ T5967] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1436.200600][ T5967] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1436.224347][ T5967] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1436.250168][ T5967] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1436.301976][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1436.310289][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1436.485305][ T5967] usb 6-1: usb_control_msg returned -32 [ 1436.491271][ T5967] usbtmc 6-1:16.0: can't read capabilities [ 1436.847551][T26904] usbtmc 6-1:16.0: INDICATOR_PULSE returned 0 [ 1437.058715][ T5967] usb 6-1: USB disconnect, device number 23 [ 1437.109957][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1437.118495][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1437.184849][ T6280] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1437.750761][ T185] usb 3-1: new full-speed USB device number 32 using dummy_hcd [ 1437.902501][ T185] usb 3-1: config 7 has an invalid interface number: 101 but max is 0 [ 1437.911926][ T185] usb 3-1: config 7 has no interface number 0 [ 1437.920049][ T185] usb 3-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice= 6.6b [ 1437.929762][ T185] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1437.938225][ T185] usb 3-1: Product: syz [ 1437.942853][ T185] usb 3-1: Manufacturer: syz [ 1437.947461][ T185] usb 3-1: SerialNumber: syz [ 1438.110801][ T5967] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 1438.238500][ T6280] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1438.272795][ T5967] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1438.284038][ T5967] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1438.295507][ T5967] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1438.305461][ T5967] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1438.315811][ T5967] usb 6-1: SerialNumber: syz [ 1438.385162][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1438.393813][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1438.546418][ T5967] usb 6-1: 0:2 : does not exist [ 1438.568617][ T5967] usb 6-1: USB disconnect, device number 24 [ 1438.616263][T31246] udevd[31246]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1438.723665][ T185] as10x_usb: device has been detected [ 1438.730054][ T185] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe) [ 1438.755475][ T185] usb 3-1: DVB: registering adapter 2 frontend 0 (Elgato EyeTV DTT Deluxe)... [ 1438.972662][ T185] as10x_usb: error during firmware upload part1 [ 1438.983094][ T185] Registered device Elgato EyeTV DTT Deluxe [ 1438.987432][ T185] usb 3-1: USB disconnect, device number 32 [ 1439.030228][ T185] Unregistered device Elgato EyeTV DTT Deluxe [ 1439.039471][ T185] as10x_usb: device has been disconnected [ 1439.269641][ T6280] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1439.888642][ T30] audit: type=1326 audit(1764795951.305:15519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26957 comm="syz.5.24748" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feb75d8f749 code=0x0 [ 1440.859668][T26997] input: syz0 as /devices/virtual/input/input250 [ 1441.261438][T27017] trusted_key: syz.0.24772 sent an empty control message without MSG_MORE. [ 1441.346274][ T6280] net_ratelimit: 3 callbacks suppressed [ 1441.346294][ T6280] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1441.393407][T27021] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1442.231011][ T2247] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1442.380924][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1442.389364][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1442.407249][T22946] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1442.470875][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1443.237601][T27073] netlink: 4 bytes leftover after parsing attributes in process `syz.4.24796'. [ 1443.426426][ T6280] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1443.501010][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1443.501169][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1444.900678][ T6280] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 1445.063276][ T6280] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1445.090190][ T6280] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1445.120104][ T6280] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1445.167456][ T6280] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1445.191912][ T6280] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 1445.210778][ T6280] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 1445.218899][ T6280] usb 6-1: Manufacturer: syz [ 1445.244920][ T6280] usb 6-1: config 0 descriptor?? [ 1445.297124][T27123] syzkaller1: entered promiscuous mode [ 1445.303114][T27123] syzkaller1: entered allmulticast mode [ 1445.665905][ T6280] hid_parser_main: 1281 callbacks suppressed [ 1445.665930][ T6280] appleir 0003:05AC:8243.00D1: unknown main item tag 0x0 [ 1445.698087][T27129] netlink: 40 bytes leftover after parsing attributes in process `syz.6.24818'. [ 1445.710321][ T6280] appleir 0003:05AC:8243.00D1: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0 [ 1445.722731][T27129] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1445.729986][T27129] IPv6: NLM_F_CREATE should be set when creating new route [ 1445.737300][T27129] IPv6: NLM_F_CREATE should be set when creating new route [ 1445.944551][ T6730] usb 6-1: USB disconnect, device number 25 [ 1446.549494][ T6280] net_ratelimit: 4 callbacks suppressed [ 1446.549513][ T6280] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1447.385854][T27176] netlink: 40 bytes leftover after parsing attributes in process `syz.6.24839'. [ 1447.401500][T27176] netlink: 40 bytes leftover after parsing attributes in process `syz.6.24839'. [ 1447.417419][T27176] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 1447.595209][ T6280] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1447.647923][T27184] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1447.983587][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1447.991739][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1448.000090][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1448.453617][ T6711] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 1448.470012][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1448.478445][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1448.627729][ T6280] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1448.667996][ T6711] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1448.686236][ T6711] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1448.696746][ T6711] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1448.712227][ T6711] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1448.724168][ T6711] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1448.736448][ T6711] usb 3-1: config 0 descriptor?? [ 1449.283468][ T4164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1449.482681][ T6711] plantronics 0003:047F:FFFF.00D2: reserved main item tag 0xd [ 1449.542614][ T6711] plantronics 0003:047F:FFFF.00D2: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 1449.789183][T27236] loop9: detected capacity change from 0 to 7 [ 1449.816409][T27236] Dev loop9: unable to read RDB block 7 [ 1449.832655][T27236] loop9: AHDI p1 p2 [ 1449.845121][T27236] loop9: partition table partially beyond EOD, truncated [ 1449.864626][T27236] loop9: p1 size 4227858431 extends beyond EOD, truncated [ 1449.994377][T30297] udevd[30297]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 1451.000716][ T185] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 1451.200711][ T185] usb 6-1: Using ep0 maxpacket: 8 [ 1451.213030][ T185] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1451.270471][ T185] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1451.285982][ T6711] usb 3-1: USB disconnect, device number 33 [ 1451.311700][ T185] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024 [ 1451.370688][ T185] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1451.389724][ T185] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1451.434017][ T185] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1451.461087][ T185] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1451.708013][ T185] usb 6-1: GET_CAPABILITIES returned 0 [ 1451.713819][ T185] usbtmc 6-1:16.0: can't read capabilities [ 1451.746548][ T6280] net_ratelimit: 3 callbacks suppressed [ 1451.746560][ T6280] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1451.912062][T27274] input: syz1 as /devices/virtual/input/input252 [ 1451.944611][ T6280] usb 6-1: USB disconnect, device number 26 [ 1452.301320][ T5984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1452.309620][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1452.332332][T27283] netlink: 'syz.0.24885': attribute type 12 has an invalid length. [ 1452.440813][ T30] audit: type=1326 audit(1764795963.855:15520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27282 comm="syz.2.24882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1452.495935][ T30] audit: type=1326 audit(1764795963.915:15521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27282 comm="syz.2.24882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1452.680711][ T30] audit: type=1326 audit(1764795964.085:15522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27282 comm="syz.2.24882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1452.715198][ T30] audit: type=1326 audit(1764795964.085:15523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27282 comm="syz.2.24882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1452.752352][ T30] audit: type=1326 audit(1764795964.085:15524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27282 comm="syz.2.24882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1452.779524][ T30] audit: type=1326 audit(1764795964.095:15525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27282 comm="syz.2.24882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1452.810007][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1452.819216][ T30] audit: type=1326 audit(1764795964.135:15526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27282 comm="syz.2.24882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1452.843207][ T30] audit: type=1326 audit(1764795964.135:15527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27282 comm="syz.2.24882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1452.880734][ T6280] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 1452.897428][ T30] audit: type=1326 audit(1764795964.135:15528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27282 comm="syz.2.24882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1452.930593][ T30] audit: type=1326 audit(1764795964.135:15529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27282 comm="syz.2.24882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1453.045822][ T6280] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1453.066427][ T6280] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1453.078054][ T6280] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1453.088885][ T6280] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1453.106302][ T6280] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 1453.120117][ T6280] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 1453.128643][ T6280] usb 6-1: Manufacturer: syz [ 1453.146504][ T6280] usb 6-1: config 0 descriptor?? [ 1453.231546][T27308] input: syz1 as /devices/virtual/input/input253 [ 1453.458502][T27315] : renamed from wg2 [ 1453.578264][ T6280] appleir 0003:05AC:8243.00D3: unknown main item tag 0x0 [ 1453.592743][ T6280] appleir 0003:05AC:8243.00D3: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0 [ 1453.745774][T26088] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1453.762876][ T4164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1453.771855][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1453.837594][ T6280] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1453.890179][ T5984] usb 6-1: USB disconnect, device number 27 [ 1454.866369][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1455.025297][ T2247] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1456.946458][ T6730] net_ratelimit: 2 callbacks suppressed [ 1456.946478][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1457.749009][T27397] netlink: 4 bytes leftover after parsing attributes in process `syz.0.24934'. [ 1457.815391][T27397] team0: Port device C removed [ 1457.988134][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1458.071543][ T185] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1458.079835][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1458.789968][T27418] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1458.806140][T27418] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1458.815867][T27418] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1458.827644][T27418] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1458.836446][T27418] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1458.849377][T27418] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1458.988147][T27429] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1459.210665][ T185] usb 6-1: new full-speed USB device number 28 using dummy_hcd [ 1459.322166][T27443] loop5: detected capacity change from 0 to 3191 [ 1459.352929][T30297] buffer_io_error: 30 callbacks suppressed [ 1459.352944][T30297] Buffer I/O error on dev loop5, logical block 398, async page read [ 1459.387235][ T185] usb 6-1: config 0 has no interfaces? [ 1459.399786][T30297] Buffer I/O error on dev loop5, logical block 398, async page read [ 1459.408263][ T185] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1459.417522][ T185] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1459.442994][ T185] usb 6-1: config 0 descriptor?? [ 1459.885625][T27426] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1459.912176][T27426] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1459.945068][ T6280] usb 6-1: USB disconnect, device number 28 [ 1460.435305][T27481] bond0: Caught tx_queue_len zero misconfig [ 1460.567060][T30297] Buffer I/O error on dev loop5, logical block 398, async page read [ 1460.722834][T31246] Buffer I/O error on dev loop5, logical block 398, async page read [ 1460.846348][T30297] Buffer I/O error on dev loop5, logical block 398, async page read [ 1462.147814][ T6730] net_ratelimit: 10 callbacks suppressed [ 1462.147835][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1462.208440][T27557] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1462.217851][T27557] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1462.227386][T27557] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1462.238163][T27556] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1462.250605][T27556] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1462.301775][T27561] netlink: 12 bytes leftover after parsing attributes in process `syz.6.25007'. [ 1462.540841][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1463.181417][ T5984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1463.189562][ T5984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1463.197961][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1463.744404][ T30] audit: type=1326 audit(1764795975.165:15530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27597 comm="syz.5.25022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb75d8f749 code=0x7fc00000 [ 1464.088460][T27616] ip6tnl6: entered promiscuous mode [ 1464.093993][T27616] ip6tnl6: entered allmulticast mode [ 1464.369961][ T30] audit: type=1326 audit(1764795975.785:15531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27597 comm="syz.5.25022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feb75d2b829 code=0x7fc00000 [ 1465.446941][T27667] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.25048'. [ 1465.940077][T27687] netlink: 12 bytes leftover after parsing attributes in process `syz.4.25059'. [ 1466.125416][T27682] bridge0: port 2(bridge_slave_1) entered disabled state [ 1466.133547][T27682] bridge0: port 1(bridge_slave_0) entered disabled state [ 1466.375860][T27682] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1466.390738][T27682] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1466.780238][ T4164] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1466.801130][ T4164] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1466.860835][ T4164] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1466.889985][ T4164] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1466.938799][ T30] audit: type=1326 audit(1764795978.355:15532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27711 comm="syz.2.25069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1466.988185][ T30] audit: type=1326 audit(1764795978.355:15533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27711 comm="syz.2.25069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1467.045443][ T30] audit: type=1326 audit(1764795978.365:15534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27711 comm="syz.2.25069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1467.109789][ T30] audit: type=1326 audit(1764795978.465:15535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27711 comm="syz.2.25069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1467.188001][ T30] audit: type=1326 audit(1764795978.465:15536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27711 comm="syz.2.25069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1467.226861][ T30] audit: type=1326 audit(1764795978.465:15537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27711 comm="syz.2.25069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1467.253399][ T30] audit: type=1326 audit(1764795978.465:15538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27711 comm="syz.2.25069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1467.276005][ C0] vkms_vblank_simulate: vblank timer overrun [ 1467.283615][ T30] audit: type=1326 audit(1764795978.645:15539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27711 comm="syz.2.25069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fefc418f749 code=0x7ffc0000 [ 1467.306220][ C0] vkms_vblank_simulate: vblank timer overrun [ 1467.421022][T18728] net_ratelimit: 12 callbacks suppressed [ 1467.421041][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1467.648354][T27733] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1467.694147][T27733] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1467.756292][T27733] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1467.771573][T27733] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1467.796283][T27733] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1467.816639][T27731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1467.939934][T27745] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1467.949527][T27745] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1467.959006][T27745] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1468.257187][T27752] loop7: detected capacity change from 0 to 7 [ 1468.276807][T30297] Dev loop7: unable to read RDB block 7 [ 1468.283724][T30297] loop7: unable to read partition table [ 1468.289661][T30297] loop7: partition table beyond EOD, truncated [ 1468.319688][T27752] Dev loop7: unable to read RDB block 7 [ 1468.326161][T27752] loop7: unable to read partition table [ 1468.336757][T27752] loop7: partition table beyond EOD, truncated [ 1468.345048][T27752] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 1468.806519][T27777] macvtap1: entered allmulticast mode [ 1468.813476][T27777] veth0_macvtap: entered allmulticast mode [ 1469.310293][T27800] netlink: 'syz.2.25109': attribute type 16 has an invalid length. [ 1469.319904][T27800] netlink: 'syz.2.25109': attribute type 17 has an invalid length. [ 1469.384784][T27800] tipc: Resetting bearer [ 1469.396025][T27800] 8021q: adding VLAN 0 to HW filter on device team0 [ 1469.404632][T27800] !: left promiscuous mode [ 1469.529623][T27803] netlink: 8 bytes leftover after parsing attributes in process `syz.2.25110'. [ 1470.021196][T18728] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 1470.281449][T18728] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1470.302373][T18728] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1470.315551][T18728] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1470.358082][T18728] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1470.383100][T18728] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1470.422071][T18728] usb 3-1: config 0 descriptor?? [ 1470.877149][T27837] syzkaller1: entered promiscuous mode [ 1470.886708][T27837] syzkaller1: entered allmulticast mode [ 1471.087152][T18728] plantronics 0003:047F:FFFF.00D4: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 1471.600605][ T185] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 1471.752531][ T6711] usb 3-1: USB disconnect, device number 34 [ 1471.781800][ T185] usb 6-1: Using ep0 maxpacket: 16 [ 1471.797842][ T185] usb 6-1: config 0 has no interfaces? [ 1471.816280][ T185] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 1471.834329][ T185] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1471.855674][ T185] usb 6-1: config 0 descriptor?? [ 1472.323632][T27844] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1472.343357][T27844] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1472.358349][ T185] usb 6-1: USB disconnect, device number 29 [ 1472.710792][T18728] net_ratelimit: 1036 callbacks suppressed [ 1472.710813][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1473.744562][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1474.165987][T27903] kvm: MWAIT instruction emulated as NOP! [ 1474.701042][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1474.709402][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1474.784932][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1475.027699][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 1475.027720][ T30] audit: type=1326 audit(1764795986.445:15578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27935 comm="syz.6.25164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dce38f749 code=0x7ffc0000 [ 1475.058734][ T30] audit: type=1326 audit(1764795986.445:15579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27935 comm="syz.6.25164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dce38f749 code=0x7ffc0000 [ 1475.101293][ T30] audit: type=1326 audit(1764795986.485:15580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27935 comm="syz.6.25164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f6dce38f749 code=0x7ffc0000 [ 1475.125595][ T30] audit: type=1326 audit(1764795986.485:15581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27935 comm="syz.6.25164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dce38f749 code=0x7ffc0000 [ 1475.148607][ T30] audit: type=1326 audit(1764795986.485:15582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27935 comm="syz.6.25164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f6dce38f749 code=0x7ffc0000 [ 1475.171938][ T30] audit: type=1326 audit(1764795986.485:15583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27935 comm="syz.6.25164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dce38f749 code=0x7ffc0000 [ 1475.194824][ T30] audit: type=1326 audit(1764795986.485:15584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27935 comm="syz.6.25164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dce38f749 code=0x7ffc0000 [ 1475.231550][ T30] audit: type=1326 audit(1764795986.485:15585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27935 comm="syz.6.25164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f6dce38f749 code=0x7ffc0000 [ 1475.261995][ T30] audit: type=1326 audit(1764795986.555:15586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27935 comm="syz.6.25164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dce38f749 code=0x7ffc0000 [ 1475.327476][ T30] audit: type=1326 audit(1764795986.555:15587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27935 comm="syz.6.25164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dce38f749 code=0x7ffc0000 [ 1475.502346][ T132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1475.831190][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1476.118179][T27977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.25179'. [ 1476.141275][ T132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1476.149549][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1476.530358][ T1150] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1477.387355][T28016] netlink: 'syz.6.25196': attribute type 12 has an invalid length. [ 1477.397271][T28016] netlink: 'syz.6.25196': attribute type 29 has an invalid length. [ 1477.407808][T28016] netlink: 148 bytes leftover after parsing attributes in process `syz.6.25196'. [ 1477.911128][ T6730] net_ratelimit: 8 callbacks suppressed [ 1477.911148][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1478.950742][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1479.254142][T28056] netlink: 'syz.2.25213': attribute type 6 has an invalid length. [ 1479.747055][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1479.755880][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1479.996933][T18728] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1480.967047][T28096] delete_channel: no stack [ 1481.021278][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1481.030459][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1481.261001][ T2247] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1481.269207][ T4164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1481.277621][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1483.183280][ T6730] net_ratelimit: 3 callbacks suppressed [ 1483.183301][ T6730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1483.782318][T28170] bridge0: port 2(bridge_slave_1) entered disabled state [ 1483.790339][T28170] bridge0: port 1(bridge_slave_0) entered disabled state [ 1484.144227][T28170] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1484.182920][T28170] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1484.399991][T28170] veth0_macvtap: left allmulticast mode [ 1484.424880][ T177] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1484.515196][ T3457] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1484.547755][T28193] netlink: 16 bytes leftover after parsing attributes in process `syz.6.25264'. [ 1484.549599][ T3457] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1484.569919][T28193] netlink: 16 bytes leftover after parsing attributes in process `syz.6.25264'. [ 1484.599295][ T3457] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1484.989869][ T5984] hid-generic 0000:0000:0000.00D5: unknown main item tag 0x0 [ 1485.010991][ T5984] hid-generic 0000:0000:0000.00D5: unknown main item tag 0x0 [ 1485.067250][ T5984] hid-generic 0000:0000:0000.00D5: unknown main item tag 0x0 [ 1485.091066][ T5984] hid-generic 0000:0000:0000.00D5: unknown main item tag 0x0 [ 1485.098512][ T5984] hid-generic 0000:0000:0000.00D5: unknown main item tag 0x0 [ 1485.135914][ T5984] hid-generic 0000:0000:0000.00D5: unknown main item tag 0x0 [ 1485.146040][ T5984] hid-generic 0000:0000:0000.00D5: unknown main item tag 0x0 [ 1485.171073][ T5984] hid-generic 0000:0000:0000.00D5: unknown main item tag 0x0 [ 1485.178498][ T5984] hid-generic 0000:0000:0000.00D5: unknown main item tag 0x0 [ 1485.227108][ T5984] hid-generic 0000:0000:0000.00D5: unknown main item tag 0x0 [ 1485.243860][ T5984] hid-generic 0000:0000:0000.00D5: hidraw0: HID v0.00 Device [sy] on syz0 [ 1486.130200][T28240] loop6: detected capacity change from 0 to 2560 [ 1486.138022][T28240] Buffer I/O error on dev loop6, logical block 0, async page read [ 1486.146887][T28240] Buffer I/O error on dev loop6, logical block 0, async page read [ 1486.189756][T28240] Buffer I/O error on dev loop6, logical block 0, async page read [ 1486.267590][T28240] Buffer I/O error on dev loop6, logical block 0, async page read [ 1486.301586][T28240] Buffer I/O error on dev loop6, logical block 0, async page read [ 1486.309561][T28240] Buffer I/O error on dev loop6, logical block 0, async page read [ 1486.340796][T28240] Buffer I/O error on dev loop6, logical block 0, async page read [ 1486.348737][T28240] Buffer I/O error on dev loop6, logical block 0, async page read [ 1486.371122][T28240] ldm_validate_partition_table(): Disk read failed. [ 1486.378227][T28240] Buffer I/O error on dev loop6, logical block 0, async page read [ 1486.387117][T28240] Buffer I/O error on dev loop6, logical block 0, async page read [ 1486.387304][T28248] netlink: 'syz.4.25287': attribute type 2 has an invalid length. [ 1486.395943][T28240] Dev loop6: unable to read RDB block 0 [ 1486.396398][T28240] loop6: unable to read partition table [ 1486.405135][T28248] netlink: 60 bytes leftover after parsing attributes in process `syz.4.25287'. [ 1486.411589][T28240] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 1486.550850][T28189] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 1486.720718][T28189] usb 6-1: Using ep0 maxpacket: 32 [ 1486.727756][T28189] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 1486.770737][T28189] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1486.782059][T28189] usb 6-1: config 0 descriptor?? [ 1486.992634][T28189] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 1487.013409][T28189] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1487.041955][T28189] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 1487.049238][T28189] usb 6-1: media controller created [ 1487.090288][T28189] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1487.194332][T28189] az6027: usb out operation failed. (-71) [ 1487.204899][T28189] az6027: usb out operation failed. (-71) [ 1487.212455][T28189] stb0899_attach: Driver disabled by Kconfig [ 1487.218746][T28189] az6027: no front-end attached [ 1487.218746][T28189] [ 1487.239265][T28189] az6027: usb out operation failed. (-71) [ 1487.245293][T28189] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 1487.262479][T28189] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input254 [ 1487.286081][T28189] dvb-usb: schedule remote query interval to 400 msecs. [ 1487.301724][T28189] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 1487.326305][T28189] usb 6-1: USB disconnect, device number 30 [ 1487.412882][T28189] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 1488.213385][T28295] netlink: 28 bytes leftover after parsing attributes in process `syz.5.25304'. [ 1488.399994][T28301] syzkaller1: entered promiscuous mode [ 1488.406159][T28301] syzkaller1: entered allmulticast mode [ 1488.700667][ T5984] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 1488.852667][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1488.869714][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1488.880735][ T5984] usb 6-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00 [ 1488.889891][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1488.908345][ T5984] usb 6-1: config 0 descriptor?? [ 1489.168689][ T5984] usbhid 6-1:0.0: can't add hid device: -71 [ 1489.183022][ T5984] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 1489.198614][ T5984] usb 6-1: USB disconnect, device number 31 [ 1489.598613][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 1489.604971][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 1489.640586][T28189] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 1489.670297][T28327] netlink: 8 bytes leftover after parsing attributes in process `syz.6.25318'. [ 1489.744374][T28327] netlink: 12 bytes leftover after parsing attributes in process `syz.6.25318'. [ 1489.822200][T28189] usb 3-1: Using ep0 maxpacket: 16 [ 1489.836845][T28189] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1489.853146][T28327] netlink: 8 bytes leftover after parsing attributes in process `syz.6.25318'. [ 1489.854163][ T2247] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1489.870601][T28189] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1489.875991][ T2247] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1489.895231][ T2247] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1489.905012][T28327] netlink: 12 bytes leftover after parsing attributes in process `syz.6.25318'. [ 1489.916303][T28189] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 1489.925592][ T2247] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1489.944908][T28189] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1489.975265][T28189] usb 3-1: config 0 descriptor?? [ 1490.266070][T28339] netlink: 'syz.6.25324': attribute type 1 has an invalid length. [ 1490.301492][T28339] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1490.327697][T28339] bond1: (slave geneve3): making interface the new active one [ 1490.352282][T28339] bond1: (slave geneve3): Enslaving as an active interface with an up link [ 1490.369355][ T1150] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1490.386124][ T1150] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1490.395309][ T1150] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1490.405484][ T1150] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1490.646880][T28352] netlink: 'syz.6.25328': attribute type 13 has an invalid length. [ 1490.655542][T28352] netlink: 'syz.6.25328': attribute type 17 has an invalid length. [ 1490.690966][T28189] usb 3-1: language id specifier not provided by device, defaulting to English [ 1490.709233][T28352] gretap0: left promiscuous mode [ 1490.790008][T28352] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1490.800205][T28352] 8021q: adding VLAN 0 to HW filter on device team0 [ 1490.820367][T28352] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1490.959132][T28360] netlink: 52 bytes leftover after parsing attributes in process `syz.6.25332'. [ 1491.104370][T28189] letsketch 0003:6161:4D15.00D6: Device info: ఁ [ 1491.111212][T22944] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 1491.260619][T22944] usb 6-1: Using ep0 maxpacket: 16 [ 1491.267924][T22944] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1491.279534][T22944] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1491.296428][T22944] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1491.316573][T22944] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1491.365115][T22944] usb 6-1: config 0 descriptor?? [ 1491.365177][T28189] usb 3-1: Max retries (5) exceeded reading string descriptor 201 [ 1491.407576][T28189] letsketch 0003:6161:4D15.00D6: probe with driver letsketch failed with error -71 [ 1491.411316][T28366] input: syz1 as /devices/virtual/input/input255 [ 1491.436919][T28189] usb 3-1: USB disconnect, device number 35 [ 1491.661239][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 1491.813339][T22944] HID 045e:07da: Invalid code 65791 type 1 [ 1491.832590][T22944] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.00D7/input/input256 [ 1491.881869][T22944] microsoft 0003:045E:07DA.00D7: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 1492.352006][T28388] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] SMP KASAN PTI [ 1492.363956][T28388] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 1492.372399][T28388] CPU: 1 UID: 0 PID: 28388 Comm: syz.4.25344 Not tainted syzkaller #0 PREEMPT(full) [ 1492.381885][T28388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1492.391967][T28388] RIP: 0010:fd_install+0x57/0x3d0 [ 1492.397031][T28388] Code: 48 81 c3 48 09 00 00 48 89 d8 48 c1 e8 03 80 3c 28 00 74 08 48 89 df e8 47 4d e6 ff 4c 8b 3b 49 8d 5e 40 48 89 d8 48 c1 e8 03 <0f> b6 04 28 84 c0 0f 85 29 03 00 00 8b 1b 89 de 81 e6 00 00 00 01 [ 1492.416666][T28388] RSP: 0018:ffffc9000eb27ca0 EFLAGS: 00010202 [ 1492.422764][T28388] RAX: 0000000000000008 RBX: 0000000000000041 RCX: 0000000000080000 [ 1492.430764][T28388] RDX: ffffc9000c779000 RSI: 00000000000000b3 RDI: 00000000000000b4 [ 1492.438766][T28388] RBP: dffffc0000000000 R08: ffff88807e2bb83b R09: 1ffff1100fc57707 [ 1492.446769][T28388] R10: dffffc0000000000 R11: ffffed100fc57708 R12: 0000000000000003 [ 1492.454769][T28388] R13: 0000000000000003 R14: 0000000000000001 R15: ffff88803300bc00 [ 1492.462765][T28388] FS: 00007fb9e942c6c0(0000) GS:ffff8881261c0000(0000) knlGS:0000000000000000 [ 1492.471712][T28388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1492.478315][T28388] CR2: 0000200000bbdffc CR3: 0000000040cea000 CR4: 00000000003526f0 [ 1492.486304][T28388] Call Trace: [ 1492.489611][T28388] [ 1492.492573][T28388] ? do_mq_open+0x595/0x770 [ 1492.497110][T28388] do_mq_open+0x5a0/0x770 [ 1492.501481][T28388] ? __pfx_do_mq_open+0x10/0x10 [ 1492.506379][T28388] ? __pfx_do_futex+0x10/0x10 [ 1492.511086][T28388] ? _raw_spin_unlock_irq+0x2e/0x50 [ 1492.516309][T28388] ? do_timer_settime+0x497/0x4c0 [ 1492.521360][T28388] __x64_sys_mq_open+0x16a/0x1c0 [ 1492.526392][T28388] ? __pfx___x64_sys_mq_open+0x10/0x10 [ 1492.531966][T28388] ? do_syscall_64+0xbe/0xf80 [ 1492.536657][T28388] do_syscall_64+0xfa/0xf80 [ 1492.541171][T28388] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1492.547258][T28388] ? clear_bhb_loop+0x60/0xb0 [ 1492.551955][T28388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1492.557859][T28388] RIP: 0033:0x7fb9e858f749 [ 1492.562287][T28388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1492.581901][T28388] RSP: 002b:00007fb9e942c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0 [ 1492.590326][T28388] RAX: ffffffffffffffda RBX: 00007fb9e87e5fa0 RCX: 00007fb9e858f749 [ 1492.598314][T28388] RDX: 0000000000000110 RSI: 0000000000000040 RDI: 00002000000004c0 [ 1492.606294][T28388] RBP: 00007fb9e8613f91 R08: 0000000000000000 R09: 0000000000000000 [ 1492.614276][T28388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1492.622258][T28388] R13: 00007fb9e87e6038 R14: 00007fb9e87e5fa0 R15: 00007fb9e890fa28 [ 1492.630255][T28388] [ 1492.633294][T28388] Modules linked in: [ 1492.638190][T28388] ---[ end trace 0000000000000000 ]--- [ 1492.650609][T28388] RIP: 0010:fd_install+0x57/0x3d0 [ 1492.655910][T28388] Code: 48 81 c3 48 09 00 00 48 89 d8 48 c1 e8 03 80 3c 28 00 74 08 48 89 df e8 47 4d e6 ff 4c 8b 3b 49 8d 5e 40 48 89 d8 48 c1 e8 03 <0f> b6 04 28 84 c0 0f 85 29 03 00 00 8b 1b 89 de 81 e6 00 00 00 01 [ 1492.675831][T28388] RSP: 0018:ffffc9000eb27ca0 EFLAGS: 00010202 [ 1492.682097][T28388] RAX: 0000000000000008 RBX: 0000000000000041 RCX: 0000000000080000 [ 1492.690645][T28388] RDX: ffffc9000c779000 RSI: 00000000000000b3 RDI: 00000000000000b4 [ 1492.698659][T28388] RBP: dffffc0000000000 R08: ffff88807e2bb83b R09: 1ffff1100fc57707 [ 1492.701373][T22944] usb 6-1: USB disconnect, device number 32 [ 1492.710549][T28388] R10: dffffc0000000000 R11: ffffed100fc57708 R12: 0000000000000003 [ 1492.722024][T28388] R13: 0000000000000003 R14: 0000000000000001 R15: ffff88803300bc00 [ 1492.732715][T28388] FS: 00007fb9e942c6c0(0000) GS:ffff8881261c0000(0000) knlGS:0000000000000000 [ 1492.742651][T28388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1492.749254][T28388] CR2: 000055555a2d5588 CR3: 0000000040cea000 CR4: 00000000003526f0 [ 1492.758308][T28388] Kernel panic - not syncing: Fatal exception [ 1492.764715][T28388] Kernel Offset: disabled [ 1492.769042][T28388] Rebooting in 86400 seconds..