last executing test programs:

3m11.890647477s ago: executing program 0 (id=4078):
r0 = openat$rdma_cm(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000100)={0x1, 0x10, 0xfa00, {0x0, r2}}, 0x18)

3m11.839398077s ago: executing program 0 (id=4081):
r0 = memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100})
ftruncate(r0, 0x2)
lseek(r0, 0x0, 0x3)

3m11.789290022s ago: executing program 0 (id=4083):
unshare(0x4a000200)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780c206050086dd60"], 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)

3m11.535775906s ago: executing program 0 (id=4090):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

3m11.466352223s ago: executing program 0 (id=4091):
timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2)
pread64(r0, &(0x7f00000002c0)=""/75, 0x4b, 0x0)

3m11.228437343s ago: executing program 0 (id=4097):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)

3m11.138974388s ago: executing program 32 (id=4097):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)

2m52.208787245s ago: executing program 3 (id=4301):
r0 = shmget$private(0x0, 0x3000, 0x80, &(0x7f0000ffd000/0x3000)=nil)
shmat(r0, &(0x7f0000ffc000/0x3000)=nil, 0x4000)
shmctl$IPC_RMID(r0, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)

2m52.141543861s ago: executing program 3 (id=4294):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x6c, 0x16, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x40, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'pim6reg\x00'}, {0x14, 0x1, 'veth0_to_batadv\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x94}}, 0x800)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x48, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}]}]}]}], {0x14}}, 0x70}}, 0x24040884)

2m52.132346965s ago: executing program 3 (id=4303):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80143, 0x1ff)
close(r0)
socket$xdp(0x2c, 0x3, 0x0)
read$FUSE(r0, &(0x7f00000019c0)={0x2020}, 0x2020)

2m52.035263871s ago: executing program 3 (id=4296):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

2m52.034218727s ago: executing program 3 (id=4298):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000180)=0x2cf7)
write$cgroup_devices(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="f7b981b7d77df1516f9d068d8a69a0ac6c61dfbcf2b32ace35"], 0xffdd)

2m51.709258054s ago: executing program 3 (id=4305):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
capset(&(0x7f0000000280)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r0, 0x8b22, &(0x7f0000000040))

2m51.660137928s ago: executing program 33 (id=4305):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
capset(&(0x7f0000000280)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r0, 0x8b22, &(0x7f0000000040))

7.837020542s ago: executing program 5 (id=6849):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'lo\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@ipv4_newaddr={0x34, 0x14, 0x503, 0x70bd32, 0x25dfdbfd, {0x2, 0x1f, 0x0, 0xff, r2}, [@IFA_LOCAL={0x8, 0x2, @loopback}, @IFA_LABEL={0x14, 0x3, 'xfrm0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004011}, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}})

7.81833831s ago: executing program 5 (id=6850):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

7.699382344s ago: executing program 5 (id=6851):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000140), 0x0)

6.83512526s ago: executing program 5 (id=6857):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000340)={0x40, 0x6, 0x1, '\v'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000480)=""/74, 0x49)

5.411947327s ago: executing program 4 (id=6887):
syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000280)="2d6c8455db50da4a0d", 0x9}], 0x1, 0x5, 0x8)

2.159059829s ago: executing program 5 (id=6897):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88ce359bdb00143c, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

2.15680576s ago: executing program 4 (id=6904):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg(r0, &(0x7f00000052c0)=[{{&(0x7f0000000180)=@ax25={{0x3, @netrom}, [@netrom, @remote, @netrom, @default, @null, @remote, @netrom, @default]}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000200)=""/189, 0xbd}], 0x1}, 0xef35}], 0x1, 0x2000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, 0x0, 0x0}, 0x94)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

1.956794709s ago: executing program 4 (id=6899):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x97)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r0, &(0x7f0000000440)=[{&(0x7f0000000240)="00214717a70700faadc9d40200710a5e31163ceb9d06", 0x16}], 0x1, 0x3, 0x78f)

1.866206998s ago: executing program 4 (id=6901):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]})
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
read$FUSE(r0, &(0x7f0000002c00)={0x2020}, 0x2020)

1.765581515s ago: executing program 4 (id=6903):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000840)={0x14, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGFLAG(r1, 0x8004480e, 0x0)

1.296511619s ago: executing program 1 (id=6922):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = ioctl$KVM_GET_STATS_FD_cpu(r2, 0xaece)
read$FUSE(r3, &(0x7f0000001440)={0x2020}, 0x2020)

1.172475349s ago: executing program 1 (id=6924):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10)
syz_clone(0x8020000, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x8, 0x4, 0xf84, 0x6, 0xfffffffffffffbff, 0x800000000001, 0x3b, 0xd4}, 0x0, 0x0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

1.03884618s ago: executing program 2 (id=6926):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000240)={@remote, 0x0, 0x0, 0x0, 0x0, 0x72, 0x2}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000003e00250304000000000000000a"], 0x14}, 0x1, 0x0, 0x0, 0x2000c001}, 0x80084)

986.452673ms ago: executing program 1 (id=6927):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/current\x00')
exit(0x5)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
close_range(r0, 0xffffffffffffffff, 0x0)

986.242715ms ago: executing program 2 (id=6928):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0)
syz_io_uring_setup(0x1a1d, &(0x7f0000000180)={0x0, 0x755e, 0x13080, 0x3, 0x2b8, 0x0, 0x0}, 0x0, 0x0, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
preadv2(r0, &(0x7f0000000200)=[{&(0x7f0000000500)=""/61, 0x3d}], 0x1, 0x40, 0x4, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x3f, 0x20, 0x0, 0x0, 0x800, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0)

131.815295ms ago: executing program 4 (id=6929):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000000)={r2, 0x7}, &(0x7f0000000040)=0x8)

131.24155ms ago: executing program 1 (id=6930):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0xc0, 0x2c, 0xd2b, 0x70bd2b, 0x35dfdbfb, {0x0, 0x0, 0x0, r2, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0xffffffffffffffc1, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_virt_wifi\x00'}, @TCA_U32_LINK={0x8}, @TCA_U32_SEL={0x74, 0x5, {0x10, 0x9, 0x6, 0x10da, 0xa760, 0x0, 0x10, 0x100, [{0x1000, 0xe, 0xfffff000, 0x9f6}, {0x1, 0xfffffffb, 0x100, 0x3ff}, {0x9, 0x7, 0x3e, 0x800}, {0x9, 0x10, 0x5, 0x1}, {0x40, 0x80000001, 0xfffffffe, 0xffffffff}, {0x1, 0x5, 0x5127, 0x10001}]}}]}}]}, 0xc0}}, 0x24040084)

127.815061ms ago: executing program 2 (id=6931):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r0, &(0x7f00000002c0)="f9", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x1c)
sendto$inet6(r0, &(0x7f0000000300)='H', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000200)={0x0, 0x0, 0x10}, &(0x7f0000000240)=0x18)

67.94224ms ago: executing program 1 (id=6932):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x27, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

65.965687ms ago: executing program 2 (id=6933):
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x4, 0x3, 0x1, 0x4ddf, 0x1})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x1c8, 0xe0, 0x700001b, 0x148, 0xe0, 0x148, 0x178, 0x206, 0x240, 0x178, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x1ea, 0x70, 0x98, 0x0, {0x390, 0x8f00}}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x9, 0x6, 0x1}, {0xffffffffffffffff, 0x5, 0x6}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xe0}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x228)

6.111291ms ago: executing program 5 (id=6934):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @random="3fabf82df2c3"})
write$tun(r0, &(0x7f00000000c0)={@val={0x8, 0x800}, @val={0x7, 0x3, 0x3, 0x2, 0x14}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0xc}, @broadcast}, {{0x8100, 0x88a8, 0x41424344, 0x41424344, 0x0, 0x0, 0x1, 0x20, 0x5}}}}, 0x36)

5.754278ms ago: executing program 2 (id=6935):
r0 = socket(0x15, 0x5, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_io_uring_setup(0x10d3, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0xfffffffe, 0xd3}, 0x0, 0x0, &(0x7f0000000000))
mremap(&(0x7f000055a000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000003000/0x1000)=nil)
getsockopt(r0, 0x200000000114, 0x271b, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)

3.183469ms ago: executing program 1 (id=6936):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x19d)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x3000005, 0x0)
r0 = inotify_init1(0x80000)
inotify_add_watch(r0, &(0x7f0000000180)='./file0\x00', 0x40000000)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)

0s ago: executing program 2 (id=6937):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xffffffffffffff6b, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)

0s ago: executing program 1 (id=6938):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x240540c7, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000100)=0x9dc, 0x4)
sendto$inet6(r0, &(0x7f0000000000)="04", 0x1, 0x44001, 0x0, 0x0)

kernel console output (not intermixed with test programs):

0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  321.620848][ T5615] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  321.624406][ T5615] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  321.627835][ T5615] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.632025][ T5615] usb 6-1: config 0 descriptor??
[  321.634316][T16458] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  321.644299][ T5615] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  321.850382][ T5884] usb 6-1: USB disconnect, device number 17
[  321.853383][    C3] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  321.908915][ T1430] ieee802154 phy0 wpan0: encryption failed: -22
[  321.911074][ T1430] ieee802154 phy1 wpan1: encryption failed: -22
[  322.407707][ T5884] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  322.569522][ T5884] usb 9-1: Using ep0 maxpacket: 8
[  322.576211][ T5884] usb 9-1: config 0 has an invalid interface number: 186 but max is 0
[  322.580110][ T5884] usb 9-1: config 0 has no interface number 0
[  322.583261][ T5884] usb 9-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  322.588826][ T5884] usb 9-1: config 0 interface 186 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  322.593074][ T5884] usb 9-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  322.598008][ T5884] usb 9-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  322.602027][ T5884] usb 9-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  322.611503][ T5884] usb 9-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  322.615819][ T5884] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.615839][ T5884] usb 9-1: Product: syz
[  322.615852][ T5884] usb 9-1: Manufacturer: syz
[  322.615864][ T5884] usb 9-1: SerialNumber: syz
[  322.620061][ T5884] usb 9-1: config 0 descriptor??
[  322.677429][T16521] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4599'.
[  322.683065][ T1261] bond0: (slave bond1): link status definitely down, disabling slave
[  322.776073][T16528] C: renamed from veth1_to_team
[  322.779372][T16528] netlink: 'syz.2.4602': attribute type 2 has an invalid length.
[  322.781866][T16528] netlink: 120 bytes leftover after parsing attributes in process `syz.2.4602'.
[  322.784764][T16528] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  322.837331][ T5884] iowarrior 9-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0
[  323.047050][   T24] usb 9-1: USB disconnect, device number 4
[  323.083526][T16541] overlayfs: failed to clone lowerpath
[  323.180146][T16547] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4611'.
[  323.241473][T16551] netem: change failed
[  323.554290][T16568] ieee802154 phy0 wpan0: encryption failed: -22
[  324.177155][ T5824] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  324.347290][ T5824] usb 9-1: Using ep0 maxpacket: 8
[  324.351326][ T5824] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  324.356205][ T5824] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  324.360570][ T5824] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  324.364784][ T5824] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  324.369470][ T5824] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  324.372337][ T5824] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.491509][T16593] binder: 16592:16593 ioctl c0306201 80000640 returned -22
[  324.581084][ T5824] usb 9-1: GET_CAPABILITIES returned 0
[  324.583565][ T5824] usbtmc 9-1:16.0: can't read capabilities
[  324.727700][T16605] netlink: 'syz.2.4638': attribute type 1 has an invalid length.
[  324.730467][T16605] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4638'.
[  324.733359][T16605] netlink: 'syz.2.4638': attribute type 1 has an invalid length.
[  324.735775][T16605] netlink: 'syz.2.4638': attribute type 8 has an invalid length.
[  324.738246][T16605] netlink: 582 bytes leftover after parsing attributes in process `syz.2.4638'.
[  324.741198][T16605] netlink: 1 bytes leftover after parsing attributes in process `syz.2.4638'.
[  324.784075][   T29] usb 9-1: USB disconnect, device number 5
[  324.787545][ T5093] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  324.787905][ T5743] Bluetooth: hci4: command 0x1003 tx timeout
[  324.829483][T16607] binder: 16606:16607 ioctl c0306201 0 returned -14
[  324.977021][ T5615] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  325.132010][ T5615] usb 10-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  325.135151][ T5615] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.138306][ T5615] usb 10-1: Product: syz
[  325.139704][ T5615] usb 10-1: Manufacturer: syz
[  325.141340][ T5615] usb 10-1: SerialNumber: syz
[  325.398445][ T5615] rtl8150 10-1:1.0: couldn't reset the device
[  325.401439][ T5615] rtl8150 10-1:1.0: probe with driver rtl8150 failed with error -5
[  325.410203][ T5615] usb 10-1: USB disconnect, device number 2
[  325.733691][ T5093] Bluetooth: hci2: unknown advertising packet type: 0x75
[  325.733736][ T5093] Bluetooth: hci2: Dropping invalid advertising data
[  325.740261][ T5093] Bluetooth: hci2: Malformed LE Event: 0x02
[  326.268376][T16690] input: syz1 as /devices/virtual/input/input28
[  326.270452][T16690] input: failed to attach handler leds to device input28, error: -6
[  326.618162][T16711] macvtap1: entered promiscuous mode
[  326.620124][T16711] macvtap1: entered allmulticast mode
[  326.624486][T16711] dummy0: entered allmulticast mode
[  326.630371][T16711] dummy0: entered promiscuous mode
[  326.634636][T16711] team0: Device macvtap1 failed to register rx_handler
[  326.638321][T16711] dummy0: left allmulticast mode
[  326.658323][ T5615] dummy0: left promiscuous mode
[  327.401436][   T40] kauditd_printk_skb: 31 callbacks suppressed
[  327.401453][   T40] audit: type=1800 audit(1777559668.093:456): pid=16760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4710" name="file0" dev="9p" ino=72876367 res=0 errno=0
[  327.968333][   T40] audit: type=1326 audit(1777559668.663:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16780 comm="syz.4.4720" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  327.974956][   T40] audit: type=1326 audit(1777559668.663:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16780 comm="syz.4.4720" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  327.981822][   T40] audit: type=1326 audit(1777559668.663:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16780 comm="syz.4.4720" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  327.989955][   T40] audit: type=1326 audit(1777559668.663:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16780 comm="syz.4.4720" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  327.996751][   T40] audit: type=1326 audit(1777559668.663:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16780 comm="syz.4.4720" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  328.004914][   T40] audit: type=1326 audit(1777559668.663:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16780 comm="syz.4.4720" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  328.011717][   T40] audit: type=1326 audit(1777559668.663:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16780 comm="syz.4.4720" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f76fe8 code=0x7ffc0000
[  328.018362][   T40] audit: type=1326 audit(1777559668.663:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16780 comm="syz.4.4720" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f76fe8 code=0x7ffc0000
[  328.024891][   T40] audit: type=1326 audit(1777559668.663:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16780 comm="syz.4.4720" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f76fe8 code=0x7ffc0000
[  328.127873][ T5821] kernel read not supported for file /dsp1 (pid: 5821 comm: kworker/0:3)
[  328.180239][ T5821] kernel write not supported for file /input/event2 (pid: 5821 comm: kworker/0:3)
[  328.308342][ T5093] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  328.364984][T16807] tipc: Started in network mode
[  328.368129][T16807] tipc: Node identity ac14140f, cluster identity 4711
[  328.370754][T16807] tipc: New replicast peer: 255.255.255.255
[  328.373159][T16807] tipc: Enabled bearer <udp:syz2>, priority 10
[  328.398868][T16809] overlayfs: invalid origin (0000)
[  328.404992][T16811] netlink: 'syz.1.4734': attribute type 4 has an invalid length.
[  328.437718][T16814] binder: BINDER_SET_CONTEXT_MGR already set
[  328.441317][T16814] binder: 16812:16814 ioctl 4018620d 80004a80 returned -16
[  329.482746][T16869] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.4760'.
[  329.485870][T16869] openvswitch: netlink: Message has 5 unknown bytes.
[  329.493312][T16870] kvm: user requested TSC rate below hardware speed
[  329.509615][ T5821] tipc: Node number set to 2886997007
[  329.983886][T16904] binder: 16903:16904 ioctl c0306201 80000640 returned -22
[  332.336439][T17002] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4819'.
[  332.378881][T17006] ������: renamed from vlan0 (while UP)
[  333.900036][T17140] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4883'.
[  334.127036][ T5884] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  334.165903][T17156] vivid-004: disconnect
[  334.170516][T17154] vivid-004: reconnect
[  334.277673][ T5821] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  334.287183][ T5884] usb 10-1: Using ep0 maxpacket: 32
[  334.297371][ T5884] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[  334.300239][ T5884] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  334.304137][ T5884] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  334.308044][ T5884] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  334.312301][ T5884] usb 10-1: config 0 interface 0 has no altsetting 0
[  334.316123][ T5884] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  334.319518][ T5884] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  334.322309][ T5884] usb 10-1: Product: syz
[  334.323822][ T5884] usb 10-1: Manufacturer: syz
[  334.325370][ T5884] usb 10-1: SerialNumber: syz
[  334.329428][ T5884] usb 10-1: config 0 descriptor??
[  334.332780][ T5884] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  334.337235][ T5884] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  334.447052][ T5821] usb 6-1: Using ep0 maxpacket: 32
[  334.452668][ T5821] usb 6-1: unable to get BOS descriptor or descriptor too short
[  334.456079][ T5821] usb 6-1: config 8 has an invalid interface number: 188 but max is 0
[  334.458960][ T5821] usb 6-1: config 8 has no interface number 0
[  334.461308][ T5821] usb 6-1: config 8 interface 188 has no altsetting 0
[  334.468602][ T5821] usb 6-1: string descriptor 0 read error: -22
[  334.473457][ T5821] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e
[  334.479371][ T5821] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.490150][ T5821] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  334.492775][ T5821] dw2102: su3000_power_ctrl: 1, initialized 0
[  334.495075][ T5821] dvb-usb: bulk message failed: -22 (2/0)
[  334.504612][ T5821] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  334.508207][ T5821] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  334.511386][ T5821] usb 6-1: media controller created
[  334.513241][ T5821] dvb-usb: bulk message failed: -22 (6/0)
[  334.515506][ T5821] dw2102: i2c transfer failed.
[  334.519175][ T5821] dvb-usb: bulk message failed: -22 (6/0)
[  334.522078][ T5821] dw2102: i2c transfer failed.
[  334.523637][ T5821] dvb-usb: bulk message failed: -22 (6/0)
[  334.525472][ T5821] dw2102: i2c transfer failed.
[  334.528143][ T5821] dvb-usb: bulk message failed: -22 (6/0)
[  334.530106][ T5821] dw2102: i2c transfer failed.
[  334.531750][ T5821] dvb-usb: bulk message failed: -22 (6/0)
[  334.533597][ T5821] dw2102: i2c transfer failed.
[  334.535135][ T5821] dvb-usb: bulk message failed: -22 (6/0)
[  334.540868][ T5821] dw2102: i2c transfer failed.
[  334.542472][ T5821] dvb-usb: MAC address: 02:02:02:02:02:02
[  334.550280][T17138] ldusb 10-1:0.0: Write buffer overflow, 64987 bytes dropped
[  334.550399][ T5821] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  334.562987][ T5821] dvb-usb: bulk message failed: -22 (3/0)
[  334.566294][ T5821] dw2102: command 0x0e transfer failed.
[  334.570616][ T5821] dvb-usb: bulk message failed: -22 (3/0)
[  334.572466][ T5821] dw2102: command 0x0e transfer failed.
[  334.602706][T17138] ldusb 10-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[  334.602802][    C3] ldusb 10-1:0.0: usb_submit_urb failed (-19)
[  334.602807][    T9] usb 10-1: USB disconnect, device number 3
[  334.615343][    T9] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[  334.636255][T17180] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4901'.
[  334.639308][T17180] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4901'.
[  334.642225][T17180] netlink: 'syz.4.4901': attribute type 20 has an invalid length.
[  334.878876][ T5821] dvb-usb: bulk message failed: -22 (3/0)
[  334.883067][ T5821] dw2102: command 0x0e transfer failed.
[  334.885478][ T5821] dvb-usb: bulk message failed: -22 (3/0)
[  334.891686][ T5821] dw2102: command 0x0e transfer failed.
[  334.893845][ T5821] dvb-usb: bulk message failed: -22 (1/0)
[  334.896298][ T5821] dw2102: command 0x51 transfer failed.
[  334.921784][ T5821] DVB: Unable to find symbol ds3000_attach()
[  334.924540][ T5821] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  334.976928][ T5821] rc_core: IR keymap rc-su3000 not found
[  334.978767][ T5821] Registered IR keymap rc-empty
[  334.982341][ T5821] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0
[  334.989372][ T5821] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input30
[  334.999017][ T5821] dvb-usb: schedule remote query interval to 150 msecs.
[  335.001315][ T5821] dw2102: su3000_power_ctrl: 0, initialized 1
[  335.003315][ T5821] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  335.008645][ T5821] usb 6-1: USB disconnect, device number 18
[  335.431470][ T5821] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  335.724435][T17228] loop6: detected capacity change from 0 to 8
[  335.735851][T17230] input: syz0 as /devices/virtual/input/input31
[  335.788788][T17228] loop6: detected capacity change from 8 to 0
[  335.917146][ T5821] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  335.973797][    T9] Process accounting resumed
[  336.056272][T17251] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4932'.
[  336.066985][ T5821] usb 6-1: Using ep0 maxpacket: 8
[  336.071136][ T5821] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  336.082553][ T5821] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  336.088467][ T5821] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.097539][ T5821] usb 6-1: config 0 descriptor??
[  336.309556][ T5821] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  336.511703][   T29] usb 6-1: USB disconnect, device number 19
[  337.076238][   T40] kauditd_printk_skb: 1300 callbacks suppressed
[  337.076249][   T40] audit: type=1326 audit(1777559677.763:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17277 comm="syz.1.4944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702efcc code=0x7ffc0000
[  337.085437][   T40] audit: type=1326 audit(1777559677.763:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17277 comm="syz.1.4944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702efcc code=0x7ffc0000
[  337.093184][   T40] audit: type=1326 audit(1777559677.773:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17277 comm="syz.1.4944" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf702efcc code=0x7ffc0000
[  337.103292][   T40] audit: type=1326 audit(1777559677.773:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17277 comm="syz.1.4944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702efcc code=0x7ffc0000
[  337.115105][   T40] audit: type=1326 audit(1777559677.773:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17277 comm="syz.1.4944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702efcc code=0x7ffc0000
[  337.122835][   T40] audit: type=1326 audit(1777559677.773:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17277 comm="syz.1.4944" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf702efcc code=0x7ffc0000
[  337.129765][   T40] audit: type=1326 audit(1777559677.773:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17277 comm="syz.1.4944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702efcc code=0x7ffc0000
[  337.198250][   T24] kernel read not supported for file /dsp1 (pid: 24 comm: kworker/2:0)
[  337.988921][ T5615] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  338.117200][   T29] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  338.149220][ T5615] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  338.153277][ T5615] usb 6-1: config 4 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  338.157558][ T5615] usb 6-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  338.164883][ T5615] usb 6-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  338.168947][ T5615] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.173247][ T5615] usb 6-1: Product: syz
[  338.175074][ T5615] usb 6-1: Manufacturer: syz
[  338.177249][ T5615] usb 6-1: SerialNumber: syz
[  338.185252][ T5615] usblp0: Disabling reads from problematic bidirectional printer
[  338.304739][   T29] usb 9-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  338.308864][   T29] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.312284][   T29] usb 9-1: Product: syz
[  338.314259][   T29] usb 9-1: Manufacturer: syz
[  338.316401][   T29] usb 9-1: SerialNumber: syz
[  338.389234][ T5615] usblp 6-1:4.0: usblp0: USB Unidirectional printer dev 20 if 0 alt 0 proto 1 vid 0x03F0 pid 0x0004
[  338.551304][   T29] rtl8150 9-1:1.0: couldn't reset the device
[  338.553581][   T29] rtl8150 9-1:1.0: probe with driver rtl8150 failed with error -5
[  338.561489][   T29] usb 9-1: USB disconnect, device number 6
[  338.590185][   T24] usb 6-1: USB disconnect, device number 20
[  338.594262][   T24] usblp0: removed
[  339.537038][    T9] usb 6-1: new full-speed USB device number 21 using dummy_hcd
[  339.688778][    T9] usb 6-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  339.693689][    T9] usb 6-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  339.697993][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  339.700942][    T9] usb 6-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  339.704858][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.710949][    T9] usb 6-1: config 0 descriptor??
[  340.122363][    T9] hid_parser_main: 90 callbacks suppressed
[  340.122378][    T9] hid-steam 0003:28DE:1102.000E: unknown main item tag 0x0
[  340.134184][    T9] hid-steam 0003:28DE:1102.000E: unknown main item tag 0x0
[  340.149123][    T9] hid-steam 0003:28DE:1102.000E: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.1-1/input0
[  340.182080][ T5884] Process accounting resumed
[  340.207184][    T9] hid-steam 0003:28DE:1102.000E: Steam Controller 'XXXXXXXXXX' connected
[  340.215965][    T9] input: Steam Controller as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:28DE:1102.000E/input/input32
[  340.263689][    T9] hid-steam 0003:28DE:1102.000F: unknown main item tag 0x0
[  340.267210][    T9] hid-steam 0003:28DE:1102.000F: unknown main item tag 0x0
[  340.284943][    T9] hid-steam 0003:28DE:1102.000F: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.1-1/input0
[  340.324114][ T5615] usb 6-1: USB disconnect, device number 21
[  340.376909][ T5615] hid-steam 0003:28DE:1102.000E: Steam Controller 'XXXXXXXXXX' disconnected
[  340.443411][T17428] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5012'.
[  340.488646][ T5884] Process accounting resumed
[  340.646849][   T24] kernel write not supported for file /input/event2 (pid: 24 comm: kworker/2:0)
[  341.383171][T17465] kvm: user requested TSC rate below hardware speed
[  341.484910][T17469] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5031'.
[  341.488121][T17469] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5031'.
[  341.773884][T17492] kvm: user requested TSC rate below hardware speed
[  341.813163][T17497] batman_adv: batadv0: Adding interface: dummy0
[  341.815985][T17497] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  341.825611][T17497] batman_adv: batadv0: Interface activated: dummy0
[  343.157277][T17561] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5073'.
[  343.161088][T17561] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5073'.
[  343.164815][T17561] netlink: 'syz.1.5073': attribute type 18 has an invalid length.
[  343.168269][T17561] netlink: 'syz.1.5073': attribute type 15 has an invalid length.
[  343.618188][T17571] batman_adv: batadv0: Adding interface: macvtap1
[  343.621057][T17571] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  343.633493][T17571] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active
[  344.050076][T17589] kvm_intel: kvm [17588]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x3
[  344.506978][ T5615] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  344.677891][ T5615] usb 6-1: Using ep0 maxpacket: 8
[  344.682084][ T5615] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  344.685646][ T5615] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  344.690891][ T5615] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  344.697900][ T5615] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  344.701271][ T5615] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  344.705642][ T5615] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  344.709105][ T5615] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.920186][ T5615] usb 6-1: GET_CAPABILITIES returned 0
[  344.922729][ T5615] usbtmc 6-1:16.0: can't read capabilities
[  345.124318][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.127379][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.130486][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.133760][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.136588][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.139397][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.142298][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.145122][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.151728][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.154810][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.157645][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.160467][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.163483][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.167009][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.170331][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.173874][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  345.180140][ T5821] usb 6-1: USB disconnect, device number 22
[  345.195209][T17631] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5105'.
[  345.388949][T17652] loop5: detected capacity change from 0 to 7
[  345.443173][ T5160] blk_print_req_error: 11 callbacks suppressed
[  345.443198][ T5160] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  345.452126][ T5160] buffer_io_error: 10 callbacks suppressed
[  345.452142][ T5160] Buffer I/O error on dev loop5, logical block 0, async page read
[  345.462904][T17652] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  345.467398][T17652] Buffer I/O error on dev loop5, logical block 0, async page read
[  345.472052][T17652] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  345.475926][T17652] Buffer I/O error on dev loop5, logical block 0, async page read
[  345.479782][T17652] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  345.483831][T17652] Buffer I/O error on dev loop5, logical block 0, async page read
[  345.487594][T17652] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  345.491609][T17652] Buffer I/O error on dev loop5, logical block 0, async page read
[  345.495466][T17652] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  345.499825][T17652] Buffer I/O error on dev loop5, logical block 0, async page read
[  345.503388][T17652] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  345.507716][T17652] Buffer I/O error on dev loop5, logical block 0, async page read
[  345.511107][T17660] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5117'.
[  345.511177][T17652] ldm_validate_partition_table(): Disk read failed.
[  345.517050][T17652] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  345.519887][T17652] Buffer I/O error on dev loop5, logical block 0, async page read
[  345.522464][T17652] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  345.525302][T17652] Buffer I/O error on dev loop5, logical block 0, async page read
[  345.527969][T17652] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  345.530912][T17652] Buffer I/O error on dev loop5, logical block 0, async page read
[  345.533498][T17652] Dev loop5: unable to read RDB block 0
[  345.535445][T17652]  loop5: unable to read partition table
[  345.537422][T17652] loop5: partition table beyond EOD, truncated
[  345.541121][T17652] loop_reread_partitions: partition scan of loop5 (���W������ý�*���	���%���4FLQk݊5) failed (rc=-5)
[  345.580702][T17664] comedi comedi3: comedi_test: 10 microvolt, 2046 microsecond waveform attached
[  345.653540][T17670] syzkaller1: tun_chr_ioctl cmd 35108
[  345.932189][T17705] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5139'.
[  346.019277][T17718] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5145'.
[  346.022391][T17718] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5145'.
[  346.041691][T17718] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5145'.
[  346.044563][T17718] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5145'.
[  346.614581][T17786] mac80211_hwsim hwsim16 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  347.527558][   T24] e1000 0000:00:06.0 eth0: Reset adapter
[  347.647305][   T24] e1000 0000:00:06.0 eth0: Reset adapter
[  347.778121][   T24] e1000 0000:00:06.0 eth0: Reset adapter
[  349.988229][ T5824] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  350.467390][   T41] wlan1: Trigger new scan to find an IBSS to join
[  353.438687][   T13] wlan1: Trigger new scan to find an IBSS to join
[  354.319279][ T1157] wlan1: Creating new IBSS network, BSSID 4a:f9:69:16:63:de
[  358.182910][   T40] audit: type=1800 audit(1777559698.873:1773): pid=17884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.5204" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  358.807618][T17928] netlink: 'syz.1.5221': attribute type 10 has an invalid length.
[  358.826240][T17928] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  358.831089][T17928] team0: Port device netdevsim1 added
[  358.903492][T17934] netlink: 264 bytes leftover after parsing attributes in process `syz.1.5223'.
[  359.032104][T17941] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5227'.
[  359.036755][T17941] veth0_macvtap: left promiscuous mode
[  359.503988][T17966] loop7: detected capacity change from 0 to 7
[  359.506806][    C3] blk_print_req_error: 5 callbacks suppressed
[  359.506817][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  359.512060][    C3] buffer_io_error: 5 callbacks suppressed
[  359.512069][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.517512][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  359.520449][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.523139][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  359.526402][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.529278][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  359.532298][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.535046][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  359.538008][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.540828][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  359.543890][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.546508][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  359.549981][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.552624][T17966] ldm_validate_partition_table(): Disk read failed.
[  359.555818][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  359.558741][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.561641][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  359.564603][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.568563][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  359.571505][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.575213][T17966] Dev loop7: unable to read RDB block 0
[  359.578161][T17966]  loop7: unable to read partition table
[  359.580346][T17966] loop7: partition table beyond EOD, truncated
[  359.582994][T17966] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%�֐�ȵ4FLQk݊5) failed (rc=-5)
[  359.593894][T17970] ldm_validate_partition_table(): Disk read failed.
[  359.596484][T17970] Dev loop7: unable to read RDB block 0
[  359.599365][T17970]  loop7: unable to read partition table
[  359.601324][T17970] loop7: partition table beyond EOD, truncated
[  359.747049][    T9] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  359.900378][    T9] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  359.906388][    T9] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  359.913669][    T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  359.918006][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  359.922584][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  359.929823][    T9] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  359.934094][    T9] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  359.938223][    T9] usb 6-1: Product: syz
[  359.940215][    T9] usb 6-1: Manufacturer: syz
[  359.948881][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  359.951786][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  359.955733][    T9] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  359.960834][    T9] cdc_wdm 6-1:1.0: Unknown control protocol
[  360.180050][T18000] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5245'.
[  360.208245][    C0] wdm_int_callback: 10 callbacks suppressed
[  360.208266][    C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  360.208852][ T5824] usb 6-1: USB disconnect, device number 23
[  360.210285][    C0] wdm_int_callback: 10 callbacks suppressed
[  360.210297][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  360.210308][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  361.317509][T18058] bond1: entered promiscuous mode
[  361.435847][T18069] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5276'.
[  361.575871][T18087] netlink: 'syz.5.5285': attribute type 1 has an invalid length.
[  361.581414][T18087] netlink: 'syz.5.5285': attribute type 2 has an invalid length.
[  361.586411][T18087] netlink: 'syz.5.5285': attribute type 1 has an invalid length.
[  361.590466][T18087] netlink: 'syz.5.5285': attribute type 2 has an invalid length.
[  361.749680][T18100] bridge_slave_0: invalid flags given to default FDB implementation
[  361.895990][   T40] audit: type=1326 audit(1777559702.583:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18113 comm="syz.4.5298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  361.905540][   T40] audit: type=1326 audit(1777559702.583:1775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18113 comm="syz.4.5298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  361.916063][   T40] audit: type=1326 audit(1777559702.583:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18113 comm="syz.4.5298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  361.925385][   T40] audit: type=1326 audit(1777559702.593:1777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18113 comm="syz.4.5298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  361.946696][   T40] audit: type=1326 audit(1777559702.593:1778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18113 comm="syz.4.5298" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  361.956586][   T40] audit: type=1326 audit(1777559702.593:1779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18113 comm="syz.4.5298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  361.968938][   T40] audit: type=1326 audit(1777559702.593:1780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18113 comm="syz.4.5298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  361.980308][   T40] audit: type=1326 audit(1777559702.593:1781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18113 comm="syz.4.5298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  361.992703][   T40] audit: type=1326 audit(1777559702.593:1782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18113 comm="syz.4.5298" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  362.283380][T18143] gfs2: path_lookup on  returned error -2
[  362.566075][T18164] loop9: detected capacity change from 0 to 7
[  362.572762][T18164] ldm_validate_partition_table(): Disk read failed.
[  362.575272][T18164] Dev loop9: unable to read RDB block 0
[  362.577679][T18164]  loop9: unable to read partition table
[  362.579619][T18164] loop9: partition table beyond EOD, truncated
[  362.581965][T18164] loop_reread_partitions: partition scan of loop9 (��) failed (rc=-5)
[  362.588920][T18165] syzkaller1: tun_chr_ioctl cmd 1074025680
[  362.674458][T18169] netlink: 211856 bytes leftover after parsing attributes in process `syz.2.5323'.
[  363.764906][T18232] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5353'.
[  363.770579][T18232] netlink: 72 bytes leftover after parsing attributes in process `syz.2.5353'.
[  363.795897][T18234] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5354'.
[  363.821708][T18234] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5354'.
[  364.150199][T18270] netlink: 'syz.1.5370': attribute type 2 has an invalid length.
[  364.152672][T18270] netlink: 'syz.1.5370': attribute type 2 has an invalid length.
[  364.155135][T18270] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5370'.
[  364.251784][T18284] netlink: 27 bytes leftover after parsing attributes in process `syz.1.5377'.
[  364.256190][T18284] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5377'.
[  364.649366][ T5829] IPVS: starting estimator thread 0...
[  364.758297][T18328] IPVS: using max 44 ests per chain, 105600 per kthread
[  364.772741][T18339] input: syz0 as /devices/virtual/input/input33
[  365.051196][ T5829] kernel read not supported for file /dsp (pid: 5829 comm: kworker/0:4)
[  365.129353][T18359] macvlan2: entered promiscuous mode
[  365.131723][T18359] bridge0: entered promiscuous mode
[  365.429745][T18396] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.5426'.
[  365.955625][T18425] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5439'.
[  366.267118][ T5843] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  366.418319][ T5843] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[  366.421169][ T5843] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  366.424453][ T5843] usb 6-1: config 0 interface 0 has no altsetting 0
[  366.430699][ T5843] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  366.433877][ T5843] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  366.436653][ T5843] usb 6-1: Product: syz
[  366.438149][ T5843] usb 6-1: Manufacturer: syz
[  366.439916][ T5843] usb 6-1: SerialNumber: syz
[  366.443066][ T5843] usb 6-1: config 0 descriptor??
[  366.446027][ T5843] hub 6-1:0.0: bad descriptor, ignoring hub
[  366.448248][ T5843] hub 6-1:0.0: probe with driver hub failed with error -5
[  366.452036][ T5843] usb 6-1: selecting invalid altsetting 0
[  366.671201][ T5829] hid-generic 0000:0000:0002.0010: unknown main item tag 0x0
[  366.674329][ T5829] hid-generic 0000:0000:0002.0010: unknown main item tag 0x0
[  366.682396][ T5829] hid-generic 0000:0000:0002.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  366.731346][T18481] fido_id[18481]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  366.882122][T18488] kvm: kvm [18487]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0xcd
[  367.091281][T18431] usb 6-1: reset high-speed USB device number 24 using dummy_hcd
[  367.271586][T18431] usb 6-1: device firmware changed
[  367.281151][ T5843] usb 6-1: USB disconnect, device number 24
[  367.447863][ T5843] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  367.599597][ T5843] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[  367.603461][ T5843] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  367.612153][ T5843] usb 6-1: config 0 interface 0 has no altsetting 0
[  367.618671][ T5843] usb 6-1: string descriptor 0 read error: -22
[  367.621617][ T5843] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  367.625457][ T5843] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  367.632508][ T5843] usb 6-1: config 0 descriptor??
[  367.637549][ T5843] hub 6-1:0.0: bad descriptor, ignoring hub
[  367.640838][ T5843] hub 6-1:0.0: probe with driver hub failed with error -5
[  367.646342][ T5843] usb 6-1: selecting invalid altsetting 0
[  367.717183][   T24] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  367.866968][   T24] usb 9-1: Using ep0 maxpacket: 8
[  367.874338][   T24] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  367.878659][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.892103][   T24] pvrusb2: Hardware description: Terratec Grabster AV400
[  367.900697][   T24] pvrusb2: **********
[  367.902498][   T24] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  367.907079][   T24] pvrusb2: Important functionality might not be entirely working.
[  367.910617][   T24] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  367.915320][   T24] pvrusb2: **********
[  367.957706][    T9] usb 6-1: USB disconnect, device number 25
[  368.101366][ T2503] pvrusb2: Invalid write control endpoint
[  368.140594][ T2503] pvrusb2: Invalid write control endpoint
[  368.144706][ T2503] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  368.149984][ T2503] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  368.153201][ T2503] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  368.157324][ T2503] pvrusb2: Device being rendered inoperable
[  368.159973][ T2503] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  368.164700][ T2503] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  368.171842][ T2503] pvrusb2: Attached sub-driver cx25840
[  368.176779][ T2503] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  368.181179][ T2503] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  368.303690][   T24] usb 9-1: USB disconnect, device number 7
[  368.941008][T18550] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5497'.
[  368.945852][T18550] netlink: 80 bytes leftover after parsing attributes in process `syz.4.5497'.
[  369.312952][T18581] netlink: 128 bytes leftover after parsing attributes in process `syz.2.5511'.
[  369.316033][T18581] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5511'.
[  370.817139][T18679] o2cb: This node has not been configured.
[  370.823849][T18679] o2cb: Cluster check failed. Fix errors before retrying.
[  370.826749][T18679] (syz.4.5557,18679,1):user_dlm_register:674 ERROR: status = -22
[  370.829465][T18679] (syz.4.5557,18679,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[  370.916297][T18689] trusted_key: encrypted_key: keyword 'upw' not recognized
[  371.391661][T18724] loop7: detected capacity change from 0 to 7
[  371.397750][    C2] blk_print_req_error: 46 callbacks suppressed
[  371.397765][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  371.404354][    C2] buffer_io_error: 45 callbacks suppressed
[  371.404367][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  371.410406][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  371.413335][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  371.419763][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  371.422763][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  371.425846][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  371.429732][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  371.433847][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  371.437517][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  371.443980][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  371.447073][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  371.452402][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  371.455463][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  371.458785][T18724] ldm_validate_partition_table(): Disk read failed.
[  371.461555][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  371.464602][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  371.467606][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  371.471673][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  371.474621][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  371.477733][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  371.480935][T18724] Dev loop7: unable to read RDB block 0
[  371.483313][T18724]  loop7: unable to read partition table
[  371.485605][T18724] loop7: partition table beyond EOD, truncated
[  371.490302][T18724] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%�֐�ȵ4FLQk݊5) failed (rc=-5)
[  371.516957][T18726] ldm_validate_partition_table(): Disk read failed.
[  371.519425][T18726] Dev loop7: unable to read RDB block 0
[  371.521950][T18726]  loop7: unable to read partition table
[  371.524498][T18726] loop7: partition table beyond EOD, truncated
[  371.769965][T18755] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5589'.
[  371.912510][T18767] bond0: entered promiscuous mode
[  371.914341][T18767] bond_slave_0: entered promiscuous mode
[  371.917967][T18767] bond_slave_1: entered promiscuous mode
[  371.920504][T18767] bond1: entered promiscuous mode
[  372.511293][T18797] syzkaller1: tun_chr_ioctl cmd 35108
[  372.619656][T18805] bridge_slave_0: invalid flags given to default FDB implementation
[  372.652825][T18809] binder: 18808:18809 ioctl c0306201 80000080 returned -14
[  372.704967][T18812] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5618'.
[  372.708524][T18812] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5618'.
[  372.866949][    T9] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  373.027057][    T9] usb 6-1: Using ep0 maxpacket: 8
[  373.030136][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  373.034073][    T9] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  373.037064][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.041247][    T9] usb 6-1: config 0 descriptor??
[  373.047153][   T24] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  373.198473][   T24] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  373.202313][   T24] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  373.206213][   T24] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  373.210435][   T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.215863][T18816] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  373.223891][   T24] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  373.226697][T18827] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5625'.
[  373.237397][T18827] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5625'.
[  373.253312][    T9] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  373.439682][   T24] usb 10-1: USB disconnect, device number 4
[  373.464480][    T9] usb 6-1: USB disconnect, device number 26
[  374.221594][ T5884] kernel read not supported for file /dsp (pid: 5884 comm: kworker/3:4)
[  374.558942][T18895] ptrace attach of "/syz-executor exec"[5738] was attempted by "/syz-executor exec"[18895]
[  375.067079][   T24] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  375.163924][T18924] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5669'.
[  375.166835][T18924] block nbd2: Unsupported socket: should be TCP or UNIX.
[  375.215246][T18926] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5670'.
[  375.219097][T18926] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5670'.
[  375.239489][   T24] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  375.242449][   T24] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  375.245714][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  375.249411][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  375.252894][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  375.257708][   T24] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  375.261246][   T24] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  375.286280][   T24] usb 6-1: Product: syz
[  375.289705][   T24] usb 6-1: Manufacturer: syz
[  375.301261][   T24] cdc_wdm 6-1:1.0: skipping garbage
[  375.303292][   T24] cdc_wdm 6-1:1.0: skipping garbage
[  375.306308][   T24] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  375.308645][   T24] cdc_wdm 6-1:1.0: Unknown control protocol
[  375.488399][   T29] IPVS: starting estimator thread 0...
[  375.506403][   T24] usb 6-1: USB disconnect, device number 27
[  375.577163][T18936] IPVS: using max 44 ests per chain, 105600 per kthread
[  376.309396][ T5093] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  376.309459][ T5743] Bluetooth: hci4: command 0x1003 tx timeout
[  376.524820][T18959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5684'.
[  376.529511][T18959] netlink: 80 bytes leftover after parsing attributes in process `syz.1.5684'.
[  376.616106][T18969] bridge_slave_0: invalid flags given to default FDB implementation
[  377.554534][   T24] kernel read not supported for file /swradio9 (pid: 24 comm: kworker/2:0)
[  378.402402][T19063] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5727'.
[  378.477188][ T5743] Bluetooth: hci2: command 0x0406 tx timeout
[  378.680345][ T5884] kernel write not supported for file /snd/seq (pid: 5884 comm: kworker/3:4)
[  378.812718][T19093] geneve2: entered promiscuous mode
[  379.177183][ T5884] usb 6-1: new full-speed USB device number 28 using dummy_hcd
[  379.329027][ T5884] usb 6-1: config 0 has no interfaces?
[  379.330916][ T5884] usb 6-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  379.337343][ T5884] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.342041][ T5884] usb 6-1: config 0 descriptor??
[  379.554101][   T24] usb 6-1: USB disconnect, device number 28
[  379.750270][T19137] netlink: 4768 bytes leftover after parsing attributes in process `syz.5.5760'.
[  379.753866][T19137] netlink: 4768 bytes leftover after parsing attributes in process `syz.5.5760'.
[  380.168158][T19161] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.5771'.
[  380.548075][ T5752] Bluetooth: hci2: command 0x0406 tx timeout
[  380.707358][   T24] e1000 0000:00:06.0 eth0: Reset adapter
[  381.187984][ T5842] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  381.241097][T19208] netlink: 'syz.4.5793': attribute type 8 has an invalid length.
[  381.358998][   T24] e1000 0000:00:06.0 eth0: Reset adapter
[  381.359359][T19217] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5797'.
[  381.365172][T19217] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5797'.
[  381.368165][T19217] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5797'.
[  382.477333][ T5093] Bluetooth: hci1: command 0x0405 tx timeout
[  383.348793][ T1430] ieee802154 phy0 wpan0: encryption failed: -22
[  383.351433][ T1430] ieee802154 phy1 wpan1: encryption failed: -22
[  383.507888][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  384.354825][   T41] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  391.170868][T19263] dummy0: entered allmulticast mode
[  391.173739][T19259] dummy0: left allmulticast mode
[  391.512302][T19282] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5809'.
[  391.550196][T19289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5812'.
[  391.553866][T19289] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5812'.
[  392.213199][T19330] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5830'.
[  392.221807][T19330] hsr_slave_0: left promiscuous mode
[  392.225432][T19330] hsr_slave_1: left promiscuous mode
[  392.382354][T19341] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap0
[  392.468274][T19343] binder: 19342:19343 ioctl c0306201 80000080 returned -14
[  393.072572][T19365] kvm: kvm [19364]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000005e) = 0x1
[  393.117067][ T5884] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  393.173644][T19367] wireguard: wg1: Could not create IPv4 socket
[  393.267304][ T5884] usb 9-1: Using ep0 maxpacket: 16
[  393.275091][ T5884] usb 9-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  393.279815][ T5884] usb 9-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  393.282968][ T5884] usb 9-1: Product: syz
[  393.284322][ T5884] usb 9-1: Manufacturer: syz
[  393.285836][ T5884] usb 9-1: SerialNumber: syz
[  393.290781][ T5884] usb 9-1: config 0 descriptor??
[  393.505898][ T5884] usb 9-1: USB disconnect, device number 8
[  394.402851][T19401] syzkaller1: entered promiscuous mode
[  394.404679][T19401] syzkaller1: entered allmulticast mode
[  394.522845][T19414] input: syz0 as /devices/virtual/input/input34
[  394.542659][T19412] syzkaller1: entered promiscuous mode
[  394.544544][T19412] syzkaller1: entered allmulticast mode
[  394.553051][T19412] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 22
[  394.699478][T19427] TCP: TCP_TX_DELAY enabled
[  395.053968][T19454] netlink: 96 bytes leftover after parsing attributes in process `syz.5.5887'.
[  395.156590][T19466] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5893'.
[  395.160811][T19467] erspan0: entered promiscuous mode
[  395.990761][   T24] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  396.079923][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  396.079935][   T40] audit: type=1804 audit(1777559736.763:1784): pid=19543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5929" name="/newroot/507/file0/file0" dev="9p" ino=72876367 res=1 errno=0
[  396.148419][   T24] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  396.151895][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  396.155331][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  396.158575][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  396.163484][   T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  396.166343][   T24] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  396.169078][   T24] usb 6-1: Manufacturer: syz
[  396.174582][   T24] usb 6-1: config 0 descriptor??
[  396.317807][ T1127] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  396.320458][ T1127] ata1: failed to read log page 10h (errno=-5)
[  396.322406][ T1127] ata1.00: NCQ disabled due to excessive errors
[  396.324412][ T1127] ata1.00: exception Emask 0x1 SAct 0x1000000 SErr 0x0 action 0x0
[  396.327187][ T1127] ata1.00: irq_stat 0x40000000
[  396.328854][ T1127] ata1.00: failed command: WRITE FPDMA QUEUED
[  396.330878][ T1127] ata1.00: cmd 61/28:c0:0e:b1:09/00:00:00:00:00/40 tag 24 ncq dma 20480 out
[  396.330878][ T1127]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  396.336405][ T1127] ata1.00: status: { DRDY }
[  396.339293][ T1127] ata1.00: error: { ABRT }
[  396.343673][ T1127] ata1.00: configured for UDMA/100
[  396.345544][ T1127] ata1: EH complete
[  396.557015][ T5843] usb 10-1: new full-speed USB device number 5 using dummy_hcd
[  396.582354][   T24] appleir 0003:05AC:8243.0011: unknown main item tag 0x0
[  396.601024][   T24] appleir 0003:05AC:8243.0011: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  396.711736][ T5843] usb 10-1: config 0 has no interfaces?
[  396.714531][ T5843] usb 10-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  396.719024][ T5843] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.725317][ T5843] usb 10-1: config 0 descriptor??
[  396.824161][T19568] syzkaller1: entered promiscuous mode
[  396.825968][T19568] syzkaller1: entered allmulticast mode
[  396.863112][ T5843] usb 6-1: USB disconnect, device number 29
[  396.979810][   T24] usb 10-1: USB disconnect, device number 5
[  397.632536][T19578] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.5943'.
[  397.814842][T19596] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  397.875496][T19600] loop7: detected capacity change from 0 to 16384
[  397.980282][T19606] Bluetooth: MGMT ver 1.23
[  398.148320][T19618] dvmrp0: entered allmulticast mode
[  398.665533][T19655] bridge0: entered promiscuous mode
[  398.669220][T19655] dummy0: entered promiscuous mode
[  398.674817][T19655] bridge0: left promiscuous mode
[  398.677898][T19655] dummy0: left promiscuous mode
[  398.911048][T19672] GUP no longer grows the stack in syz.2.5987 (19672): 80003000-8000a000 (80001000)
[  398.916536][T19672] CPU: 3 UID: 0 PID: 19672 Comm: syz.2.5987 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  398.916554][T19672] Tainted: [L]=SOFTLOCKUP
[  398.916559][T19672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  398.916565][T19672] Call Trace:
[  398.916570][T19672]  <TASK>
[  398.916575][T19672]  dump_stack_lvl+0x100/0x190
[  398.916631][T19672]  gup_vma_lookup.cold+0x83/0x96
[  398.916649][T19672]  __get_user_pages+0x241/0x32a0
[  398.916669][T19672]  ? down_read_killable+0x307/0x4b0
[  398.916894][T19672]  ? __pfx___might_resched+0x10/0x10
[  398.916908][T19672]  ? __pfx___get_user_pages+0x10/0x10
[  398.916951][T19672]  __gup_longterm_locked+0x87d/0x16f0
[  398.916969][T19672]  ? __pfx___gup_longterm_locked+0x10/0x10
[  398.916983][T19672]  ? lock_acquire+0x1b1/0x370
[  398.916999][T19672]  gup_fast_fallback+0x16dc/0x2790
[  398.917023][T19672]  ? __pfx_gup_fast_fallback+0x10/0x10
[  398.917038][T19672]  ? __lock_acquire+0x4a5/0x2630
[  398.917049][T19672]  ? finish_task_switch.isra.0+0x2cb/0x1010
[  398.917064][T19672]  ? lockdep_hardirqs_on+0x78/0x100
[  398.917081][T19672]  get_user_pages_fast+0xa7/0xf0
[  398.917095][T19672]  ? __pfx_get_user_pages_fast+0x10/0x10
[  398.917113][T19672]  __iov_iter_get_pages_alloc+0x8f2/0x1f20
[  398.917156][T19672]  ? __mutex_lock+0x26d/0x1b10
[  398.917171][T19672]  ? pipe_lock+0x69/0x80
[  398.917186][T19672]  ? __pfx___iov_iter_get_pages_alloc+0x10/0x10
[  398.917205][T19672]  ? __pfx___mutex_lock+0x10/0x10
[  398.917220][T19672]  ? import_ubuf+0x1b6/0x220
[  398.917241][T19672]  iov_iter_get_pages2+0xa3/0x100
[  398.917259][T19672]  ? __pfx_iov_iter_get_pages2+0x10/0x10
[  398.917276][T19672]  ? wait_for_space+0x2ca/0x3b0
[  398.917292][T19672]  __do_sys_vmsplice+0x7dd/0x13c0
[  398.917307][T19672]  ? __pfx_futex_wake_mark+0x10/0x10
[  398.917325][T19672]  ? __pfx___do_sys_vmsplice+0x10/0x10
[  398.917344][T19672]  ? __pfx_futex_wait+0x10/0x10
[  398.917361][T19672]  ? lockdep_hardirqs_on+0x78/0x100
[  398.917380][T19672]  ? irqentry_exit+0x246/0x790
[  398.917413][T19672]  ? __do_fast_syscall_32+0xe7/0x950
[  398.917429][T19672]  __do_fast_syscall_32+0xe7/0x950
[  398.917445][T19672]  do_fast_syscall_32+0x32/0x70
[  398.917461][T19672]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  398.917476][T19672] RIP: 0023:0xf6fdefcc
[  398.917487][T19672] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  398.917497][T19672] RSP: 002b:00000000f53cd50c EFLAGS: 00000292 ORIG_RAX: 000000000000013c
[  398.917540][T19672] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0
[  398.917547][T19672] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000
[  398.917553][T19672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  398.917560][T19672] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  398.917567][T19672] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  398.917582][T19672]  </TASK>
[  399.457027][   T24] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  399.487739][ T5842] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  399.498894][T19713] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  399.617084][   T24] usb 10-1: Using ep0 maxpacket: 8
[  399.622212][   T24] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  399.625074][   T24] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  399.628502][   T24] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  399.631675][   T24] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  399.634750][   T24] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  399.638999][   T24] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  399.641994][   T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.657038][ T5842] usb 6-1: Using ep0 maxpacket: 8
[  399.660176][ T5842] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  399.663770][ T5842] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  399.666846][ T5842] usb 6-1: config 0 interface 0 has no altsetting 0
[  399.669772][ T5842] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  399.672656][ T5842] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.680542][ T5842] usb 6-1: config 0 descriptor??
[  399.856031][   T24] usb 10-1: usb_control_msg returned -32
[  399.858023][   T24] usbtmc 10-1:16.0: can't read capabilities
[  399.891245][T19727] netlink: 'syz.2.6013': attribute type 4 has an invalid length.
[  400.097973][ T5842] mcp2221 0003:04D8:00DD.0012: unknown main item tag 0x0
[  400.100287][ T5842] mcp2221 0003:04D8:00DD.0012: unknown main item tag 0x0
[  400.102461][ T5842] mcp2221 0003:04D8:00DD.0012: unknown main item tag 0x0
[  400.104691][ T5842] mcp2221 0003:04D8:00DD.0012: unknown main item tag 0x0
[  400.107168][ T5842] mcp2221 0003:04D8:00DD.0012: unknown main item tag 0x0
[  400.109805][ T5842] mcp2221 0003:04D8:00DD.0012: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  400.124550][T19741] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.6019'.
[  400.145739][T19743] syzkaller1: entered promiscuous mode
[  400.150176][T19743] syzkaller1: entered allmulticast mode
[  400.229837][T19748] usbtmc 10-1:16.0: usb_control_msg returned -32
[  400.234041][    T9] usb 10-1: USB disconnect, device number 6
[  400.293939][ T5842] usb 6-1: USB disconnect, device number 30
[  400.844126][T19768] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  400.899884][T19775] binder: 19769:19775 ioctl 4018620d 0 returned -22
[  401.377909][T19806] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6048'.
[  402.079767][T19846] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  402.129640][ T5884] kernel write not supported for file bpf-prog (pid: 5884 comm: kworker/3:4)
[  402.299762][   T40] audit: type=1326 audit(1777559742.993:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19855 comm="syz.1.6070" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf702efcc code=0x0
[  403.810590][T19882] netlink: 'syz.4.6080': attribute type 1 has an invalid length.
[  403.813061][T19882] netlink: 'syz.4.6080': attribute type 2 has an invalid length.
[  403.907906][ T5743] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  404.472330][T19905] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6090'.
[  404.673334][T19916] kvm: apic: phys broadcast and lowest prio
[  404.759685][T19922] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  405.001055][T19943] netlink: 'syz.5.6107': attribute type 21 has an invalid length.
[  405.004600][T19943] netlink: 164 bytes leftover after parsing attributes in process `syz.5.6107'.
[  405.110433][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  405.114157][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  405.122066][T19951] netlink: 'syz.1.6113': attribute type 12 has an invalid length.
[  405.125201][T19951] netlink: 'syz.1.6113': attribute type 29 has an invalid length.
[  405.128830][T19951] netlink: 148 bytes leftover after parsing attributes in process `syz.1.6113'.
[  405.132521][T19951] netlink: 'syz.1.6113': attribute type 1 has an invalid length.
[  405.135634][T19951] netlink: 47 bytes leftover after parsing attributes in process `syz.1.6113'.
[  405.358426][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  405.587200][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  405.590777][T19986] ip6erspan0: entered allmulticast mode
[  405.591129][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  406.275603][   T40] audit: type=1804 audit(1777559746.963:1786): pid=20016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.6143" name="/newroot/814/file0/file0" dev="9p" ino=72876367 res=1 errno=0
[  406.378592][T20026] netlink: 96 bytes leftover after parsing attributes in process `syz.4.6148'.
[  406.388845][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  406.745834][T20061] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  406.769148][T20061] batman_adv: batadv0: Removing interface: batadv_slave_0
[  406.926955][   T29] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  407.011022][T20076] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  407.076979][   T29] usb 10-1: Using ep0 maxpacket: 8
[  407.082635][   T29] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  407.088263][   T29] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  407.092132][   T29] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  407.095363][   T29] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  407.099320][   T29] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  407.105271][   T29] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  407.109751][   T29] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.213522][T20097] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6181'.
[  407.240691][T20099] netlink: 212336 bytes leftover after parsing attributes in process `syz.4.6182'.
[  407.327371][   T29] usb 10-1: usb_control_msg returned -32
[  407.329357][   T29] usbtmc 10-1:16.0: can't read capabilities
[  407.437639][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  407.531853][    T9] usb 10-1: USB disconnect, device number 7
[  407.576533][T20124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6195'.
[  407.580358][T20124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6195'.
[  407.665784][T20136] netlink: 104 bytes leftover after parsing attributes in process `syz.2.6190'.
[  407.885736][T20158] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  407.892978][T20158] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  407.899784][T20158] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  407.920276][T20158] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  407.925136][T20162] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  407.933697][T20162] bond_slave_0: left promiscuous mode
[  407.935089][T20158] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  407.940372][T20162] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  407.945088][T20162] bond_slave_1: left promiscuous mode
[  407.952395][T20162] bond0 (unregistering): (slave bond1): Releasing backup interface
[  407.961844][T20162] bond1: left promiscuous mode
[  407.968895][T20162] bond0 (unregistering): Released all slaves
[  408.022769][  T104] smbdirect: ib_dev[syz1] removed
[  408.262541][T20181] Invalid source name
[  408.311004][  T104] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  408.316929][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  408.823488][T20205] sctp: [Deprecated]: syz.5.6223 (pid 20205) Use of struct sctp_assoc_value in delayed_ack socket option.
[  408.823488][T20205] Use struct sctp_sack_info instead
[  409.207028][   T29] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  409.357064][   T29] usb 10-1: Using ep0 maxpacket: 32
[  409.361024][   T29] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  409.366083][   T29] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  409.369303][   T29] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  409.371982][   T29] usb 10-1: Product: syz
[  409.373454][   T29] usb 10-1: Manufacturer: syz
[  409.374978][   T29] usb 10-1: SerialNumber: syz
[  409.378271][   T29] usb 10-1: config 0 descriptor??
[  409.380517][T20219] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  409.383739][   T29] hub 10-1:0.0: bad descriptor, ignoring hub
[  409.385727][   T29] hub 10-1:0.0: probe with driver hub failed with error -5
[  409.697464][   T29] usb 10-1: USB disconnect, device number 8
[  410.445282][T20245] __nla_validate_parse: 3 callbacks suppressed
[  410.445300][T20245] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6249'.
[  410.463718][   T13] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  410.466700][   T13] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  410.470420][   T13] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  410.473210][   T13] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  410.475973][T20245] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6249'.
[  410.547306][ T5829] net_ratelimit: 2 callbacks suppressed
[  410.547319][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  410.953442][T20295] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6273'.
[  410.956505][T20295] netlink: 'syz.5.6273': attribute type 21 has an invalid length.
[  411.038100][ T5093] Bluetooth: hci1: command 0x0405 tx timeout
[  411.347628][ T1038] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  411.350525][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  411.402479][T20320] input: syz0 as /devices/virtual/input/input35
[  411.550600][T20330] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6290'.
[  411.554272][T20330] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6290'.
[  411.560893][T20330] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6290'.
[  411.598464][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  411.598989][T20335] input: syz1 as /devices/virtual/input/input36
[  411.741130][T20345] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  411.746184][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  411.947064][   T29] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  412.123370][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  412.127053][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  412.130303][   T29] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  412.134450][   T29] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  412.138736][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  412.147296][   T29] usb 6-1: config 0 descriptor??
[  412.259513][T20396] team0: entered allmulticast mode
[  412.261380][T20396] team_slave_0: entered allmulticast mode
[  412.263324][T20396] team_slave_1: entered allmulticast mode
[  412.265745][T20396] 8021q: adding VLAN 0 to HW filter on device team0
[  412.569682][   T29] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  412.637210][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  412.724567][T20430] input: syz0 as /devices/virtual/input/input37
[  413.428084][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  413.668403][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  413.886045][ T5842] usb 6-1: USB disconnect, device number 31
[  414.041018][T20463] syzkaller1: entered promiscuous mode
[  414.043099][T20463] syzkaller1: entered allmulticast mode
[  414.067939][  T752] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  414.697070][ T6024] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  414.787028][   T29] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  414.787324][ T5743] Bluetooth: hci2: command 0x0406 tx timeout
[  414.790509][   T29] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  414.847098][ T6024] usb 10-1: Using ep0 maxpacket: 8
[  414.850004][ T6024] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  414.853302][ T6024] usb 10-1: config 0 has no interfaces?
[  414.856193][ T6024] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  414.859479][ T6024] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  414.862134][ T6024] usb 10-1: Product: syz
[  414.863531][ T6024] usb 10-1: SerialNumber: syz
[  414.866428][ T6024] usb 10-1: config 0 descriptor??
[  415.279424][  T752] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  415.757241][ T5821] net_ratelimit: 2 callbacks suppressed
[  415.757254][ T5821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  416.787522][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  416.876992][   T29] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  416.877028][ T5743] Bluetooth: hci3: command 0x0c1a tx timeout
[  416.879150][   T29] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  417.107327][ T5615] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.110292][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.265731][   T24] usb 10-1: USB disconnect, device number 9
[  417.283088][T20474] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.6343'.
[  417.394972][T20488] netlink: 'syz.4.6340': attribute type 12 has an invalid length.
[  417.397677][T20488] netlink: 'syz.4.6340': attribute type 29 has an invalid length.
[  417.400493][T20488] netlink: 148 bytes leftover after parsing attributes in process `syz.4.6340'.
[  417.403387][T20488] netlink: 'syz.4.6340': attribute type 1 has an invalid length.
[  417.405917][T20488] netlink: 'syz.4.6340': attribute type 2 has an invalid length.
[  417.408305][ T5842] e1000 0000:00:06.0 eth0: Reset adapter
[  417.409760][T20488] netlink: 15 bytes leftover after parsing attributes in process `syz.4.6340'.
[  417.827681][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  418.867568][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  418.947082][ T5743] Bluetooth: hci1: command 0x0405 tx timeout
[  418.949737][   T29] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  418.951794][   T29] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[  419.201773][ T6024] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  419.204768][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  419.587935][ T5842] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  419.827427][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  419.831099][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  420.957448][ T5829] net_ratelimit: 1 callbacks suppressed
[  420.957466][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  421.987319][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  422.867450][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  422.870192][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  423.027653][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  423.031978][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  424.067862][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  425.108203][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  425.588156][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  425.591633][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  426.147693][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  427.187507][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  427.773368][T20541] loop6: detected capacity change from 0 to 2640
[  427.775914][T20541] buffer_io_error: 25 callbacks suppressed
[  427.775923][T20541] Buffer I/O error on dev loop6, logical block 0, async page read
[  427.781851][T20541] Buffer I/O error on dev loop6, logical block 0, async page read
[  427.785265][T20541] Buffer I/O error on dev loop6, logical block 0, async page read
[  427.788782][T20541] Buffer I/O error on dev loop6, logical block 0, async page read
[  427.792022][T20541] Buffer I/O error on dev loop6, logical block 0, async page read
[  427.795294][T20541] Buffer I/O error on dev loop6, logical block 0, async page read
[  427.798944][T20541] Buffer I/O error on dev loop6, logical block 0, async page read
[  427.801614][T20544] syzkaller1: entered promiscuous mode
[  427.803160][T20541] Buffer I/O error on dev loop6, logical block 0, async page read
[  427.804719][T20544] syzkaller1: entered allmulticast mode
[  427.813624][T20541] ldm_validate_partition_table(): Disk read failed.
[  427.816012][T20541] Buffer I/O error on dev loop6, logical block 0, async page read
[  427.819345][T20541] Buffer I/O error on dev loop6, logical block 0, async page read
[  427.822016][T20541] Dev loop6: unable to read RDB block 0
[  427.824145][T20541]  loop6: unable to read partition table
[  427.826073][T20541] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[  427.976935][   T40] audit: type=1326 audit(1777559768.663:1787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20555 comm="syz.1.6355" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf702efcc code=0x0
[  428.237965][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  428.627780][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  428.630639][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  429.086593][T20614] bridge0: port 3(vlan2) entered blocking state
[  429.089448][T20614] bridge0: port 3(vlan2) entered disabled state
[  429.092129][T20614] vlan2: entered allmulticast mode
[  429.094311][T20614] dummy0: entered allmulticast mode
[  429.097604][T20614] vlan2: entered promiscuous mode
[  429.099552][T20614] dummy0: entered promiscuous mode
[  429.267537][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  429.271422][ T5842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  429.278640][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  429.427211][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  429.432890][ T1261] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  430.651312][T20702] netlink: 92 bytes leftover after parsing attributes in process `syz.4.6419'.
[  430.717345][ T5884] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  430.858899][T20522] hid-generic 0005:000B:0009.0014: unknown main item tag 0x0
[  430.862107][T20522] hid-generic 0005:000B:0009.0014: unknown main item tag 0x0
[  430.865304][T20522] hid-generic 0005:000B:0009.0014: unknown main item tag 0x0
[  430.868244][ T5884] usb 6-1: Using ep0 maxpacket: 32
[  430.869995][T20522] hid-generic 0005:000B:0009.0014: unknown main item tag 0x0
[  430.872443][T20522] hid-generic 0005:000B:0009.0014: unknown main item tag 0x0
[  430.874996][T20522] hid-generic 0005:000B:0009.0014: unknown main item tag 0x0
[  430.877481][T20522] hid-generic 0005:000B:0009.0014: unknown main item tag 0x0
[  430.880144][T20522] hid-generic 0005:000B:0009.0014: unknown main item tag 0x0
[  430.882715][T20522] hid-generic 0005:000B:0009.0014: unknown main item tag 0x0
[  430.885197][ T5884] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  430.888497][T20522] hid-generic 0005:000B:0009.0014: unknown main item tag 0x0
[  430.898805][ T5884] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  430.901705][ T5884] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  430.904196][ T5884] usb 6-1: Product: syz
[  430.905519][ T5884] usb 6-1: Manufacturer: syz
[  430.916623][ T5884] usb 6-1: SerialNumber: syz
[  430.922173][ T5884] usb 6-1: config 0 descriptor??
[  430.924033][T20522] hid-generic 0005:000B:0009.0014: hidraw0: BLUETOOTH HID v0.01 Device [syz0] on syz1
[  430.927906][T20695] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  430.936167][ T5884] hub 6-1:0.0: bad descriptor, ignoring hub
[  430.938275][ T5884] hub 6-1:0.0: probe with driver hub failed with error -5
[  431.347594][ T5829] net_ratelimit: 9 callbacks suppressed
[  431.347614][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.353038][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.355781][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.581542][T20695] usb 6-1: reset high-speed USB device number 32 using dummy_hcd
[  431.759055][T20695] usb 6-1: device firmware changed
[  431.769758][   T29] usb 6-1: USB disconnect, device number 32
[  431.907129][   T29] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  432.067076][   T29] usb 6-1: Using ep0 maxpacket: 32
[  432.071163][   T29] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  432.080400][   T29] usb 6-1: string descriptor 0 read error: -22
[  432.083348][   T29] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  432.087463][   T29] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  432.092991][   T29] usb 6-1: config 0 descriptor??
[  432.099925][T20711] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  432.109379][   T29] hub 6-1:0.0: bad descriptor, ignoring hub
[  432.112330][   T29] hub 6-1:0.0: probe with driver hub failed with error -5
[  432.398209][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.437256][   T29] usb 6-1: USB disconnect, device number 33
[  432.687837][T20747] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  433.037026][   T24] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  433.187129][   T24] usb 10-1: Using ep0 maxpacket: 8
[  433.191064][   T24] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  433.194590][   T24] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  433.198681][   T24] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  433.202740][   T24] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  433.206962][   T24] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  433.212358][   T24] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  433.216162][   T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.427516][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  433.778595][ T5884] kernel read not supported for file /input/event0 (pid: 5884 comm: kworker/3:4)
[  433.986788][T20782] usbtmc 10-1:16.0: simple usb_control_msg returned 0
[  434.020184][T20786] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6455'.
[  434.023511][T20786] netlink: 'syz.4.6455': attribute type 20 has an invalid length.
[  434.026183][T20786] netlink: 'syz.4.6455': attribute type 21 has an invalid length.
[  434.191293][   T29] usb 10-1: USB disconnect, device number 10
[  434.467920][  T104] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  434.472101][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  434.477513][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  434.480686][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  434.486148][ T6024] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  434.533655][T20819] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6470'.
[  435.095181][   T40] audit: type=1326 audit(1777559775.783:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20861 comm="syz.4.6489" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x0
[  435.117154][   T24] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  435.197073][T20882] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.6496'.
[  435.289342][   T24] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  435.293098][   T24] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  435.296321][   T24] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  435.300145][   T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.305046][T20848] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  435.313381][   T24] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  435.377923][T20892] block nbd2: server does not support multiple connections per device.
[  435.381265][T20892] block nbd2: shutting down sockets
[  435.385456][T20545] udevd[20545]: inotify_add_watch(7, /dev/nbd2, 10) failed: No such file or directory
[  435.576803][ T6024] usb 10-1: USB disconnect, device number 11
[  436.126308][T20905] ip6erspan0: entered allmulticast mode
[  436.364561][    C0] net_ratelimit: 1 callbacks suppressed
[  436.364577][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  436.365719][T20924] input: syz1 as /devices/virtual/input/input40
[  436.419091][T20926] overlayfs: statfs failed on './file0'
[  436.557454][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  436.746725][T20952] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.6526'.
[  437.048890][T20962] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6531'.
[  437.107446][  T104] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  437.110417][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  437.221463][ T5829] kernel read not supported for file /dsp (pid: 5829 comm: kworker/0:4)
[  437.224378][T20966] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.6533'.
[  437.507663][T20979] �����a��D: renamed from lo
[  437.556974][   T24] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  437.597263][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  437.721051][   T24] usb 9-1: config 0 has an invalid interface number: 50 but max is 0
[  437.725494][   T24] usb 9-1: config 0 has no interface number 0
[  437.728451][   T24] usb 9-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  437.737502][   T24] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  437.741517][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.745066][   T24] usb 9-1: Product: syz
[  437.747307][   T24] usb 9-1: Manufacturer: syz
[  437.749348][   T24] usb 9-1: SerialNumber: syz
[  437.755851][   T24] usb 9-1: config 0 descriptor??
[  437.766481][   T24] yurex 9-1:0.50: USB YUREX device now attached to Yurex #0
[  437.939106][T21003] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6551'.
[  438.299404][T21023] can0: slcan on ttyS3.
[  438.347865][T21023] can0 (unregistered): slcan off ttyS3.
[  438.521619][    C2] usb 9-1: yurex_control_callback - control failed: -71
[  438.526766][   T24] usb 9-1: USB disconnect, device number 9
[  438.533832][   T24] yurex 9-1:0.50: USB YUREX #0 now disconnected
[  438.559066][T21039] netlink: 'syz.1.6566': attribute type 1 has an invalid length.
[  438.598923][T21041] netlink: 'syz.1.6567': attribute type 1 has an invalid length.
[  438.601512][T21041] netlink: 'syz.1.6567': attribute type 1 has an invalid length.
[  438.627434][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  438.771890][T21051] syzkaller1: entered promiscuous mode
[  438.774242][T21051] syzkaller1: entered allmulticast mode
[  439.074588][T21062] netlink: 428 bytes leftover after parsing attributes in process `syz.2.6577'.
[  439.078778][T21062] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6577'.
[  439.216503][T21074] usb usb8: usbfs: process 21074 (syz.1.6581) did not claim interface 0 before use
[  439.462442][T21095] loop8: detected capacity change from 0 to 8
[  439.465419][T21095] Dev loop8: unable to read RDB block 8
[  439.467554][T21095]  loop8: unable to read partition table
[  439.469577][T21095] loop8: partition table beyond EOD, truncated
[  439.471723][T21095] loop_reread_partitions: partition scan of loop8 (�被x�^>�� �) failed (rc=-5)
[  439.513006][T21097] syzkaller1: entered promiscuous mode
[  439.515449][T21097] syzkaller1: entered allmulticast mode
[  439.668614][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  440.707899][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  440.758352][T21136] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6608'.
[  440.771824][T21136] team0: Port device team_slave_0 removed
[  440.896262][T21143] pim6reg1: entered promiscuous mode
[  440.899396][T21143] pim6reg1: entered allmulticast mode
[  441.022894][T21151] kvm: user requested TSC rate below hardware speed
[  441.417032][ T6024] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  441.576967][ T6024] usb 6-1: Using ep0 maxpacket: 32
[  441.581034][ T6024] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  441.584750][ T6024] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  441.588669][ T6024] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  441.594252][ T6024] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  441.598185][ T6024] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.603580][ T6024] usb 6-1: config 0 descriptor??
[  441.616986][   T24] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  441.747530][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  441.766977][   T24] usb 10-1: Using ep0 maxpacket: 32
[  441.771028][   T24] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  441.777292][   T24] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  441.781161][   T24] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  441.784545][   T24] usb 10-1: Product: syz
[  441.786313][   T24] usb 10-1: Manufacturer: syz
[  441.788395][   T24] usb 10-1: SerialNumber: syz
[  441.792681][   T24] usb 10-1: config 0 descriptor??
[  441.795551][T21161] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  441.800164][   T24] hub 10-1:0.0: bad descriptor, ignoring hub
[  441.802839][   T24] hub 10-1:0.0: probe with driver hub failed with error -5
[  442.031500][ T6024] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5011.0015/input/input41
[  442.160573][ T6024] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5011.0015/input/input42
[  442.189802][ T6024] kye 0003:0458:5011.0015: input,hiddev1,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.1-1/input0
[  442.252118][T20522] usb 6-1: USB disconnect, device number 34
[  442.269024][T21171] fido_id[21171]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb6/6-1/report_descriptor': No such file or directory
[  442.306571][T21175] binder: 21174:21175 ioctl c0306201 80000540 returned -14
[  442.367165][ T5829] usb 10-1: USB disconnect, device number 12
[  442.381937][T21181] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6626'.
[  442.502606][T21188] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 40
[  442.724599][T21200] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6635'.
[  442.731178][T21200] netlink: 65011 bytes leftover after parsing attributes in process `syz.5.6635'.
[  442.791456][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  442.877624][   T41] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  442.880657][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.097001][ T6024] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  443.145802][   T40] audit: type=1800 audit(1777559783.833:1789): pid=21234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6652" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  443.155986][T21235] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.160628][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.248042][ T6024] usb 6-1: Using ep0 maxpacket: 8
[  443.254194][ T6024] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  443.257555][ T6024] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  443.261439][ T6024] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  443.264680][ T6024] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  443.269048][ T6024] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  443.274662][ T6024] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  443.281136][ T6024] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.496129][ T6024] usb 6-1: usb_control_msg returned -32
[  443.498795][ T6024] usbtmc 6-1:16.0: can't read capabilities
[  443.510052][T20522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.827328][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.851145][T21258] usbtmc 6-1:16.0: control status returned 0
[  444.053697][   T24] usb 6-1: USB disconnect, device number 35
[  444.437024][    T9] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  444.608739][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  444.613195][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  444.616361][    T9] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  444.620829][    T9] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  444.624490][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.628853][    T9] usb 10-1: config 0 descriptor??
[  444.682920][T21284] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6673'.
[  444.791705][ T1430] ieee802154 phy0 wpan0: encryption failed: -22
[  444.794811][ T1430] ieee802154 phy1 wpan1: encryption failed: -22
[  444.878792][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.054401][    T9] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  445.627034][   T24] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  445.777010][   T24] usb 9-1: Using ep0 maxpacket: 8
[  445.780840][   T24] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  445.784127][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  445.788774][   T24] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  445.793488][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  445.797824][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  445.802297][   T24] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  445.805424][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  445.810170][   T24] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  445.814714][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  445.818206][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  445.822829][   T24] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  445.826069][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  445.830417][   T24] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  445.834771][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  445.836955][    T9] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  445.839165][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  445.848271][   T24] usb 9-1: string descriptor 0 read error: -22
[  445.850810][   T24] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  445.854428][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.865334][   T24] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux1
[  445.917790][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.997027][    T9] usb 6-1: Using ep0 maxpacket: 8
[  446.000123][    T9] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  446.003672][    T9] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  446.007069][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  446.009215][    T9] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  446.011863][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.017592][    T9] usb 6-1: config 0 descriptor??
[  446.114759][   T24] usb 9-1: USB disconnect, device number 10
[  446.439254][    T9] hid_parser_main: 4071 callbacks suppressed
[  446.439277][    T9] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  446.454210][    T9] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  446.458334][    T9] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  446.462742][    T9] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  446.465564][    T9] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  446.469094][    T9] mcp2221 0003:04D8:00DD.0017: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  446.639626][   T24] usb 6-1: USB disconnect, device number 36
[  446.947842][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  446.959119][T21312] 9pnet: p9_errstr2errno: server reported unknown error 
[  447.191498][   T29] usb 10-1: USB disconnect, device number 13
[  447.491123][T21362] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6707'.
[  447.622815][T21373] misc userio: Begin command sent, but we're already running
[  447.906490][T21384] vcan0: tx drop: invalid sa for name 0x0000000000001000
[  447.987417][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  447.990941][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  447.994395][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  448.838222][ T6024] usb 10-1: new full-speed USB device number 14 using dummy_hcd
[  448.998870][ T6024] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  449.002069][ T6024] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  449.006256][ T6024] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  449.009968][ T6024] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.037587][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  449.219572][ T6024] usb 10-1: GET_CAPABILITIES returned 0
[  449.221450][ T6024] usbtmc 10-1:16.0: can't read capabilities
[  449.425802][ T6024] usb 10-1: USB disconnect, device number 14
[  449.987202][ T5743] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  449.988028][ T5752] Bluetooth: hci4: command 0x1003 tx timeout
[  450.077266][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  450.306991][   T29] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  450.477004][   T29] usb 6-1: Using ep0 maxpacket: 8
[  450.480396][   T29] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  450.484744][   T29] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  450.488606][   T29] usb 6-1: config 0 interface 0 has no altsetting 0
[  450.490946][   T29] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  450.493790][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.498647][   T29] usb 6-1: config 0 descriptor??
[  450.787213][ T5743] Bluetooth: hci5: command 0x1003 tx timeout
[  450.791332][ T5093] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  450.910281][   T29] mcp2221 0003:04D8:00DD.0018: unknown main item tag 0x0
[  450.912587][   T29] mcp2221 0003:04D8:00DD.0018: unknown main item tag 0x0
[  450.914840][   T29] mcp2221 0003:04D8:00DD.0018: unknown main item tag 0x0
[  450.917766][   T29] mcp2221 0003:04D8:00DD.0018: unknown main item tag 0x0
[  450.919998][   T29] mcp2221 0003:04D8:00DD.0018: unknown main item tag 0x0
[  450.922589][   T29] mcp2221 0003:04D8:00DD.0018: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  451.038989][T21422] hsr0: entered promiscuous mode
[  451.041752][T21422] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6733'.
[  451.044969][T21422] hsr_slave_0: left promiscuous mode
[  451.049085][T21422] hsr_slave_1: left promiscuous mode
[  451.052965][T21422] hsr0 (unregistering): left promiscuous mode
[  451.109311][ T6024] usb 6-1: USB disconnect, device number 37
[  451.119097][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.768317][T21465] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  452.147285][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  452.597455][ T5843] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  453.107671][T20522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  453.197469][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  453.589653][ T5093] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  453.589738][ T5743] Bluetooth: hci4: command 0x1003 tx timeout
[  453.751308][  T104] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  453.754270][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  454.087667][T20522] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  454.227584][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  454.238592][T20522] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  454.242277][T20522] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  454.245407][T20522] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  454.249926][T20522] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  454.252923][T20522] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  454.256807][T20522] usb 6-1: config 0 descriptor??
[  454.687533][T20522] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  455.279270][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  456.317511][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  456.669222][ T5843] usb 6-1: USB disconnect, device number 38
[  457.347621][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  458.397624][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  458.867799][ T1261] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  458.870602][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  459.437389][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  460.467341][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  461.517629][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  462.547354][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  462.707303][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  463.216072][T21546] loop6: detected capacity change from 0 to 8
[  463.442023][T21546] Dev loop6: unable to read RDB block 8
[  463.444378][T21546]  loop6: unable to read partition table
[  463.449206][T21552] loop6: detected capacity change from 8 to 7
[  463.449217][T21546] loop6: partition table beyond EOD, truncated
[  463.449333][T21546] loop_reread_partitions: partition scan of loop6 (��[{Bѷ���Mܾ`*��Z��5��]�z(�Ť�4+hG�pX����gm
[  463.449333][T21546] ������.B�L_se�) failed (rc=-5)
[  463.519739][    C1] blk_print_req_error: 25 callbacks suppressed
[  463.519766][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  463.526817][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  463.530854][    C0] buffer_io_error: 11 callbacks suppressed
[  463.530867][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  463.537459][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  463.541827][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  463.548855][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  463.552490][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  463.555515][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  463.558467][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  463.562720][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  463.565675][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  463.574111][T21578] syzkaller1: entered promiscuous mode
[  463.576004][T21578] syzkaller1: entered allmulticast mode
[  463.598056][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  463.770513][T21596] netlink: 'syz.5.6799': attribute type 11 has an invalid length.
[  464.627278][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  464.630189][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  464.633007][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  464.808314][T20522] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  464.963220][T20522] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  464.967111][T20522] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  464.973724][T20522] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  464.976574][T20522] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.983463][T21647] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  464.988856][T20522] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  465.195352][    T9] usb 6-1: USB disconnect, device number 39
[  465.485648][T21676] syzkaller1: entered promiscuous mode
[  465.487812][T21676] syzkaller1: entered allmulticast mode
[  465.645900][T21678] sctp: [Deprecated]: syz.5.6834 (pid 21678) Use of struct sctp_assoc_value in delayed_ack socket option.
[  465.645900][T21678] Use struct sctp_sack_info instead
[  465.651823][T21678] sctp: [Deprecated]: syz.5.6834 (pid 21678) Use of struct sctp_assoc_value in delayed_ack socket option.
[  465.651823][T21678] Use struct sctp_sack_info instead
[  465.667729][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  465.700549][T21680] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6833'.
[  465.982868][T21698] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6842'.
[  465.986623][T21698] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6842'.
[  466.177030][   T10] usb 6-1: new low-speed USB device number 40 using dummy_hcd
[  466.348708][   T10] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  466.352131][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  466.356723][   T10] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  466.359025][T21712] syzkaller1: entered promiscuous mode
[  466.362167][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  466.364085][T21712] syzkaller1: entered allmulticast mode
[  466.372394][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  466.378688][   T10] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  466.381941][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  466.386271][   T10] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  466.390333][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  466.393950][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  466.398584][   T10] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  466.401013][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  466.404353][   T10] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  466.408200][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  466.411728][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  466.417886][   T10] usb 6-1: string descriptor 0 read error: -22
[  466.420168][   T10] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  466.423095][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  466.431646][   T10] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  466.704650][   T40] audit: type=1326 audit(1777559807.393:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21718 comm="syz.5.6851" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f34fcc code=0x0
[  466.717621][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  467.615007][T21735] syzkaller1: entered promiscuous mode
[  467.617726][T21735] syzkaller1: entered allmulticast mode
[  467.757206][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  467.777131][   T24] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  467.939273][   T24] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  467.943179][   T24] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  467.953462][   T24] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  467.957572][   T24] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  467.962217][   T24] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  467.970504][   T24] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  467.977396][   T24] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  467.980936][   T24] usb 10-1: Product: syz
[  467.982768][   T24] usb 10-1: Manufacturer: syz
[  467.990999][   T24] cdc_wdm 10-1:1.0: skipping garbage
[  467.994586][   T24] cdc_wdm 10-1:1.0: skipping garbage
[  467.998636][   T24] cdc_wdm 10-1:1.0: cdc-wdm1: USB WDM device
[  468.001246][   T24] cdc_wdm 10-1:1.0: Unknown control protocol
[  468.039110][T21749] input: syz0 as /devices/virtual/input/input44
[  468.405635][T21761] input: syz0 as /devices/virtual/input/input45
[  468.711535][T20522] usb 6-1: USB disconnect, device number 40
[  468.752440][T21778] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.6877'.
[  468.787845][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  468.876160][   T40] audit: type=1326 audit(1777559809.563:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21791 comm="syz.4.6884" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  468.887682][   T40] audit: type=1326 audit(1777559809.583:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21791 comm="syz.4.6884" exe="/syz-executor" sig=0 arch=40000003 syscall=131 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  468.900744][   T40] audit: type=1326 audit(1777559809.583:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21791 comm="syz.4.6884" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  468.911685][   T40] audit: type=1326 audit(1777559809.583:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21791 comm="syz.4.6884" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  468.921373][   T40] audit: type=1326 audit(1777559809.583:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21791 comm="syz.4.6884" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  468.930753][T21794] geneve2: entered promiscuous mode
[  468.931736][   T40] audit: type=1326 audit(1777559809.583:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21791 comm="syz.4.6884" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  468.933529][T21794] geneve2: entered allmulticast mode
[  468.943197][   T40] audit: type=1326 audit(1777559809.583:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21791 comm="syz.4.6884" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  468.954129][   T40] audit: type=1326 audit(1777559809.583:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21791 comm="syz.4.6884" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  468.963624][   T40] audit: type=1326 audit(1777559809.583:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21791 comm="syz.4.6884" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76fcc code=0x7ffc0000
[  469.157016][T20522] usb 9-1: new low-speed USB device number 11 using dummy_hcd
[  469.309039][T20522] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  469.314719][T20522] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  469.318211][T20522] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  469.321938][T20522] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  469.325431][T20522] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  469.330614][T20522] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  469.333102][T20522] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  469.336489][T20522] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  469.340428][T20522] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  469.344089][T20522] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  469.348519][T20522] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  469.350961][T20522] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  469.354665][T20522] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  469.359873][T20522] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  469.363451][T20522] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  469.369121][T20522] usb 9-1: string descriptor 0 read error: -22
[  469.371124][T20522] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  469.374270][T20522] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  469.381484][T20522] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  469.411911][T21615] udevd[21615]: inotify_add_watch(7, /dev/nbd2, 10) failed: No such file or directory
[  469.461006][T21615] udevd[21615]: inotify_add_watch(7, /dev/nbd2, 10) failed: No such file or directory
[  469.468232][ T5093] block nbd2: Receive control failed (result -32)
[  469.469222][ T5752] block nbd2: Receive control failed (result -32)
[  469.471135][ T5743] block nbd2: Receive control failed (result -32)
[  469.524070][T21816] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  469.797042][    T9] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  469.827742][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  469.957040][    T9] usb 6-1: Using ep0 maxpacket: 8
[  469.961154][    T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  469.964778][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  469.967813][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  469.970803][    T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  469.975546][    T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  469.978602][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.186986][    T9] usb 6-1: GET_CAPABILITIES returned 0
[  470.188808][    T9] usbtmc 6-1:16.0: can't read capabilities
[  470.387452][ T1261] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  470.391201][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  470.530661][   T29] usb 10-1: USB disconnect, device number 15
[  470.867545][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  471.667921][T20522] usb 9-1: USB disconnect, device number 11
[  471.669221][   T10] usb 6-1: USB disconnect, device number 41
[  471.917384][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  472.307421][T20522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  472.561872][T21841] input: syz0 as /devices/virtual/input/input46
[  472.675835][T21850] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.6909'.
[  472.797200][T20522] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  472.948166][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  472.948972][T20522] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  472.954676][T20522] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  472.958369][T20522] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  472.963914][T20522] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  472.967303][T20522] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.973485][T20522] usb 9-1: config 0 descriptor??
[  473.395425][T20522] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  473.399169][T20522] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  473.402021][T20522] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  473.404552][T20522] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  473.407241][T20522] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  473.409757][T20522] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  473.413015][T20522] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  473.416074][T20522] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  473.419208][T20522] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  473.421871][T20522] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  473.428825][T20522] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  473.652763][   T10] usb 9-1: USB disconnect, device number 12
[  473.997653][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.204361][T21899] netlink: 148 bytes leftover after parsing attributes in process `syz.1.6930'.
[  474.230216][ T5093] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  474.232345][ T5752] Bluetooth: hci4: command 0x1003 tx timeout
[  474.357333][T21910] syzkaller1: entered promiscuous mode
[  474.360723][T21910] syzkaller1: entered allmulticast mode
[  474.418311][T21915] 
[  474.419142][T21915] ======================================================
[  474.421480][T21915] WARNING: possible circular locking dependency detected
[  474.424067][T21915] syzkaller #0 Tainted: G             L     
[  474.426124][T21915] ------------------------------------------------------
[  474.428374][T21915] syz.1.6938/21915 is trying to acquire lock:
[  474.430552][T21915] ffffffff8e9b0800 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc_node_noprof+0x53/0x6f0
[  474.433761][T21915] 
[  474.433761][T21915] but task is already holding lock:
[  474.436173][T21915] ffff888051f70260 (sk_lock-AF_INET6){+.+.}-{0:0}, at: tcp_close+0x1d/0x110
[  474.439159][T21915] 
[  474.439159][T21915] which lock already depends on the new lock.
[  474.439159][T21915] 
[  474.442763][T21915] 
[  474.442763][T21915] the existing dependency chain (in reverse order) is:
[  474.445690][T21915] 
[  474.445690][T21915] -> #6 (sk_lock-AF_INET6){+.+.}-{0:0}:
[  474.448323][T21915]        lock_sock_nested+0x41/0xf0
[  474.450198][T21915]        inet_shutdown+0x67/0x410
[  474.451853][T21915]        nbd_mark_nsock_dead+0xae/0x5c0
[  474.453665][T21915]        sock_shutdown+0x16b/0x200
[  474.455322][T21915]        nbd_config_put+0x1eb/0x750
[  474.457112][T21915]        nbd_genl_connect+0xaf8/0x1a40
[  474.458988][T21915]        genl_family_rcv_msg_doit+0x214/0x300
[  474.461442][T21915]        genl_rcv_msg+0x560/0x800
[  474.463085][T21915]        netlink_rcv_skb+0x159/0x420
[  474.464824][T21915]        genl_rcv+0x28/0x40
[  474.466456][T21915]        netlink_unicast+0x585/0x850
[  474.468294][T21915]        netlink_sendmsg+0x8b0/0xda0
[  474.470142][T21915]        ____sys_sendmsg+0x9e1/0xb70
[  474.471906][T21915]        ___sys_sendmsg+0x190/0x1e0
[  474.473605][T21915]        __sys_sendmsg+0x170/0x220
[  474.475285][T21915]        __do_fast_syscall_32+0xe7/0x950
[  474.477064][T21915]        do_fast_syscall_32+0x32/0x70
[  474.478908][T21915]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  474.481552][T21915] 
[  474.481552][T21915] -> #5 (&nsock->tx_lock){+.+.}-{4:4}:
[  474.483923][T21915]        __mutex_lock+0x1a4/0x1b10
[  474.485577][T21915]        nbd_queue_rq+0x428/0x1080
[  474.487217][T21915]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  474.489256][T21915]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  474.491932][T21915]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  474.494647][T21915]        blk_mq_run_hw_queue+0x23c/0x670
[  474.497029][T21915]        blk_mq_dispatch_list+0x51d/0x1360
[  474.499473][T21915]        blk_mq_flush_plug_list+0x130/0x600
[  474.501912][T21915]        __blk_flush_plug+0x2c4/0x4b0
[  474.504129][T21915]        __submit_bio+0x584/0x6c0
[  474.506190][T21915]        submit_bio_noacct_nocheck+0x543/0xbf0
[  474.508695][T21915]        submit_bio_noacct+0xd18/0x2000
[  474.510975][T21915]        submit_bh_wbc+0x681/0x890
[  474.513117][T21915]        block_read_full_folio+0x4c8/0x8e0
[  474.515419][T21915]        filemap_read_folio+0xfc/0x3b0
[  474.517438][T21915]        do_read_cache_folio+0x2d7/0x6b0
[  474.519633][T21915]        read_part_sector+0xd1/0x370
[  474.521854][T21915]        adfspart_check_ICS+0x91/0x7d0
[  474.523940][T21915]        bdev_disk_changed+0x7a3/0x1250
[  474.526002][T21915]        blkdev_get_whole+0x187/0x290
[  474.527958][T21915]        bdev_open+0x2c7/0xe40
[  474.529768][T21915]        blkdev_open+0x34e/0x4f0
[  474.531712][T21915]        do_dentry_open+0x6d8/0x1660
[  474.533508][T21915]        vfs_open+0x82/0x3f0
[  474.535119][T21915]        path_openat+0x208c/0x31a0
[  474.536798][T21915]        do_file_open+0x20e/0x430
[  474.538494][T21915]        do_sys_openat2+0x10d/0x1e0
[  474.540549][T21915]        __x64_sys_openat+0x12d/0x210
[  474.542862][T21915]        do_syscall_64+0x10b/0xf80
[  474.545064][T21915]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.547753][T21915] 
[  474.547753][T21915] -> #4 (&cmd->lock){+.+.}-{4:4}:
[  474.550752][T21915]        __mutex_lock+0x1a4/0x1b10
[  474.552846][T21915]        nbd_queue_rq+0xba/0x1080
[  474.554995][T21915]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  474.557541][T21915]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  474.559891][T21915]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  474.562044][T21915]        blk_mq_run_hw_queue+0x23c/0x670
[  474.564078][T21915]        blk_mq_dispatch_list+0x51d/0x1360
[  474.566025][T21915]        blk_mq_flush_plug_list+0x130/0x600
[  474.567973][T21915]        __blk_flush_plug+0x2c4/0x4b0
[  474.569824][T21915]        __submit_bio+0x584/0x6c0
[  474.571990][T21915]        submit_bio_noacct_nocheck+0x543/0xbf0
[  474.574329][T21915]        submit_bio_noacct+0xd18/0x2000
[  474.576626][T21915]        submit_bh_wbc+0x681/0x890
[  474.578793][T21915]        block_read_full_folio+0x4c8/0x8e0
[  474.581309][T21915]        filemap_read_folio+0xfc/0x3b0
[  474.583628][T21915]        do_read_cache_folio+0x2d7/0x6b0
[  474.586000][T21915]        read_part_sector+0xd1/0x370
[  474.588167][T21915]        adfspart_check_ICS+0x91/0x7d0
[  474.590254][T21915]        bdev_disk_changed+0x7a3/0x1250
[  474.592302][T21915]        blkdev_get_whole+0x187/0x290
[  474.594309][T21915]        bdev_open+0x2c7/0xe40
[  474.596098][T21915]        blkdev_open+0x34e/0x4f0
[  474.597888][T21915]        do_dentry_open+0x6d8/0x1660
[  474.599850][T21915]        vfs_open+0x82/0x3f0
[  474.601709][T21915]        path_openat+0x208c/0x31a0
[  474.603722][T21915]        do_file_open+0x20e/0x430
[  474.605756][T21915]        do_sys_openat2+0x10d/0x1e0
[  474.607876][T21915]        __x64_sys_openat+0x12d/0x210
[  474.610186][T21915]        do_syscall_64+0x10b/0xf80
[  474.612354][T21915]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.614918][T21915] 
[  474.614918][T21915] -> #3 (set->srcu){.+.+}-{0:0}:
[  474.617880][T21915]        __synchronize_srcu+0xa2/0x300
[  474.620222][T21915]        blk_mq_quiesce_queue+0x149/0x1c0
[  474.622395][T21915]        elevator_switch+0x17b/0x7e0
[  474.624668][T21915]        elevator_change+0x352/0x530
[  474.626949][T21915]        elevator_set_default+0x29e/0x360
[  474.629315][T21915]        blk_register_queue+0x48e/0x630
[  474.631609][T21915]        __add_disk+0x73f/0xe40
[  474.633614][T21915]        add_disk_fwnode+0x118/0x5c0
[  474.635835][T21915]        nbd_dev_add+0x77a/0xb10
[  474.637852][T21915]        nbd_init+0x291/0x2b0
[  474.640008][T21915]        do_one_initcall+0x121/0x750
[  474.642174][T21915]        kernel_init_freeable+0x6ea/0x7b0
[  474.644473][T21915]        kernel_init+0x1f/0x1e0
[  474.646493][T21915]        ret_from_fork+0x72b/0xd50
[  474.648620][T21915]        ret_from_fork_asm+0x1a/0x30
[  474.650767][T21915] 
[  474.650767][T21915] -> #2 (&q->elevator_lock){+.+.}-{4:4}:
[  474.653931][T21915]        __mutex_lock+0x1a4/0x1b10
[  474.655839][T21915]        elevator_change+0x1bc/0x530
[  474.658027][T21915]        elevator_set_none+0x92/0xf0
[  474.660178][T21915]        blk_mq_update_nr_hw_queues+0x4c1/0x15f0
[  474.662651][T21915]        nbd_start_device+0x1a6/0xbd0
[  474.664821][T21915]        nbd_genl_connect+0xff2/0x1a40
[  474.667007][T21915]        genl_family_rcv_msg_doit+0x214/0x300
[  474.669423][T21915]        genl_rcv_msg+0x560/0x800
[  474.671181][T21915]        netlink_rcv_skb+0x159/0x420
[  474.673357][T21915]        genl_rcv+0x28/0x40
[  474.675166][T21915]        netlink_unicast+0x585/0x850
[  474.676899][T21915]        netlink_sendmsg+0x8b0/0xda0
[  474.678776][T21915]        ____sys_sendmsg+0x9e1/0xb70
[  474.680882][T21915]        ___sys_sendmsg+0x190/0x1e0
[  474.683078][T21915]        __sys_sendmsg+0x170/0x220
[  474.685246][T21915]        __do_fast_syscall_32+0xe7/0x950
[  474.687166][T21915]        do_fast_syscall_32+0x32/0x70
[  474.689439][T21915]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  474.692406][T21915] 
[  474.692406][T21915] -> #1 (&q->q_usage_counter(io)#51){++++}-{0:0}:
[  474.696015][T21915]        blk_alloc_queue+0x610/0x790
[  474.698260][T21915]        blk_mq_alloc_queue+0x174/0x290
[  474.700611][T21915]        __blk_mq_alloc_disk+0x29/0x120
[  474.702926][T21915]        nbd_dev_add+0x492/0xb10
[  474.705022][T21915]        nbd_init+0x291/0x2b0
[  474.707072][T21915]        do_one_initcall+0x121/0x750
[  474.709317][T21915]        kernel_init_freeable+0x6ea/0x7b0
[  474.711647][T21915]        kernel_init+0x1f/0x1e0
[  474.713744][T21915]        ret_from_fork+0x72b/0xd50
[  474.715885][T21915]        ret_from_fork_asm+0x1a/0x30
[  474.718130][T21915] 
[  474.718130][T21915] -> #0 (fs_reclaim){+.+.}-{0:0}:
[  474.721129][T21915]        __lock_acquire+0x14b8/0x2630
[  474.722843][T21915]        lock_acquire+0x1b1/0x370
[  474.724423][T21915]        fs_reclaim_acquire+0xc4/0x100
[  474.726170][T21915]        kmem_cache_alloc_node_noprof+0x53/0x6f0
[  474.728151][T21915]        kmalloc_reserve+0x148/0x350
[  474.729953][T21915]        __alloc_skb+0x185/0x710
[  474.732081][T21915]        tcp_send_active_reset+0x8b/0xa50
[  474.733910][T21915]        __tcp_close+0x41e/0x1110
[  474.735516][T21915]        tcp_close+0x28/0x110
[  474.737006][T21915]        inet_release+0xed/0x200
[  474.738726][T21915]        inet6_release+0x4f/0x70
[  474.740594][T21915]        __sock_release+0xb3/0x260
[  474.742753][T21915]        sock_close+0x1c/0x30
[  474.744795][T21915]        __fput+0x3ff/0xb50
[  474.746735][T21915]        task_work_run+0x150/0x240
[  474.748850][T21915]        exit_to_user_mode_loop+0x100/0x4a0
[  474.751369][T21915]        __do_fast_syscall_32+0x608/0x950
[  474.753880][T21915]        do_fast_syscall_32+0x32/0x70
[  474.756216][T21915]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  474.759197][T21915] 
[  474.759197][T21915] other info that might help us debug this:
[  474.759197][T21915] 
[  474.763475][T21915] Chain exists of:
[  474.763475][T21915]   fs_reclaim --> &nsock->tx_lock --> sk_lock-AF_INET6
[  474.763475][T21915] 
[  474.768825][T21915]  Possible unsafe locking scenario:
[  474.768825][T21915] 
[  474.771975][T21915]        CPU0                    CPU1
[  474.774324][T21915]        ----                    ----
[  474.776651][T21915]   lock(sk_lock-AF_INET6);
[  474.778634][T21915]                                lock(&nsock->tx_lock);
[  474.781639][T21915]                                lock(sk_lock-AF_INET6);
[  474.784616][T21915]   lock(fs_reclaim);
[  474.786436][T21915] 
[  474.786436][T21915]  *** DEADLOCK ***
[  474.786436][T21915] 
[  474.789783][T21915] 2 locks held by syz.1.6938/21915:
[  474.792082][T21915]  #0: ffff8880502d4a40 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x260
[  474.796508][T21915]  #1: ffff888051f70260 (sk_lock-AF_INET6){+.+.}-{0:0}, at: tcp_close+0x1d/0x110
[  474.800415][T21915] 
[  474.800415][T21915] stack backtrace:
[  474.802959][T21915] CPU: 2 UID: 0 PID: 21915 Comm: syz.1.6938 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  474.802975][T21915] Tainted: [L]=SOFTLOCKUP
[  474.802979][T21915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  474.802985][T21915] Call Trace:
[  474.802991][T21915]  <TASK>
[  474.802997][T21915]  dump_stack_lvl+0x100/0x190
[  474.803011][T21915]  print_circular_bug.cold+0x178/0x1c7
[  474.803030][T21915]  check_noncircular+0x146/0x160
[  474.803047][T21915]  ? kasan_save_track+0x14/0x30
[  474.803059][T21915]  ? sock_close+0x1c/0x30
[  474.803070][T21915]  __lock_acquire+0x14b8/0x2630
[  474.803082][T21915]  lock_acquire+0x1b1/0x370
[  474.803092][T21915]  ? kmem_cache_alloc_node_noprof+0x53/0x6f0
[  474.803112][T21915]  fs_reclaim_acquire+0xc4/0x100
[  474.803125][T21915]  ? kmem_cache_alloc_node_noprof+0x53/0x6f0
[  474.803146][T21915]  kmem_cache_alloc_node_noprof+0x53/0x6f0
[  474.803167][T21915]  ? kmalloc_reserve+0x148/0x350
[  474.803181][T21915]  kmalloc_reserve+0x148/0x350
[  474.803196][T21915]  __alloc_skb+0x185/0x710
[  474.803215][T21915]  ? __alloc_skb+0x5b7/0x710
[  474.803231][T21915]  ? __pfx___alloc_skb+0x10/0x10
[  474.803248][T21915]  ? skb_attempt_defer_free+0x310/0x830
[  474.803264][T21915]  tcp_send_active_reset+0x8b/0xa50
[  474.803277][T21915]  __tcp_close+0x41e/0x1110
[  474.803299][T21915]  tcp_close+0x28/0x110
[  474.803307][T21915]  inet_release+0xed/0x200
[  474.803323][T21915]  inet6_release+0x4f/0x70
[  474.803334][T21915]  __sock_release+0xb3/0x260
[  474.803348][T21915]  ? __pfx_sock_close+0x10/0x10
[  474.803359][T21915]  sock_close+0x1c/0x30
[  474.803369][T21915]  __fput+0x3ff/0xb50
[  474.803384][T21915]  ? _raw_spin_unlock_irq+0x23/0x50
[  474.803397][T21915]  task_work_run+0x150/0x240
[  474.803411][T21915]  ? __pfx_task_work_run+0x10/0x10
[  474.803425][T21915]  ? rcu_is_watching+0x12/0xc0
[  474.803438][T21915]  exit_to_user_mode_loop+0x100/0x4a0
[  474.803449][T21915]  ? __do_fast_syscall_32+0x373/0x950
[  474.803464][T21915]  __do_fast_syscall_32+0x608/0x950
[  474.803482][T21915]  do_fast_syscall_32+0x32/0x70
[  474.803496][T21915]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  474.803510][T21915] RIP: 0023:0xf702efcc
[  474.803520][T21915] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  474.803531][T21915] RSP: 002b:00000000ffae47ac EFLAGS: 00000202 ORIG_RAX: 00000000000001b4
[  474.803542][T21915] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e
[  474.803548][T21915] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  474.803554][T21915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  474.803560][T21915] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  474.803566][T21915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  474.803576][T21915]  </TASK>
[  474.947141][T21918] syzkaller1: entered promiscuous mode
[  474.949685][T21918] syzkaller1: entered allmulticast mode
[  475.038620][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  476.077477][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  476.147491][  T104] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  476.150436][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  477.107249][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  478.147368][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.187335][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.227197][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  481.277569][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  481.907340][T20522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  481.910389][ T1157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  481.913161][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  482.307430][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  483.357338][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  484.387184][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog