last executing test programs: 4m41.767590733s ago: executing program 3 (id=86): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) munlockall() madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) munlockall() madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) 4m41.275693146s ago: executing program 3 (id=91): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8) close(r1) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$LINK_DETACH(0x22, 0x0, 0x0) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000080)={r1, r0, 0x4, r0}, 0x10) 4m41.14306275s ago: executing program 3 (id=94): r0 = socket$vsock_stream(0x28, 0x1, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) r2 = eventfd2(0xd, 0x1) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000080)={0x0, r2}) close_range(r0, 0xffffffffffffffff, 0x0) 4m40.90813375s ago: executing program 3 (id=98): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x20000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) 4m40.7820079s ago: executing program 3 (id=100): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) close(r0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x20086}], 0x1}}], 0x1, 0x0) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x600, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 4m40.408361293s ago: executing program 3 (id=103): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xe, 0x4, 0x8, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r1, 0x0, 0x5}, 0x18) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 4m39.811265961s ago: executing program 32 (id=103): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xe, 0x4, 0x8, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r1, 0x0, 0x5}, 0x18) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 3m49.485530664s ago: executing program 2 (id=503): r0 = socket$l2tp(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) r1 = socket$kcm(0x2, 0x2, 0x73) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e22, @broadcast}, 0x10) r2 = socket$kcm(0x2, 0x2, 0x73) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e22, @empty=0xe0000001}, 0x10) 3m49.308333395s ago: executing program 2 (id=505): mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./file0/file0\x00', 0x74) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000040)='./file0/file0\x00', &(0x7f0000002100), 0xc890, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000004000', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB="2c6b656661756c74087065726d697373696f6e732c616c6c6f775f6f746865722c636f6e746578743d73797361646d5f752c6673636f6e746578743d73797374656d1f752c6f626a5f757365723d2c0a2c2c7375626a5f757365723d692c232c0046d769e82cba933820b3eaf67e4f80bcfe"]) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000e2b4fc4068a11806a4e3010203010902120001000000000904d9"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x48100, 0x48) 3m47.50380692s ago: executing program 2 (id=519): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0008001800030002"], 0x1c}, 0x1, 0x0, 0x0, 0x20040040}, 0x6080) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 3m47.284196143s ago: executing program 2 (id=522): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x3f46137792f68265) syz_clone(0x180, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0xc0049364, &(0x7f00000001c0)) 3m47.080281974s ago: executing program 2 (id=527): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xd7, 0xcc, 0x73, 0x20, 0x856, 0xac30, 0x7e79, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xe1, 0x0, 0x0, 0xde, 0xf5, 0x9c}}]}}]}}, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0xa, "8d932a91"}]}}, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 3m46.708482942s ago: executing program 2 (id=531): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e4c5ad101d0620c0159c01020301090212e700000000000904"], 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000040)={0x44, &(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000200)={0x40, 0x1d, 0x3, "64a744"}, 0x0, 0x0, 0x0, 0x0, 0x0}) 3m46.282968714s ago: executing program 33 (id=531): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e4c5ad101d0620c0159c01020301090212e700000000000904"], 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000040)={0x44, &(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000200)={0x40, 0x1d, 0x3, "64a744"}, 0x0, 0x0, 0x0, 0x0, 0x0}) 1m10.781605127s ago: executing program 5 (id=2369): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @multicast1}, 0x10) setsockopt$sock_int(r0, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xffffffff}, 0x1c) listen(r0, 0x0) 1m10.523996114s ago: executing program 5 (id=2371): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f00000001c0)=ANY=[], 0x12f4}, 0x1, 0x0, 0x0, 0x40840}, 0x48000) pselect6(0x900, 0x0, 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 1m10.283689643s ago: executing program 5 (id=2374): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000280)={@my=0x1}) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) syz_usb_connect(0x0, 0x2d, 0x0, 0x0) 1m7.518198899s ago: executing program 5 (id=2404): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) pivot_root(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00') 1m7.439924025s ago: executing program 5 (id=2407): openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80) r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201500200000010ac0542024000010203010902240001010008050904007f020301020909250f008101227205090581030006"], &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x108) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000a40)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000900)={0x20, 0x1, 0x8, "387e93966e2f9271"}, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) 1m7.08370047s ago: executing program 5 (id=2411): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030036000b05d25a806c8c6f94f90224fc60100005000a", 0x19}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="97d9deabea352018000000000000006761110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="3504000040000511d25a35400c0002000200002037153e370c040180060410", 0x1f}], 0x1}, 0x10049014) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b05d25a806f8c6394f91a24fc600702", 0x16}], 0x1, 0x0, 0x0, 0x400300}, 0x20044050) r0 = socket$kcm(0x10, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) 1m6.821663518s ago: executing program 34 (id=2411): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030036000b05d25a806c8c6f94f90224fc60100005000a", 0x19}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="97d9deabea352018000000000000006761110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="3504000040000511d25a35400c0002000200002037153e370c040180060410", 0x1f}], 0x1}, 0x10049014) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b05d25a806f8c6394f91a24fc600702", 0x16}], 0x1, 0x0, 0x0, 0x400300}, 0x20044050) r0 = socket$kcm(0x10, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) 18.180465987s ago: executing program 7 (id=2836): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57) setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 17.984020102s ago: executing program 7 (id=2839): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) pselect6(0x40, &(0x7f0000000180)={0x1f, 0x0, 0x8001, 0x3}, 0x0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) 17.708135601s ago: executing program 7 (id=2842): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x10, 0x803, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x74, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xfff2, 0x4}, {}, {0x5, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x44, 0x2, [@TCA_FLOW_EMATCHES={0x40, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x34, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x1c, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{}, {0x5, 0x8}}}, @TCA_EM_META_LVALUE={0x4}]}}]}]}]}}]}, 0x74}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054) 17.388620275s ago: executing program 7 (id=2846): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1a8584c, 0x0) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x120584c, 0x0) 17.173935429s ago: executing program 7 (id=2851): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99bfa0018", 0x5) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000001800)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000005000)=ANY=[], 0x1198}, 0x1, 0x0, 0x0, 0x40}, 0x880) recvmmsg$unix(r1, &(0x7f0000006540)=[{{0x0, 0x0, &(0x7f0000003640)=[{&(0x7f00000034c0)=""/5, 0x5}, {&(0x7f0000004000)=""/4096, 0x1000}], 0x2}}], 0x1, 0x0, 0x0) 16.85349512s ago: executing program 7 (id=2855): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000200), 0x3, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000) 16.626755575s ago: executing program 35 (id=2855): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000200), 0x3, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000) 8.634754557s ago: executing program 4 (id=2944): r0 = io_uring_setup(0x79bf, &(0x7f0000000180)) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) fanotify_mark(0xffffffffffffffff, 0x1, 0x40000019, r1, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r2, 0x1, 0x2e, &(0x7f0000000000)=r2, 0x4) recvmsg(r2, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 7.689380543s ago: executing program 4 (id=2960): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x2, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000200)=ANY=[@ANYBLOB="401504"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 5.228213271s ago: executing program 4 (id=2979): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xfec0ffffffffffff, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0xfc, 0x0, 0x0, 0x9, 0x0, 0x4, 0xfe, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x3}, 0xe) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f00000000c0)=0x1, 0x4) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000000)=0x7ff, 0x4) shutdown(r0, 0x1) recvmmsg(r0, &(0x7f0000000840)=[{{0x0, 0x41, 0x0}}], 0x414, 0x406, 0x0) 4.895892719s ago: executing program 4 (id=2985): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) r1 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2, 0x2, {0x0, 0xf0, 0x3}}, 0x18) sendmmsg$inet6(r1, &(0x7f0000001d80)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="e6810f78943c39de", 0x8}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x40800) syz_usb_connect(0x0, 0x4a, 0x0, 0x0) 4.867597144s ago: executing program 6 (id=2986): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_IO(r0, 0x2285, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x0, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @time={0x367f, 0xfffffffd}, {}, {0x80}, @time=@time={0x9, 0x1}}], 0x38) write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x2a, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x1, 0x0, @time={0xffffffff}, {0x4}, {0x0, 0x4}, @time=@tick=0x3}, {0xff, 0x0, 0x0, 0x0, @time={0x7}, {0x0, 0x3}, {}, @control={0x0, 0x0, 0x800}}, {0x0, 0x0, 0x0, 0x7, @tick, {}, {0x0, 0x4}, @raw32={[0x0, 0xffffffff, 0x5df]}}, {0x0, 0x0, 0x0, 0x0, @tick, {0x0, 0x3}, {}, @quote={{0x0, 0xfe}}}, {0x0, 0x0, 0x0, 0x5, @time, {0x2}, {0x0, 0x9}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x1, 0x1, 0x0, @tick=0x401, {}, {}, @connect}], 0xc4) read$snapshot(r1, 0x0, 0xffffffbf) read$snapshot(r1, 0x0, 0x0) 4.719178206s ago: executing program 6 (id=2987): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) write$uinput_user_dev(r0, 0x0, 0x0) dup(r0) r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1}) io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0) 4.429095664s ago: executing program 8 (id=2991): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x40810, 0x7}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x4}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x200404c1}, 0x4000000) write$binfmt_register(0xffffffffffffffff, &(0x7f0000000100)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0x40800000000000, 0x3a, 'btrfs\x00', 0x3a, 'quota', 0x3a, './file1'}, 0x32) syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x270, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0203"], 0x10}}, 0x20040010) io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0x0, 0x0}}) 4.279874271s ago: executing program 8 (id=2993): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) writev(r0, &(0x7f0000000480)=[{&(0x7f0000000100)="8900ee2c78da", 0x6}, {&(0x7f0000000440)="9c74dfbf", 0x4}, {&(0x7f0000000580)="9faa88a8", 0x4}, {&(0x7f0000000380)="1aff5eaacc", 0x5}, {&(0x7f00000005c0)="b2", 0x1}], 0x5) 4.04227656s ago: executing program 6 (id=2995): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x10, 0x803, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbf6, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x1a19, 0xfffffffe, 0x8000, 0xffffffff, 0x100, 0xa, 0x4, 0x6, 0x101}}}}]}, 0x58}}, 0x40804) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=@delqdisc={0x24, 0x25, 0x1, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xe, 0x10}, {0x1, 0x9}, {0x8, 0xffe3}}}, 0x24}}, 0x20040054) 3.626123632s ago: executing program 1 (id=2996): r0 = socket(0x2a, 0x2, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000014c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_IIF={0x8}]}}]}, 0x3c}}, 0x24004000) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 3.393234466s ago: executing program 0 (id=2997): r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) r2 = fcntl$dupfd(r0, 0x0, r0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)={0x1}) 3.290081531s ago: executing program 0 (id=2998): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1}}) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x42082) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000040)={{0x1, 0x2}}) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r2, 0xc0f85403, &(0x7f0000000040)) 3.289360148s ago: executing program 4 (id=2999): r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x5b04, 0x0) pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="d6", 0x1}], 0x1, 0x7fff, 0x2) 3.192622548s ago: executing program 0 (id=3000): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xf}, {0xffff, 0xffff}, {0x4, 0xa}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x13, 0x1, {0x9, 0x1, 0x7, 0xde, 0xd, 0x9, 0xffffffff, 0x3, 0x10}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20048845}, 0x0) 1.581779779s ago: executing program 6 (id=3001): r0 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}}) r1 = gettid() rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffed]}, 0x0, 0x8) timer_create(0x2, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r1}, &(0x7f0000044000)) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) 1.531544208s ago: executing program 1 (id=3002): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000100)=@x86={0xe8, 0x3, 0x2, 0x0, 0x36b, 0x7, 0xe, 0x83, 0x2, 0x7, 0x7, 0x5, 0x0, 0x0, 0x5, 0x1, 0x6, 0x61, 0xf, '\x00', 0xd, 0x2}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.53078815s ago: executing program 8 (id=3003): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x4000, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000000)='./file0\x00', r0, 0x0) 1.433255246s ago: executing program 0 (id=3004): socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) close(0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00') mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket(0x14, 0xa, 0x1000003) ioctl$sock_SIOCGIFINDEX(r0, 0x401061f4, 0x0) 1.432333953s ago: executing program 8 (id=3005): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = syz_io_uring_setup(0x1237, &(0x7f0000000380)={0x0, 0x80fd, 0x80, 0x3, 0x2b9}, &(0x7f0000000040)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x0, 0x0}) io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) dup2(r4, r0) 1.27320122s ago: executing program 1 (id=3006): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x80) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.072686855s ago: executing program 1 (id=3007): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000340)=0x2) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x189a42, 0x0) ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000040)=0xfffffffd) close(r1) 793.533322ms ago: executing program 8 (id=3008): r0 = socket(0x11, 0x3, 0x0) socket(0x200000000000011, 0x2, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) bind$packet(r0, &(0x7f00000001c0)={0x11, 0x0, r2, 0x1, 0x2, 0x6, @broadcast}, 0x14) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) 703.31854ms ago: executing program 1 (id=3009): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000007640)=ANY=[], 0x3aa0}}, 0x0) recvmsg(r1, &(0x7f0000002b80)={0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f0000000980)=""/4096, 0x1000}], 0x1}, 0x0) 590.682505ms ago: executing program 6 (id=3010): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x10000}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x810}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xb, 0x9}, {}, {0xe, 0x2}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xffff, 0xffe0}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4040049}, 0x20004804) 523.077692ms ago: executing program 1 (id=3011): r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x1254, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0}) io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 384.029184ms ago: executing program 0 (id=3012): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = io_uring_setup(0xf08, &(0x7f00000003c0)={0x0, 0xfb6e, 0x38c1, 0x4, 0xf0}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000000c000/0x1000)=nil, &(0x7f000001f000/0x1000)=nil, &(0x7f0000015000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f000000c000/0x4000)=nil, &(0x7f000001d000/0x3000)=nil, &(0x7f0000012000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0}, 0x68) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000000bf00)=@newtaction={0x14, 0x30, 0x200, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4000080) io_uring_register$IORING_REGISTER_FILES(r1, 0x20, &(0x7f0000000000)=[r1], 0x1) 189.940602ms ago: executing program 8 (id=3013): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000140)={r1, 0x1, 0x6, @local}, 0x10) r2 = socket$phonet(0x23, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'hsr0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000200)={r3, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x10) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000580)={r1, 0x1, 0x6, @local}, 0x10) 142.806916ms ago: executing program 6 (id=3014): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10) r0 = socket(0x2, 0x2, 0x1) bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e) r1 = socket(0x2, 0x2, 0x1) bind$unix(r1, &(0x7f0000000000)=@abs, 0x6e) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00') preadv(r2, &(0x7f00000007c0)=[{&(0x7f0000001ac0)=""/175, 0xaf}], 0x1, 0x8001, 0x2081) 142.562436ms ago: executing program 4 (id=3015): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x2, 0x1}}, 0x20) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000}) 0s ago: executing program 0 (id=3016): read$FUSE(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x408880, 0x40) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) mount(0x0, &(0x7f0000000080)='./cgroup\x00', 0x0, 0x10, 0x0) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8}) kernel console output (not intermixed with test programs): eue, screwing up backlog [ 202.204017][ T1597] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 202.256585][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.393962][ T1597] usb 2-1: config 1 has an invalid descriptor of length 116, skipping remainder of the config [ 202.424207][ T1597] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 202.457203][ T1597] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 202.476664][ T1597] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.502355][ T1597] usb 2-1: Product: syz [ 202.512462][ T1597] usb 2-1: Manufacturer: syz [ 202.517326][ T1597] usb 2-1: SerialNumber: syz [ 202.554014][ T5953] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 202.746288][ T5953] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 202.774058][ T5953] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 24623, setting to 1024 [ 202.791175][ T1597] usb 2-1: 0:2 : does not exist [ 202.804338][ T5953] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 202.831468][ T5953] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 202.833404][ T1597] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 202.870075][ T5953] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.909553][ T8691] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 202.924034][ T1597] usb 2-1: USB disconnect, device number 10 [ 202.967410][ T5953] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 203.265307][ T1597] usb 5-1: USB disconnect, device number 11 [ 203.294973][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.616971][ T5897] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.744625][ T8735] loop8: detected capacity change from 0 to 7 [ 203.764401][ T8735] Dev loop8: unable to read RDB block 7 [ 203.770073][ T8735] loop8: unable to read partition table [ 203.804343][ T8735] loop8: partition table beyond EOD, truncated [ 203.810593][ T8735] loop_reread_partitions: partition scan of loop8 (þ被xü—ŸÑà– ) failed (rc=-5) [ 203.891517][ T8739] Dev loop8: unable to read RDB block 7 [ 203.902945][ T8739] loop8: unable to read partition table [ 203.916142][ T8739] loop8: partition table beyond EOD, truncated [ 203.942905][ T8739] loop_reread_partitions: partition scan of loop8 (þ被xü—ŸÑà– ) failed (rc=-5) [ 204.102837][ T8745] Bluetooth: hci0: invalid length 0, exp 2 for type 7 [ 204.334449][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.379518][ T8759] netlink: 'syz.0.1021': attribute type 1 has an invalid length. [ 204.426975][ T8759] netlink: 'syz.0.1021': attribute type 4 has an invalid length. [ 204.450417][ T8759] netlink: 15334 bytes leftover after parsing attributes in process `syz.0.1021'. [ 205.223097][ T30] audit: type=1326 audit(1754399641.560:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8785 comm="syz.1.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6bd8eb69 code=0x7fc00000 [ 205.380879][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 205.758386][ T30] audit: type=1326 audit(1754399642.100:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8785 comm="syz.1.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6bd8eb69 code=0x7fc00000 [ 206.117081][ T8822] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1048'. [ 206.138961][ T8822] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1048'. [ 206.187443][ T8828] atomic_op ffff8880531cc998 conn xmit_atomic 0000000000000000 [ 206.420566][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 206.654124][ T5953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 207.458985][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.113652][ T8877] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 208.121097][ T5897] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 208.307157][ T5897] usb 6-1: Using ep0 maxpacket: 8 [ 208.334503][ T5897] usb 6-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 208.364028][ T5897] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 208.403999][ T5897] usb 6-1: Product: syz [ 208.408241][ T5897] usb 6-1: Manufacturer: syz [ 208.427219][ T5897] usb 6-1: SerialNumber: syz [ 208.450882][ T5897] usb 6-1: config 0 descriptor?? [ 208.468238][ T8885] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1073'. [ 208.490200][ T5897] gspca_main: sq930x-2.14.0 probing 2770:930c [ 208.497287][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.522632][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.550484][ T8885] bridge_slave_1: left allmulticast mode [ 208.574141][ T8885] bridge_slave_1: left promiscuous mode [ 208.580424][ T8885] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.618380][ T8885] bridge_slave_0: left allmulticast mode [ 208.624756][ T8885] bridge_slave_0: left promiscuous mode [ 208.633582][ T8885] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.723963][ T1597] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 208.883960][ T1597] usb 1-1: Using ep0 maxpacket: 32 [ 208.891129][ T1597] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 208.907799][ T1597] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 208.934040][ T1597] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 208.943153][ T1597] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.968308][ T1597] usb 1-1: config 0 descriptor?? [ 209.416478][ T1597] savu 0003:1E7D:2D5A.000C: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 209.540966][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.678682][ T5953] usb 1-1: USB disconnect, device number 10 [ 209.707047][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.754001][ T5897] gspca_sq930x: reg_w 0105 0c00 failed -71 [ 209.974103][ T5897] gspca_sq930x: Sensor ov9630 not yet treated [ 209.991508][ T5897] sq930x 6-1:0.0: probe with driver sq930x failed with error -22 [ 210.016470][ T5897] usb 6-1: USB disconnect, device number 10 [ 210.624105][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 211.375338][ T43] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 211.570591][ T43] usb 5-1: config index 0 descriptor too short (expected 45, got 36) [ 211.591883][ T43] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 211.639150][ T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 211.663919][ T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 211.685640][ T43] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 211.699612][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 211.725876][ T43] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 211.744103][ T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.784257][ T43] usb 5-1: config 0 descriptor?? [ 212.202295][ T43] plantronics 0003:047F:FFFF.000D: reserved main item tag 0xd [ 212.248429][ T43] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 212.457150][ T43] usb 5-1: USB disconnect, device number 12 [ 212.734642][ T5897] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 212.844436][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 212.958765][ T8960] loop2: detected capacity change from 0 to 7 [ 212.978530][ T8960] loop2: [POWERTEC] p1 p2 p3 [ 212.983390][ T8960] loop2: p1 start 1768123251 is beyond EOD, truncated [ 212.993413][ T8960] loop2: p2 start 1700867426 is beyond EOD, truncated [ 213.002754][ T8960] loop2: p3 start 2735865856 is beyond EOD, truncated [ 213.854833][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.138426][ T8994] relay: one or more items not logged [item size (56) > sub-buffer size (10)] [ 214.913190][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.783781][ T5897] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.935235][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 216.058142][ T9062] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1149'. [ 216.071227][ T9062] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1149'. [ 216.265374][ T9071] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 216.734102][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 216.911405][ T9090] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1161'. [ 216.977836][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.135217][ T5897] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 217.306135][ T5897] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 217.323414][ T5897] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 217.352812][ T5897] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.380911][ T5897] usb 1-1: config 0 descriptor?? [ 217.397672][ T5897] pwc: Askey VC010 type 2 USB webcam detected. [ 217.810514][ T5897] pwc: recv_control_msg error -32 req 02 val 2b00 [ 217.827803][ T5897] pwc: recv_control_msg error -32 req 02 val 2700 [ 217.847345][ T5897] pwc: recv_control_msg error -32 req 02 val 2c00 [ 218.026919][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.056167][ T5897] pwc: recv_control_msg error -71 req 04 val 1300 [ 218.074455][ T5897] pwc: recv_control_msg error -71 req 04 val 1400 [ 218.091836][ T5897] pwc: recv_control_msg error -71 req 02 val 2000 [ 218.100282][ T5953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.122584][ T5897] pwc: recv_control_msg error -71 req 02 val 2100 [ 218.134314][ T5897] pwc: recv_control_msg error -71 req 04 val 1500 [ 218.154294][ T5897] pwc: recv_control_msg error -71 req 02 val 2500 [ 218.171822][ T5897] pwc: recv_control_msg error -71 req 02 val 2400 [ 218.187582][ T5897] pwc: recv_control_msg error -71 req 02 val 2600 [ 218.204390][ T5897] pwc: recv_control_msg error -71 req 02 val 2900 [ 218.211409][ T5897] pwc: recv_control_msg error -71 req 02 val 2800 [ 218.229661][ T5897] pwc: recv_control_msg error -71 req 04 val 1100 [ 218.259036][ T5897] pwc: recv_control_msg error -71 req 04 val 1200 [ 218.282191][ T5897] pwc: Registered as video103. [ 218.290159][ T5897] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input23 [ 218.311582][ T9129] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1178'. [ 218.312754][ T5897] usb 1-1: USB disconnect, device number 11 [ 218.647083][ T9142] overlayfs: failed to clone lowerpath [ 218.816367][ T5897] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.054839][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.336757][ T9177] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1194'. [ 219.570916][ T9186] IPv6: NLM_F_REPLACE set, but no existing node found! [ 220.017942][ T5953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.046269][ T7711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.056298][ T5953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.076122][ T5897] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.084100][ T43] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 220.099741][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.254255][ T43] usb 6-1: Using ep0 maxpacket: 32 [ 220.279110][ T43] usb 6-1: unable to get BOS descriptor or descriptor too short [ 220.303978][ T43] usb 6-1: config 0 has no interfaces? [ 220.317745][ T43] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 220.344409][ T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.352501][ T43] usb 6-1: Product: syz [ 220.373944][ T43] usb 6-1: Manufacturer: syz [ 220.378620][ T43] usb 6-1: SerialNumber: syz [ 220.390819][ T43] usb 6-1: config 0 descriptor?? [ 220.648594][ T9195] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 220.672341][ T9195] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 220.702762][ T43] usb 6-1: USB disconnect, device number 11 [ 221.214195][ T43] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 221.379635][ T43] usb 6-1: config index 0 descriptor too short (expected 159, got 149) [ 221.404412][ T43] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 221.414760][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 221.438916][ T43] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 221.471939][ T43] usb 6-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 1.40 [ 221.493277][ T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.518785][ T43] usb 6-1: Product: syz [ 221.523099][ T43] usb 6-1: Manufacturer: syz [ 221.532943][ T43] usb 6-1: SerialNumber: syz [ 221.747182][ T9246] dummy0: entered promiscuous mode [ 221.752978][ T9246] macsec0: entered promiscuous mode [ 221.763261][ T9246] macsec0: entered allmulticast mode [ 221.792771][ T9246] dummy0: entered allmulticast mode [ 221.822765][ T9250] input: syz0 as /devices/virtual/input/input24 [ 221.824637][ T9246] dummy0: left allmulticast mode [ 221.848136][ T9246] dummy0: left promiscuous mode [ 221.854204][ T5897] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.006853][ T43] usb 6-1: 5:0: cannot get min/max values for control 2 (id 5) [ 222.045433][ T43] usb 6-1: 5:0: cannot get min/max values for control 3 (id 5) [ 222.079279][ T43] usb 6-1: 5:0: cannot get min/max values for control 5 (id 5) [ 222.108863][ T43] usb 6-1: 5:0: cannot get min/max values for control 8 (id 5) [ 222.158017][ T43] usb 6-1: 5:0: cannot get min/max values for control 3 (id 5) [ 222.199111][ T43] usb 6-1: 5:0: cannot get min/max values for control 5 (id 5) [ 222.224902][ T43] usb 6-1: USB disconnect, device number 12 [ 222.501438][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.534734][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.723645][ T9301] loop2: detected capacity change from 0 to 7 [ 223.760134][ T9301] Dev loop2: unable to read RDB block 7 [ 223.790854][ T9301] loop2: unable to read partition table [ 223.804138][ T9301] loop2: partition table beyond EOD, truncated [ 223.819569][ T9301] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 224.586689][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.926402][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 224.936732][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 225.137833][ C0] net_ratelimit: 1 callbacks suppressed [ 225.137854][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.140964][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 225.614242][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.658833][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 227.324285][ T43] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 227.473972][ T5941] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 227.494103][ T43] usb 5-1: Using ep0 maxpacket: 32 [ 227.506254][ T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 227.540873][ T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 227.593785][ T43] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 227.614440][ T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.658681][ T5941] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 227.659535][ T43] usb 5-1: config 0 descriptor?? [ 227.674051][ T5941] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.714862][ T5941] usb 6-1: config 0 descriptor?? [ 227.722250][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 227.739967][ T5941] gspca_main: spca508-2.14.0 probing 8086:0110 [ 227.936214][ T5953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 227.993929][ T5897] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 228.128722][ T43] ft260 0003:0403:6030.000E: unknown main item tag 0x7 [ 228.145215][ T5897] usb 1-1: Using ep0 maxpacket: 32 [ 228.150664][ T5941] gspca_spca508: reg_read err -71 [ 228.171655][ T5941] gspca_spca508: reg_read err -71 [ 228.184336][ T5941] gspca_spca508: reg_read err -71 [ 228.191205][ T5897] usb 1-1: config 0 has an invalid interface number: 184 but max is 0 [ 228.205934][ T5897] usb 1-1: config 0 has no interface number 0 [ 228.213777][ T5897] usb 1-1: config 0 interface 184 has no altsetting 0 [ 228.220962][ T5941] gspca_spca508: reg_read err -71 [ 228.226685][ T5941] gspca_spca508: reg write: error -71 [ 228.232369][ T5941] spca508 6-1:0.0: probe with driver spca508 failed with error -71 [ 228.243737][ T5897] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 228.255473][ T5941] usb 6-1: USB disconnect, device number 13 [ 228.263112][ T5897] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.274728][ T5897] usb 1-1: Product: syz [ 228.278949][ T5897] usb 1-1: Manufacturer: syz [ 228.283689][ T5897] usb 1-1: SerialNumber: syz [ 228.296399][ T5897] usb 1-1: config 0 descriptor?? [ 228.316736][ T5897] smsc75xx v1.0.0 [ 228.325703][ T43] ft260 0003:0403:6030.000E: chip code: 6424 8183 [ 228.537810][ T43] ft260 0003:0403:6030.000E: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.4-1/input0 [ 228.735404][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 228.883247][ T9416] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 228.933518][ T43] ft260 0003:0403:6030.000E: failed to retrieve status: -71 [ 228.943194][ T43] ft260 0003:0403:6030.000E: failed to reset I2C controller: -71 [ 228.979198][ T5897] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 228.994633][ T43] usb 5-1: USB disconnect, device number 13 [ 229.028726][ T5897] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 229.265954][ T5897] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71 [ 229.287606][ T5897] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71 [ 229.305103][ T5897] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 229.327659][ T5897] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71 [ 229.342421][ T5897] usb 1-1: USB disconnect, device number 12 [ 229.615560][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.751409][ T9446] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1310'. [ 229.774397][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.256687][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.270724][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.279293][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.814653][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.854341][ T9] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 231.014014][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 231.034987][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 231.063970][ T9] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 231.105332][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 231.148761][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 231.194391][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 231.226483][ T9] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 231.237845][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 231.255363][ T9] usb 1-1: Product: syz [ 231.259725][ T9] usb 1-1: Manufacturer: syz [ 231.269870][ T9] usb 1-1: SerialNumber: syz [ 231.307589][ T9] usb 1-1: config 0 descriptor?? [ 231.552388][ T9497] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 231.556772][ T9] radio-si470x 1-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 231.562479][ T9497] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 231.578781][ T9497] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 231.588217][ T9497] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 231.594879][ T9] radio-si470x 1-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 231.718725][ T9497] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 231.729617][ T9497] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 231.739228][ T9497] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 231.748895][ T9497] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 231.759190][ T9] radio-si470x 1-1:0.0: software version 0, hardware version 0 [ 231.772647][ T9] radio-si470x 1-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0. [ 231.793639][ T9] radio-si470x 1-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 231.856575][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.962333][ T9] radio-si470x 1-1:0.0: submitting int urb failed (-90) [ 232.564315][ T9] radio-si470x 1-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 232.628296][ T9] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -22 [ 232.680223][ T9] usb 1-1: USB disconnect, device number 13 [ 232.896590][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 233.312016][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 233.749821][ T30] audit: type=1326 audit(1754399670.090:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9546 comm="syz.5.1355" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f845158eb69 code=0x0 [ 233.934462][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.781546][ T9582] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1370'. [ 234.880956][ T30] audit: type=1326 audit(1754399671.220:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.6.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 234.943452][ T30] audit: type=1326 audit(1754399671.220:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.6.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 234.971459][ T30] audit: type=1326 audit(1754399671.220:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.6.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 234.993033][ C1] vkms_vblank_simulate: vblank timer overrun [ 235.000292][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.047448][ T30] audit: type=1326 audit(1754399671.220:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.6.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 235.153711][ T30] audit: type=1326 audit(1754399671.220:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.6.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 235.239501][ T30] audit: type=1326 audit(1754399671.260:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.6.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 235.261025][ C1] vkms_vblank_simulate: vblank timer overrun [ 235.347956][ T30] audit: type=1326 audit(1754399671.260:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.6.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 235.504352][ T30] audit: type=1326 audit(1754399671.260:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.6.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 235.546705][ T9599] veth1_to_bond: entered allmulticast mode [ 235.599400][ T9599] veth1_to_bond: left allmulticast mode [ 235.610923][ T30] audit: type=1326 audit(1754399671.270:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9583 comm="syz.6.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 236.015335][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 236.365471][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 236.596326][ T9632] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1392'. [ 236.911521][ T5941] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 236.959685][ T5941] hid-generic 0000:0000:0000.000F: hidraw0: HID v0.00 Device [syz1] on syz0 [ 237.064092][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.737672][ T9660] loop2: detected capacity change from 0 to 7 [ 237.760470][ T9660] Dev loop2: unable to read RDB block 7 [ 237.776691][ T9660] loop2: unable to read partition table [ 237.794322][ T9660] loop2: partition table beyond EOD, truncated [ 237.830368][ T9660] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 238.094351][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 238.554340][ T9693] ceph: No mds server is up or the cluster is laggy [ 238.671028][ T9711] input: syz1 as /devices/virtual/input/input26 [ 238.844124][ T43] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 239.026438][ T43] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 239.044091][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 239.073757][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 239.097672][ T43] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 239.136328][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.151424][ T43] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 239.168376][ T43] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 239.179002][ T9734] Bluetooth: hci0: invalid length 0, exp 2 for type 13 [ 239.179203][ T43] usb 6-1: Manufacturer: syz [ 239.197745][ T43] usb 6-1: config 0 descriptor?? [ 239.292651][ T9740] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1435'. [ 239.377797][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.413541][ T9744] vivid-003: ================= START STATUS ================= [ 239.424948][ T9744] vivid-003: Radio HW Seek Mode: Bounded [ 239.431129][ T9744] vivid-003: Radio Programmable HW Seek: false [ 239.439669][ T9744] vivid-003: RDS Rx I/O Mode: Block I/O [ 239.445684][ T9744] vivid-003: Generate RBDS Instead of RDS: false [ 239.452325][ T9744] vivid-003: RDS Reception: true [ 239.457451][ T9744] vivid-003: RDS Program Type: 0 inactive [ 239.463539][ T9744] vivid-003: RDS PS Name: inactive [ 239.472409][ T9744] vivid-003: RDS Radio Text: inactive [ 239.487823][ T9744] vivid-003: RDS Traffic Announcement: false inactive [ 239.499537][ T9744] vivid-003: RDS Traffic Program: false inactive [ 239.514724][ T9744] vivid-003: RDS Music: false inactive [ 239.521290][ T9744] vivid-003: ================== END STATUS ================== [ 239.533818][ T9748] IPv6: Can't replace route, no match found [ 239.622910][ T43] appleir 0003:05AC:8243.0010: unknown main item tag 0x0 [ 239.671700][ T43] appleir 0003:05AC:8243.0010: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0 [ 239.854534][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.175201][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.500050][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.536255][ T9] usb 6-1: USB disconnect, device number 14 [ 240.552421][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.730652][ T9793] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1459'. [ 240.759317][ T9793] netlink: 'syz.0.1459': attribute type 1 has an invalid length. [ 240.782367][ T9793] netlink: 'syz.0.1459': attribute type 2 has an invalid length. [ 240.805947][ T9793] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1459'. [ 240.996023][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 241.074076][ T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 241.214714][ T43] net_ratelimit: 3 callbacks suppressed [ 241.214735][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 241.234184][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 241.247452][ T9] usb 2-1: config 6 has an invalid interface number: 43 but max is 0 [ 241.282011][ T9] usb 2-1: config 6 has no interface number 0 [ 241.293932][ T9] usb 2-1: config 6 interface 43 altsetting 170 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 241.320346][ T9] usb 2-1: config 6 interface 43 has no altsetting 0 [ 241.358556][ T9] usb 2-1: string descriptor 0 read error: -71 [ 241.364992][ T9] usb 2-1: New USB device found, idVendor=2304, idProduct=023b, bcdDevice=7b.5c [ 241.389856][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 241.442134][ T9] usb 2-1: rejected 1 configuration due to insufficient available bus power [ 241.472954][ T9] usb 2-1: no configuration chosen from 1 choice [ 241.490085][ T9] usb 2-1: USB disconnect, device number 11 [ 241.490701][ T9819] netlink: 'syz.6.1471': attribute type 14 has an invalid length. [ 241.534118][ T9819] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1471'. [ 241.561821][ T9819] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 241.570773][ T9819] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 241.579649][ T9819] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 241.588485][ T9819] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 241.606448][ T9819] netlink: 'syz.6.1471': attribute type 14 has an invalid length. [ 241.641098][ T9819] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1471'. [ 241.726547][ T9828] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 241.988476][ T9831] delete_channel: no stack [ 242.256666][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 242.383776][ T9854] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 243.294267][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 243.624114][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 244.078337][ T9906] fuse: Bad value for 'group_id' [ 244.083356][ T9906] fuse: Bad value for 'group_id' [ 244.140011][ T9906] xt_hashlimit: max too large, truncated to 1048576 [ 244.344006][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 244.953359][ T9926] sch_fq: defrate 4294967295 ignored. [ 245.121737][ T9912] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 245.378603][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.392236][ T9937] dvmrp0: entered allmulticast mode [ 246.050047][ T9956] netlink: 'syz.5.1530': attribute type 29 has an invalid length. [ 246.094073][ T9956] netlink: 'syz.5.1530': attribute type 29 has an invalid length. [ 246.115235][ T9956] netlink: 500 bytes leftover after parsing attributes in process `syz.5.1530'. [ 246.414122][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 246.464005][ T43] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 246.628608][ T43] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 246.655634][ T43] usb 6-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 246.655833][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 246.681895][ T43] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 246.701835][ T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.722076][ T43] usb 6-1: Product: syz [ 246.736680][ T43] usb 6-1: Manufacturer: syz [ 246.750545][ T43] usb 6-1: SerialNumber: syz [ 247.454348][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 247.834904][ T43] cdc_ncm 6-1:1.0: bind() failure [ 247.859869][ T43] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 247.882363][ T43] cdc_ncm 6-1:1.1: bind() failure [ 248.054421][ T43] usb 6-1: USB disconnect, device number 15 [ 248.495781][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 249.063669][T10024] syzkaller1: entered promiscuous mode [ 249.079785][T10024] syzkaller1: entered allmulticast mode [ 249.361114][T10032] overlayfs: failed to clone upperpath [ 249.567124][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 249.695029][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 249.695741][T10043] sit0: entered promiscuous mode [ 249.749675][T10043] netlink: 'syz.6.1566': attribute type 1 has an invalid length. [ 249.792927][T10043] netlink: 1 bytes leftover after parsing attributes in process `syz.6.1566'. [ 250.094928][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 250.581145][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 250.968820][T10073] overlayfs: failed to clone upperpath [ 251.614928][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.082260][T10114] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 252.124252][ T43] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 252.288214][ T43] usb 1-1: Using ep0 maxpacket: 32 [ 252.310980][ T43] usb 1-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 252.339698][ T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.358743][ T43] usb 1-1: Product: syz [ 252.369717][ T43] usb 1-1: Manufacturer: syz [ 252.377906][ T43] usb 1-1: SerialNumber: syz [ 252.385337][T10117] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1597'. [ 252.396423][ T43] usb 1-1: config 0 descriptor?? [ 252.654330][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.735735][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 252.819361][ T43] airspy 1-1:0.0: Board ID: 00 [ 252.825941][ T43] airspy 1-1:0.0: Firmware version: [ 253.269635][T10153] 9pnet_fd: Insufficient options for proto=fd [ 253.627596][ T43] airspy 1-1:0.0: usb_control_msg() failed -71 request 0f [ 253.646328][ T43] airspy 1-1:0.0: Registered as swradio24 [ 253.652279][ T43] airspy 1-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 253.669820][ T43] usb 1-1: USB disconnect, device number 14 [ 253.704480][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 254.734292][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 254.935376][T10198] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 255.108983][T10200] input: syz0 as /devices/virtual/input/input27 [ 255.158076][T10202] input: syz1 as /devices/virtual/input/input28 [ 255.451355][ T43] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 255.674206][ T43] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 255.693160][ T43] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 255.714751][ T43] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 255.733965][ T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 255.762795][ T43] usb 5-1: SerialNumber: syz [ 255.775400][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 255.783576][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 255.973006][T10238] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1648'. [ 256.001599][T10238] hsr_slave_0: left promiscuous mode [ 256.012871][T10238] hsr_slave_1: left promiscuous mode [ 256.015225][ T43] usb 5-1: 0:2 : does not exist [ 256.076376][ T43] usb 5-1: USB disconnect, device number 14 [ 256.271915][T10250] mkiss: ax0: crc mode is auto. [ 256.325367][T10253] capability: warning: `syz.6.1654' uses 32-bit capabilities (legacy support in use) [ 256.824944][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 256.833329][ T43] kernel read not supported for file /input/event2 (pid: 43 comm: kworker/1:1) [ 257.514229][ T5941] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 257.686806][ T5941] usb 5-1: Using ep0 maxpacket: 16 [ 257.715068][ T5941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 257.733901][ T5941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 257.747222][ T5941] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 257.767062][ T5941] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.790819][ T5941] usb 5-1: config 0 descriptor?? [ 257.854863][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 258.818333][ T5941] letsketch 0003:6161:4D15.0011: Device info: à° [ 258.827540][ T5897] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 258.894180][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 259.082492][ T5941] usb 5-1: Max retries (5) exceeded reading string descriptor 201 [ 259.108085][ T5941] letsketch 0003:6161:4D15.0011: probe with driver letsketch failed with error -71 [ 259.131456][ T5941] usb 5-1: USB disconnect, device number 15 [ 259.702833][ T5953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 259.921180][T10362] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 259.934398][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 259.944978][ T7723] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 259.964390][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 259.975355][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.982881][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.989380][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.054340][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 261.664419][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 261.704643][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 261.716254][ T0] NOHZ tick-stop error: local softirq work is pending, handler #206!!! [ 261.795314][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 261.834839][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 261.855005][ T5897] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 262.095009][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 262.795307][T10415] input: syz1 as /devices/virtual/input/input29 [ 263.134197][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.174173][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.593959][ T5953] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 264.744645][ T5953] usb 1-1: Using ep0 maxpacket: 8 [ 264.757370][ T5953] usb 1-1: config 0 has an invalid interface number: 186 but max is 0 [ 264.776831][ T5953] usb 1-1: config 0 has no interface number 0 [ 264.791109][ T5953] usb 1-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 264.814409][ T5953] usb 1-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 264.842160][ T5953] usb 1-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 264.870778][ T5953] usb 1-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 264.894985][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.913651][ T5953] usb 1-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 264.934935][ T5953] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 264.951813][ T5953] usb 1-1: Product: syz [ 264.962856][ T5953] usb 1-1: Manufacturer: syz [ 264.974218][ T5953] usb 1-1: SerialNumber: syz [ 264.991649][ T5953] usb 1-1: config 0 descriptor?? [ 265.090480][T10467] binder: 10466:10467 ioctl c0306201 200000000640 returned -22 [ 265.214386][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 265.214817][ T5953] iowarrior 1-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 265.449486][ T5953] usb 1-1: USB disconnect, device number 15 [ 265.464523][ T7723] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 265.479257][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 265.491724][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 266.090561][T10491] netlink: 'syz.6.1755': attribute type 30 has an invalid length. [ 266.419033][T10497] syz.0.1758 (10497) used greatest stack depth: 17992 bytes left [ 266.575168][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 266.778978][T10514] netlink: 'syz.0.1765': attribute type 10 has an invalid length. [ 266.790543][T10514] hsr0: entered promiscuous mode [ 266.820187][T10514] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 266.864448][T10514] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 266.877164][T10514] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 267.614961][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.673959][ T43] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 267.854345][ T43] usb 6-1: Using ep0 maxpacket: 32 [ 267.871684][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 267.913915][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 267.935316][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.943143][ T43] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 267.963906][ T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 267.999103][T10564] netlink: 'syz.6.1787': attribute type 1 has an invalid length. [ 268.008641][ T43] usb 6-1: config 0 descriptor?? [ 268.028101][ T43] hub 6-1:0.0: USB hub found [ 268.091534][T10564] bond1: entered promiscuous mode [ 268.100775][T10564] 8021q: adding VLAN 0 to HW filter on device bond1 [ 268.192650][T10569] 8021q: adding VLAN 0 to HW filter on device bond1 [ 268.213164][T10569] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 268.232126][T10569] bond1: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 268.235529][ T43] hub 6-1:0.0: 1 port detected [ 268.281276][T10570] xt_CT: No such helper "pptp" [ 268.291215][T10569] bond1: (slave vcan1): making interface the new active one [ 268.306803][T10569] vcan1: entered promiscuous mode [ 268.317827][T10569] bond1: (slave vcan1): Enslaving as an active interface with an up link [ 268.654419][ T5911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 268.883147][ T5911] hub 6-1:0.0: activate --> -90 [ 269.090811][ T43] usb 6-1: USB disconnect, device number 16 [ 269.113970][ T9] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 269.274176][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 269.296420][ T9] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 269.347051][ T9] usb 5-1: config 0 has no interface number 0 [ 269.353233][ T9] usb 5-1: too many endpoints for config 0 interface 41 altsetting 2: 171, using maximum allowed: 30 [ 269.367666][ T5953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.428202][ T9] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 269.459702][ T9] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 269.488980][ T9] usb 5-1: config 0 interface 41 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 171 [ 269.522689][ T9] usb 5-1: config 0 interface 41 has no altsetting 0 [ 269.565984][ T9] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 269.583966][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 269.592024][ T9] usb 5-1: Product: syz [ 269.615141][ T9] usb 5-1: Manufacturer: syz [ 269.623914][ T9] usb 5-1: SerialNumber: syz [ 269.643687][ T9] usb 5-1: config 0 descriptor?? [ 269.674364][T10601] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 269.698147][T10601] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 269.704890][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.934393][T10601] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 269.967250][T10601] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 270.604502][ T9] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0 [ 270.734277][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 270.834606][ T9] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9 [ 270.859450][ T9] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to power down PHY : -71 [ 270.887511][ T9] CoreChips 5-1:0.41: probe with driver CoreChips failed with error -71 [ 270.917028][ T9] usb 5-1: USB disconnect, device number 16 [ 270.975365][ T5953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 271.784164][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 272.819463][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 272.967637][T10707] ptrace attach of "./syz-executor exec"[5847] was attempted by "./syz-executor exec"[10707] [ 273.704564][T10735] vti0: entered promiscuous mode [ 273.709599][T10735] vti0: entered allmulticast mode [ 273.854917][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 274.016491][ T5953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 274.183922][ T43] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 274.386256][ T43] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88 [ 274.407556][ T1597] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 274.446210][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 274.477573][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7 [ 274.506633][ T43] usb 2-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49 [ 274.525957][ T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.572105][ T43] usb 2-1: Product: syz [ 274.584623][ T43] usb 2-1: Manufacturer: syz [ 274.589285][ T43] usb 2-1: SerialNumber: syz [ 274.626940][ T43] usb 2-1: config 0 descriptor?? [ 274.654648][ T1597] usb 5-1: config 0 has no interfaces? [ 274.678359][ T1597] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 274.714032][ T1597] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.744069][ T1597] usb 5-1: Product: syz [ 274.748407][ T1597] usb 5-1: Manufacturer: syz [ 274.773734][ T1597] usb 5-1: SerialNumber: syz [ 274.805914][ T1597] usb 5-1: config 0 descriptor?? [ 274.896297][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 275.094887][ T7730] tipc: Subscription rejected, illegal request [ 275.111422][ T5897] usb 5-1: USB disconnect, device number 17 [ 275.203993][ T9] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 275.215140][ T5953] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 275.375294][ T9] usb 6-1: Using ep0 maxpacket: 16 [ 275.387894][ T5953] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 275.399236][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 275.410347][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 275.420610][ T5953] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 275.432987][ T5953] usb 1-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 275.443422][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 275.465414][ T5953] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.480843][ T9] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 275.514769][ T5953] usb 1-1: config 0 descriptor?? [ 275.520031][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.556503][ T9] usb 6-1: config 0 descriptor?? [ 275.656654][T10784] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1875'. [ 275.803143][T10788] dummy0: entered promiscuous mode [ 275.840085][T10788] dummy0: left promiscuous mode [ 275.934212][ T1597] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 275.951786][ T5953] hkems 0003:2006:0118.0012: unbalanced delimiter at end of report description [ 275.982352][ T5953] hkems 0003:2006:0118.0012: parse failed [ 276.014602][ T5953] hkems 0003:2006:0118.0012: probe with driver hkems failed with error -22 [ 276.046557][ T9] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0013/input/input31 [ 276.145517][ T9] microsoft 0003:045E:07DA.0013: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 276.189909][ T5953] usb 1-1: USB disconnect, device number 16 [ 276.205623][ T9] usb 6-1: USB disconnect, device number 17 [ 276.438709][ T1102] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.613773][ T1102] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.791618][ T1102] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.030248][ T1102] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.394964][ T1102] bridge_slave_1: left allmulticast mode [ 277.400975][ T1102] bridge_slave_1: left promiscuous mode [ 277.411559][ T1102] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.450145][ T1102] bridge_slave_0: left allmulticast mode [ 277.470794][ T1102] bridge_slave_0: left promiscuous mode [ 277.493879][ T1102] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.826199][T10842] loop9: detected capacity change from 0 to 7 [ 277.860970][T10842] Buffer I/O error on dev loop9, logical block 0, async page read [ 277.886886][T10842] Buffer I/O error on dev loop9, logical block 0, async page read [ 277.906937][T10842] Buffer I/O error on dev loop9, logical block 0, async page read [ 277.929767][T10842] Buffer I/O error on dev loop9, logical block 0, async page read [ 277.958114][T10842] Buffer I/O error on dev loop9, logical block 0, async page read [ 277.982072][T10842] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.007395][T10842] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.033416][T10842] ldm_validate_partition_table(): Disk read failed. [ 278.053188][T10842] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.077191][T10842] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.116544][T10842] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.184042][T10842] Dev loop9: unable to read RDB block 0 [ 278.214891][T10842] loop9: unable to read partition table [ 278.236167][T10842] loop9: partition table beyond EOD, truncated [ 278.242938][T10842] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 278.242938][T10842] ) failed (rc=-5) [ 278.888941][ T1102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 278.933776][ T1102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 278.981805][ T1102] bond0 (unregistering): Released all slaves [ 279.440869][T10884] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 279.447725][T10884] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 279.515586][T10884] vhci_hcd vhci_hcd.0: Device attached [ 279.532173][T10885] vhci_hcd: connection closed [ 279.542732][ T1112] vhci_hcd: stop threads [ 279.607111][ T1112] vhci_hcd: release socket [ 279.622819][ T1112] vhci_hcd: disconnect device [ 279.780410][T10894] overlayfs: failed to clone upperpath [ 279.816435][ T1102] hsr_slave_0: left promiscuous mode [ 279.827552][ T1102] hsr_slave_1: left promiscuous mode [ 279.828390][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 279.828439][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 279.837749][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 279.837786][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 279.925624][ T1102] veth1_macvtap: left promiscuous mode [ 279.925741][ T1102] veth0_macvtap: left promiscuous mode [ 279.925947][ T1102] veth1_vlan: left promiscuous mode [ 279.926084][ T1102] veth0_vlan: left promiscuous mode [ 281.484061][ T5953] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 281.665111][ T5953] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 281.693272][ T5953] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 281.723915][ T5953] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 281.743409][ T5953] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 281.784661][T10926] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 281.799726][ T5953] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 282.189160][ T1597] usb 6-1: USB disconnect, device number 18 [ 282.689396][ T1102] team0 (unregistering): Port device team_slave_1 removed [ 282.749478][ T1102] team0 (unregistering): Port device team_slave_0 removed [ 287.846141][T11089] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 288.082113][T11095] netlink: 212376 bytes leftover after parsing attributes in process `syz.6.1997'. [ 289.064403][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 289.064501][ T30] audit: type=1326 audit(1754399981.382:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11121 comm="syz.5.2007" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f845158eb69 code=0x0 [ 289.299153][T11133] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 289.305752][T11133] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 289.392054][T11133] vhci_hcd vhci_hcd.0: Device attached [ 289.447385][T11134] vhci_hcd: connection closed [ 289.448953][ T7732] vhci_hcd: stop threads [ 289.472811][ T7732] vhci_hcd: release socket [ 289.477521][ T7732] vhci_hcd: disconnect device [ 290.247666][T11165] 9pnet_fd: Insufficient options for proto=fd [ 290.414336][ T24] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 290.594841][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 290.603143][ T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 290.630977][ T24] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 32 [ 290.652689][ T24] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 290.671910][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.682067][ T24] usb 1-1: Product: syz [ 290.710688][ T24] usb 1-1: Manufacturer: syz [ 290.723247][ T24] usb 1-1: SerialNumber: syz [ 290.804836][ T5941] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 290.840597][ T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0) [ 290.850343][T11188] serio: Serial port ttyS3 [ 290.967475][ T5941] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 290.982655][T11163] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 291.001852][ T5941] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 291.013271][ T5941] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 291.064101][ T5941] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 291.106721][ T5941] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 291.138602][ T5941] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.174389][ T5941] usb 6-1: config 0 descriptor?? [ 291.188469][T11179] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 291.604660][T11163] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 291.628722][ T5941] plantronics 0003:047F:FFFF.0014: reserved main item tag 0xd [ 291.664105][ T5941] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 291.845810][ T24] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 291.852547][ T24] cdc_ncm 1-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048 [ 291.894187][ T24] cdc_ncm 1-1:1.0: setting rx_max = 2048 [ 291.956139][T11179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 291.979857][T11179] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 292.040962][ T5953] usb 6-1: USB disconnect, device number 19 [ 292.048198][ T24] cdc_ncm 1-1:1.0: setting tx_max = 184 [ 292.108622][ T24] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 292.171258][ T24] usb 1-1: USB disconnect, device number 17 [ 292.186660][ T24] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP) [ 293.314153][ T24] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 293.477087][ T24] usb 1-1: config 0 has no interfaces? [ 293.489532][ T24] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 293.503874][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.516758][ T24] usb 1-1: Product: syz [ 293.521320][ T24] usb 1-1: Manufacturer: syz [ 293.526346][ T24] usb 1-1: SerialNumber: syz [ 293.543060][ T24] usb 1-1: config 0 descriptor?? [ 293.884262][T11239] veth1_macvtap: left promiscuous mode [ 294.105686][T11239] veth1_macvtap: entered promiscuous mode [ 294.145481][ T5911] usb 1-1: USB disconnect, device number 18 [ 294.897710][ T43] iguanair 2-1:0.0: failed to get version [ 294.956238][ T43] iguanair 2-1:0.0: probe with driver iguanair failed with error -110 [ 295.089127][ T43] usb 2-1: USB disconnect, device number 12 [ 295.396658][ T1102] veth1_macvtap: left promiscuous mode [ 296.132319][ T43] kernel write not supported for file bpf-prog (pid: 43 comm: kworker/1:1) [ 296.734273][T11347] kvm: user requested TSC rate below hardware speed [ 296.743676][T11347] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 296.948829][T11360] netlink: 'syz.6.2109': attribute type 21 has an invalid length. [ 296.971860][T11360] netlink: 168 bytes leftover after parsing attributes in process `syz.6.2109'. [ 297.120043][T11366] Bluetooth: hci0: invalid length 0, exp 2 for type 2 [ 297.171268][T11371] netlink: 566 bytes leftover after parsing attributes in process `syz.0.2114'. [ 297.266688][T11373] netlink: 'syz.6.2115': attribute type 21 has an invalid length. [ 297.300187][T11373] netlink: 'syz.6.2115': attribute type 6 has an invalid length. [ 297.337717][T11373] netlink: 132 bytes leftover after parsing attributes in process `syz.6.2115'. [ 298.945235][T11426] 8021q: adding VLAN 0 to HW filter on device bond0 [ 298.963582][T11426] bond0: (slave rose0): Enslaving as an active interface with an up link [ 298.974350][ T24] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 299.086975][T11434] netlink: 'syz.1.2142': attribute type 4 has an invalid length. [ 299.134025][ T24] usb 5-1: Using ep0 maxpacket: 16 [ 299.142674][ T24] usb 5-1: unable to get BOS descriptor or descriptor too short [ 299.163742][ T24] usb 5-1: config 1 interface 0 altsetting 127 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 299.178934][ T24] usb 5-1: config 1 interface 0 altsetting 127 endpoint 0x81 has invalid maxpacket 1536, setting to 1024 [ 299.190532][ T24] usb 5-1: config 1 interface 0 altsetting 127 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 299.209793][ T24] usb 5-1: config 1 interface 0 has no altsetting 0 [ 299.222918][ T24] usb 5-1: New USB device found, idVendor=05ac, idProduct=0242, bcdDevice= 0.40 [ 299.246926][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.255202][ T24] usb 5-1: Product: syz [ 299.259542][ T24] usb 5-1: Manufacturer: syz [ 299.272350][ T24] usb 5-1: SerialNumber: syz [ 299.281540][T11413] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 299.294413][ T5941] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 299.474106][ T5941] usb 1-1: Using ep0 maxpacket: 32 [ 299.487842][ T5941] usb 1-1: config 0 has an invalid interface number: 184 but max is 0 [ 299.502520][ T5941] usb 1-1: config 0 has no interface number 0 [ 299.518000][ T24] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input33 [ 299.518960][ T5941] usb 1-1: config 0 interface 184 has no altsetting 0 [ 299.541047][ T5941] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 299.573979][ T5941] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.592323][ T5941] usb 1-1: Product: syz [ 299.602460][ T5941] usb 1-1: Manufacturer: syz [ 299.622704][ T5941] usb 1-1: SerialNumber: syz [ 299.644160][ T5941] usb 1-1: config 0 descriptor?? [ 299.679801][ T5941] smsc75xx v1.0.0 [ 299.974006][ T9] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 300.135904][ T5953] usb 5-1: USB disconnect, device number 18 [ 300.135948][ C0] bcm5974 5-1:1.0: trackpad urb failed: -19 [ 300.151311][ T9] usb 6-1: config 0 has an invalid interface number: 69 but max is 0 [ 300.154696][T11412] bcm5974 5-1:1.0: could not read from device [ 300.185081][ T9] usb 6-1: config 0 has no interface number 0 [ 300.192232][ T9] usb 6-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 300.205827][ T9] usb 6-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 300.220912][ T9] usb 6-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 300.232349][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.242853][ T9] usb 6-1: Product: syz [ 300.255771][ T9] usb 6-1: Manufacturer: syz [ 300.260509][ T9] usb 6-1: SerialNumber: syz [ 300.273594][ T9] usb 6-1: config 0 descriptor?? [ 300.279855][T11457] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22 [ 300.289308][ T9] cyberjack 6-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 300.302809][ T9] usb 6-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 300.709965][ T24] usb 6-1: USB disconnect, device number 20 [ 300.730754][ T24] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 300.761152][ T24] cyberjack 6-1:0.69: device disconnected [ 300.881330][ T5941] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000044: -71 [ 300.893506][ T5941] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_DATA [ 300.907413][ T5941] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 300.921282][ T5941] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 300.957059][ T5941] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 300.974848][ T5941] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 300.993676][ T5941] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71 [ 301.006970][ T5941] usb 1-1: USB disconnect, device number 19 [ 301.082192][T11485] ======================================================= [ 301.082192][T11485] WARNING: The mand mount option has been deprecated and [ 301.082192][T11485] and is ignored by this kernel. Remove the mand [ 301.082192][T11485] option from the mount to silence this warning. [ 301.082192][T11485] ======================================================= [ 301.117170][ C1] vkms_vblank_simulate: vblank timer overrun [ 301.263971][ T1597] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 301.444080][ T1597] usb 2-1: Using ep0 maxpacket: 16 [ 301.458762][ T1597] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 301.487253][ T1102] Bluetooth: hci5: Frame reassembly failed (-84) [ 301.504135][ T1597] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 301.529477][ T1597] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 301.543323][ T1597] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.562158][ T1597] usb 2-1: config 0 descriptor?? [ 301.926940][T11514] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2177'. [ 301.999910][ T1597] HID 045e:07da: Invalid code 65791 type 1 [ 302.031478][ T1597] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0015/input/input34 [ 302.068383][ T1597] microsoft 0003:045E:07DA.0015: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 302.726502][T11548] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2193'. [ 302.859863][ T43] usb 2-1: USB disconnect, device number 13 [ 303.174780][ T1597] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 303.234061][ T24] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 303.333981][ T1597] usb 5-1: Using ep0 maxpacket: 8 [ 303.343373][ T1597] usb 5-1: config 0 has no interfaces? [ 303.352664][ T1597] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 303.363479][ T1597] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 303.379174][ T1597] usb 5-1: config 0 descriptor?? [ 303.424098][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 303.435455][ T24] usb 1-1: config 0 has an invalid interface number: 12 but max is 0 [ 303.443609][ T24] usb 1-1: config 0 has no interface number 0 [ 303.452889][ T24] usb 1-1: config 0 interface 12 has no altsetting 0 [ 303.471491][ T24] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 303.493571][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.502310][ T24] usb 1-1: Product: syz [ 303.506723][ T24] usb 1-1: Manufacturer: syz [ 303.511361][ T24] usb 1-1: SerialNumber: syz [ 303.524578][ T24] usb 1-1: config 0 descriptor?? [ 303.534984][ T5837] Bluetooth: hci5: command 0x1003 tx timeout [ 303.541884][ T51] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 303.621066][ T5941] usb 5-1: USB disconnect, device number 19 [ 303.734562][ T9] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 303.787485][T11583] netlink: 'syz.5.2208': attribute type 2 has an invalid length. [ 303.795993][T11583] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2208'. [ 303.904273][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 303.929325][ T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 303.941871][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.950112][ T9] usb 2-1: Product: syz [ 303.954451][ T9] usb 2-1: Manufacturer: syz [ 303.959089][ T9] usb 2-1: SerialNumber: syz [ 303.968141][ T9] usb 2-1: config 0 descriptor?? [ 304.189759][ T9] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 304.689374][T11606] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2217'. [ 304.701371][T11606] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2217'. [ 304.770587][ T24] f81534 1-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 304.781761][ T24] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71 [ 304.789399][ T24] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 304.798980][ T24] f81534 1-1:0.12: probe with driver f81534 failed with error -71 [ 304.814109][ T24] usb 1-1: USB disconnect, device number 20 [ 305.000490][ T9] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 305.013626][ T9] usb 2-1: USB disconnect, device number 14 [ 305.490969][T11619] netlink: 'syz.5.2223': attribute type 1 has an invalid length. [ 305.682594][T11622] bond1: (slave gretap1): making interface the new active one [ 305.702157][T11622] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 305.853469][T11633] netlink: 51 bytes leftover after parsing attributes in process `syz.5.2230'. [ 305.884074][T11637] bridge0: port 1(bridge_slave_0) entered disabled state [ 306.004154][ T5941] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 306.175882][ T5941] usb 5-1: Using ep0 maxpacket: 32 [ 306.183420][ T5941] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 306.193725][ T5941] usb 5-1: config 0 has no interface number 0 [ 306.213561][ T5941] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 306.223244][ T5941] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 306.231902][ T5941] usb 5-1: Product: syz [ 306.236384][ T5941] usb 5-1: Manufacturer: syz [ 306.241089][ T5941] usb 5-1: SerialNumber: syz [ 306.261874][ T5941] usb 5-1: config 0 descriptor?? [ 306.269652][ T5941] smsc95xx v2.0.0 [ 306.313968][ T5953] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 306.474745][ T5953] usb 2-1: Using ep0 maxpacket: 32 [ 306.492823][ T5953] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 306.572397][ T5953] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 306.607575][ T5953] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 306.616920][ T5953] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.649272][ T5953] usb 2-1: config 0 descriptor?? [ 306.676240][ T5953] hub 2-1:0.0: USB hub found [ 306.902444][ T5953] hub 2-1:0.0: 1 port detected [ 307.085291][ T5941] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout [ 307.287028][ T5941] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 307.302405][ T5941] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71 [ 307.319236][ T5953] usb 2-1: USB disconnect, device number 15 [ 307.336149][ T5941] usb 5-1: USB disconnect, device number 20 [ 307.837568][T11689] netlink: 'syz.4.2252': attribute type 1 has an invalid length. [ 307.905121][T11689] bond1: entered promiscuous mode [ 307.910668][T11689] 8021q: adding VLAN 0 to HW filter on device bond1 [ 307.935497][T11691] bond1: (slave bridge0): making interface the new active one [ 307.953438][T11691] bridge0: entered promiscuous mode [ 307.960236][T11691] bond1: (slave bridge0): Enslaving as an active interface with an up link [ 308.115910][T11699] netlink: 9 bytes leftover after parsing attributes in process `syz.4.2256'. [ 308.130657][T11699] gretap0: entered promiscuous mode [ 308.160779][T11699] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2256'. [ 308.172577][T11699] 0ªî{X¹¦: renamed from gretap0 [ 308.188543][T11699] 0ªî{X¹¦: left promiscuous mode [ 308.193776][T11699] 0ªî{X¹¦: entered allmulticast mode [ 308.206375][T11699] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 308.791551][ T30] audit: type=1326 audit(1754400001.132:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11725 comm="syz.0.2268" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9f11b8eb69 code=0x0 [ 308.850355][ T30] audit: type=1326 audit(1754400001.192:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11734 comm="syz.4.2270" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fadb6d8eb69 code=0x0 [ 309.018313][T11743] netlink: 452 bytes leftover after parsing attributes in process `syz.6.2273'. [ 309.463473][T11759] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check. [ 310.233576][T11791] input: syz1 as /devices/virtual/input/input35 [ 310.440032][T11793] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2293'. [ 311.276921][T11826] Bluetooth: hci0: unsupported parameter 5148 [ 311.283163][T11826] Bluetooth: hci0: invalid len left 4, exp >= 118 [ 311.713725][T11837] netlink: 200 bytes leftover after parsing attributes in process `syz.5.2313'. [ 311.837777][T11837] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2313'. [ 312.620891][T11874] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2330'. [ 312.824847][ T5941] usb 2-1: new full-speed USB device number 16 using dummy_hcd [ 313.013652][ T5941] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 313.052882][ T5941] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 313.088968][ T5941] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 313.119690][ T5941] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 313.142192][ T5941] usb 2-1: Product: syz [ 313.152126][ T5941] usb 2-1: Manufacturer: syz [ 313.159576][ T5941] usb 2-1: SerialNumber: syz [ 313.378430][ T5941] usb 2-1: 0:2 : does not exist [ 313.394543][ T5941] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 313.431059][ T5941] usb 2-1: USB disconnect, device number 16 [ 313.453176][T11901] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2341'. [ 313.472064][T11901] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2341'. [ 313.554129][ T5911] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 313.727544][ T5911] usb 6-1: Using ep0 maxpacket: 32 [ 313.737665][ T5911] usb 6-1: config 0 has an invalid interface number: 132 but max is 0 [ 313.746126][ T5911] usb 6-1: config 0 has no interface number 0 [ 313.752285][ T5911] usb 6-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 313.769603][ T5911] usb 6-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 313.779347][ T5911] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 313.787447][ T5911] usb 6-1: Product: syz [ 313.791808][ T5911] usb 6-1: Manufacturer: syz [ 313.797005][ T5911] usb 6-1: SerialNumber: syz [ 313.805210][ T5911] usb 6-1: config 0 descriptor?? [ 313.816551][ T5911] em28xx 6-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 313.826675][ T5911] em28xx 6-1:0.132: Video interface 132 found: [ 314.222447][ T5911] em28xx 6-1:0.132: chip ID is em2884 [ 314.268825][ T30] audit: type=1326 audit(1754400006.612:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11929 comm="syz.4.2353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb6d8eb69 code=0x7ffc0000 [ 314.296995][ T30] audit: type=1326 audit(1754400006.612:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11929 comm="syz.4.2353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb6d8eb69 code=0x7ffc0000 [ 314.322972][ T30] audit: type=1326 audit(1754400006.642:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11929 comm="syz.4.2353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fadb6d8eb69 code=0x7ffc0000 [ 314.344701][ C1] vkms_vblank_simulate: vblank timer overrun [ 314.352206][ T30] audit: type=1326 audit(1754400006.642:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11929 comm="syz.4.2353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb6d8eb69 code=0x7ffc0000 [ 314.375594][ T30] audit: type=1326 audit(1754400006.642:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11929 comm="syz.4.2353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb6d8eb69 code=0x7ffc0000 [ 314.397173][ C1] vkms_vblank_simulate: vblank timer overrun [ 314.415710][ T30] audit: type=1326 audit(1754400006.662:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11929 comm="syz.4.2353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fadb6d8eb69 code=0x7ffc0000 [ 314.442610][ T30] audit: type=1326 audit(1754400006.662:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11929 comm="syz.4.2353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb6d8eb69 code=0x7ffc0000 [ 314.469482][ T30] audit: type=1326 audit(1754400006.662:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11929 comm="syz.4.2353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb6d8eb69 code=0x7ffc0000 [ 314.495438][ T30] audit: type=1326 audit(1754400006.692:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11929 comm="syz.4.2353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fadb6d8d4d0 code=0x7ffc0000 [ 314.527609][ T30] audit: type=1326 audit(1754400006.692:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11929 comm="syz.4.2353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb6d8eb69 code=0x7ffc0000 [ 314.567741][T11939] loop2: detected capacity change from 0 to 7 [ 314.576010][T11939] Dev loop2: unable to read RDB block 7 [ 314.581714][T11939] loop2: unable to read partition table [ 314.588969][T11939] loop2: partition table beyond EOD, truncated [ 314.599754][T11939] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 315.033570][ T5911] em28xx 6-1:0.132: failed to trigger write to i2c address 0xa0 (error=-5) [ 315.048024][ T5911] em28xx 6-1:0.132: failed to read eeprom (err=-5) [ 315.064228][ T5911] em28xx 6-1:0.132: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-5] [ 315.144235][ T5911] em28xx 6-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 315.164326][ T5911] em28xx 6-1:0.132: analog set to bulk mode. [ 315.170456][ T43] em28xx 6-1:0.132: Registering V4L2 extension [ 315.260087][ T5911] usb 6-1: USB disconnect, device number 21 [ 315.439284][ T5911] em28xx 6-1:0.132: Disconnecting em28xx [ 315.970090][ T43] em28xx 6-1:0.132: Config register raw data: 0xffffffed [ 315.977424][ T43] em28xx 6-1:0.132: AC97 chip type couldn't be determined [ 315.989714][ T43] em28xx 6-1:0.132: No AC97 audio processor [ 316.006452][ T43] usb 6-1: Decoder not found [ 316.074928][ T43] em28xx 6-1:0.132: failed to create media graph [ 316.081357][ T43] em28xx 6-1:0.132: V4L2 device video103 deregistered [ 316.107050][ T43] em28xx 6-1:0.132: Remote control support is not available for this card. [ 316.134364][ T5911] em28xx 6-1:0.132: Closing input extension [ 316.155512][ T5911] em28xx 6-1:0.132: Freeing device [ 316.236548][ T5941] libceph: connect (1)[c::]:6789 error -97 [ 316.242779][ T5941] libceph: mon0 (1)[c::]:6789 connect error [ 316.270850][T11960] ceph: No mds server is up or the cluster is laggy [ 316.327043][T11968] overlayfs: failed to clone upperpath [ 317.431620][T11999] syzkaller0: entered allmulticast mode [ 317.448245][T11999] syzkaller0: entered promiscuous mode [ 317.486945][T12003] vcan0: tx drop: invalid sa for name 0xbffffffffffffffd [ 317.520135][T11999] syzkaller0 (unregistering): left allmulticast mode [ 317.536151][T11999] syzkaller0 (unregistering): left promiscuous mode [ 317.834130][T12009] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2382'. [ 317.860985][T12009] batadv1: entered promiscuous mode [ 317.882139][T12009] batadv1: entered allmulticast mode [ 318.532606][ T5953] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 318.704044][ T5953] usb 2-1: Using ep0 maxpacket: 16 [ 318.726731][ T5953] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 318.741810][ T5953] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 318.767347][ T5953] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 318.804530][ T5953] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 318.836200][ T5953] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 318.846702][ T5953] usb 2-1: config 1 interface 0 has no altsetting 0 [ 318.856013][ T5953] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 318.865670][ T5953] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.883209][ T5953] ums-sddr09 2-1:1.0: USB Mass Storage device detected [ 319.092475][ T5953] scsi host1: usb-storage 2-1:1.0 [ 319.274049][ T43] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 319.306651][ T24] usb 2-1: USB disconnect, device number 17 [ 319.426198][ T43] usb 5-1: Using ep0 maxpacket: 16 [ 319.433231][ T43] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 319.441617][ T43] usb 5-1: config 0 has no interface number 0 [ 319.447901][ T43] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 319.458666][ T43] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 319.469016][ T43] usb 5-1: config 0 interface 41 has no altsetting 0 [ 319.478439][ T43] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a [ 319.491264][ T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.499886][ T43] usb 5-1: Product: syz [ 319.504470][ T43] usb 5-1: Manufacturer: syz [ 319.511514][ T43] usb 5-1: SerialNumber: syz [ 319.521220][ T43] usb 5-1: config 0 descriptor?? [ 319.528576][T12047] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 319.544933][T12047] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 319.759209][T12047] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 319.771494][T12047] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 320.148409][T12073] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2408'. [ 320.182621][ T43] Error reading MAC address [ 320.198227][T12047] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 320.214598][T12047] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 320.853992][ T5953] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 320.873907][ T9] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 320.901363][ T43] sr9700 5-1:0.41 eth9: register 'sr9700' at usb-dummy_hcd.4-1, CoreChip SR9700 USB Ethernet, ea:5e:62:c6:39:91 [ 320.944178][ T43] usb 5-1: USB disconnect, device number 21 [ 320.959483][ T5837] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 320.970400][ T5837] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 320.979503][ T5837] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 320.988696][ T5837] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 320.997110][ T5837] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 321.005339][ T43] sr9700 5-1:0.41 eth9: unregister 'sr9700' usb-dummy_hcd.4-1, CoreChip SR9700 USB Ethernet [ 321.023979][ T5953] usb 2-1: Using ep0 maxpacket: 32 [ 321.034462][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 321.043705][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 321.050944][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 321.056689][ T5953] usb 2-1: config 0 has an invalid interface number: 184 but max is 0 [ 321.072422][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 321.083143][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 321.092412][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 321.105417][ T9] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 321.126001][ T5953] usb 2-1: config 0 has no interface number 0 [ 321.140065][ T5953] usb 2-1: config 0 interface 184 has no altsetting 0 [ 321.147535][ T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 321.158305][ T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 321.169271][ T9] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 321.182811][ T9] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 321.192044][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.206202][ T5953] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 321.217068][ T5953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 321.225304][ T5953] usb 2-1: Product: syz [ 321.229644][ T5953] usb 2-1: Manufacturer: syz [ 321.234433][ T5953] usb 2-1: SerialNumber: syz [ 321.242980][ T5953] usb 2-1: config 0 descriptor?? [ 321.251211][ T5953] smsc75xx v1.0.0 [ 321.255243][ T5953] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 321.265996][ T5953] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -22 [ 321.413543][ T9] usb 1-1: GET_CAPABILITIES returned 0 [ 321.431207][ T9] usbtmc 1-1:16.0: can't read capabilities [ 321.508964][ T9] usb 2-1: USB disconnect, device number 18 [ 321.632138][ T43] usb 1-1: USB disconnect, device number 21 [ 321.701639][T12088] chnl_net:caif_netlink_parms(): no params data found [ 321.912637][T12088] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.925031][T12088] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.932427][T12088] bridge_slave_0: entered allmulticast mode [ 321.947286][T12088] bridge_slave_0: entered promiscuous mode [ 321.956404][T12088] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.963730][T12088] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.971155][T12088] bridge_slave_1: entered allmulticast mode [ 321.979063][T12088] bridge_slave_1: entered promiscuous mode [ 322.030875][T12088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 322.049379][T12088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 322.189758][T12088] team0: Port device team_slave_0 added [ 322.215689][T12088] team0: Port device team_slave_1 added [ 322.422219][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.428699][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.486675][T12088] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 322.493710][T12088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 322.583946][T12088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 322.701420][T12088] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 322.709140][T12088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 322.735841][T12088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 322.949108][T12113] netlink: 'syz.6.2424': attribute type 4 has an invalid length. [ 323.134160][ T5837] Bluetooth: hci4: command tx timeout [ 323.159517][T12088] hsr_slave_0: entered promiscuous mode [ 323.185389][T12088] hsr_slave_1: entered promiscuous mode [ 323.234548][T12088] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 323.242182][T12088] Cannot create hsr debugfs directory [ 323.741671][T12140] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 323.981923][T12146] bridge0: port 2(bridge_slave_1) entered disabled state [ 324.004241][T12146] bridge_slave_1: left allmulticast mode [ 324.024472][T12146] bridge_slave_1: left promiscuous mode [ 324.047096][T12146] bridge0: port 2(bridge_slave_1) entered disabled state [ 324.131396][T12146] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 324.159095][T12152] block nbd4: shutting down sockets [ 324.682621][T12088] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 324.703229][T12088] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 324.722195][T12088] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 324.735577][T12088] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 324.963729][T12088] 8021q: adding VLAN 0 to HW filter on device bond0 [ 325.003430][T12088] 8021q: adding VLAN 0 to HW filter on device team0 [ 325.037338][ T1112] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.044720][ T1112] bridge0: port 1(bridge_slave_0) entered forwarding state [ 325.095873][ T7723] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.103098][ T7723] bridge0: port 2(bridge_slave_1) entered forwarding state [ 325.214785][ T5837] Bluetooth: hci4: command tx timeout [ 325.229430][T12088] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 325.877705][T12088] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 326.307841][T12210] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2454'. [ 326.342273][T12210] netlink: 'syz.4.2454': attribute type 18 has an invalid length. [ 326.378244][T12210] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 326.388119][T12210] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 326.397019][T12210] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 326.406067][T12210] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 326.456349][T12210] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2454'. [ 326.475871][T12210] netlink: 'syz.4.2454': attribute type 18 has an invalid length. [ 326.629023][T12088] veth0_vlan: entered promiscuous mode [ 326.736025][T12088] veth1_vlan: entered promiscuous mode [ 326.812601][T12221] gtp0: entered promiscuous mode [ 326.836645][T12088] veth0_macvtap: entered promiscuous mode [ 326.876879][T12088] veth1_macvtap: entered promiscuous mode [ 326.975235][T12088] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 327.021080][T12088] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 327.064382][T12088] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.083412][T12088] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.113890][T12088] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.122673][T12088] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.295244][ T5837] Bluetooth: hci4: command tx timeout [ 327.422528][ T7718] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.453141][ T7718] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.561896][ T7732] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.585720][ T7732] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 328.433985][T12251] 8021q: adding VLAN 0 to HW filter on device bond3 [ 328.452916][T12251] team0: Failed to send options change via netlink (err -105) [ 328.468388][T12251] team0: Port device bond3 added [ 329.399281][ T5837] Bluetooth: hci4: command tx timeout [ 331.154001][ T5911] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 331.345212][ T5911] usb 2-1: Using ep0 maxpacket: 8 [ 331.362491][ T5911] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 331.392115][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 331.419262][ T5911] usb 2-1: Product: syz [ 331.453914][ T5911] usb 2-1: Manufacturer: syz [ 331.461244][ T5911] usb 2-1: SerialNumber: syz [ 331.481923][ T5911] usb 2-1: config 0 descriptor?? [ 331.664380][T12314] 9pnet_fd: Insufficient options for proto=fd [ 331.706572][ T5911] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 331.808834][T12318] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2495'. [ 332.137141][ T5911] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 332.159448][ T5911] usb 2-1: USB disconnect, device number 19 [ 332.596972][T12341] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2504'. [ 332.621900][T12341] unsupported nlmsg_type 40 [ 332.740181][T12320] ceph: No mds server is up or the cluster is laggy [ 332.909146][T12347] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-61) [ 333.194399][ T5941] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 333.245730][T12357] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2510'. [ 333.280799][T12361] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2511'. [ 333.376280][ T5941] usb 8-1: Using ep0 maxpacket: 8 [ 333.395641][ T5941] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 333.429642][ T5941] usb 8-1: config 179 has no interface number 0 [ 333.449999][ T5941] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 333.488187][ T5941] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 333.552402][ T5941] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 333.604326][ T5941] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 333.657985][ T5941] usb 8-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 333.708022][ T5941] usb 8-1: config 179 interface 65 has no altsetting 0 [ 333.737500][ T5941] usb 8-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 333.774957][ T5941] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.855924][ T5941] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:179.65/input/input36 [ 333.934545][ T5190] input input36: unable to receive magic message: -110 [ 333.981382][ T5190] input input36: unable to receive magic message: -32 [ 334.027688][ T5190] input input36: unable to receive magic message: -32 [ 334.076358][ T5190] input input36: unable to receive magic message: -32 [ 334.235810][ T5941] usb 8-1: USB disconnect, device number 2 [ 334.241742][ C0] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 334.882722][T12391] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2523'. [ 334.910698][T12391] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2523'. [ 335.100765][T12399] netlink: 'syz.1.2527': attribute type 1 has an invalid length. [ 335.131636][T12401] overlayfs: failed to decode file handle (len=7, type=251, flags=0, err=-61) [ 335.248465][T12399] 8021q: adding VLAN 0 to HW filter on device bond4 [ 335.367096][T12403] bond4: entered promiscuous mode [ 336.664616][T12444] No such timeout policy "syz0" [ 336.962563][T12452] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2547'. [ 338.020893][T12467] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2553'. [ 339.252918][T12500] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2567'. [ 340.975531][T12545] netlink: 552 bytes leftover after parsing attributes in process `syz.4.2585'. [ 341.288883][T12545] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 342.896894][T12563] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 342.904285][T12563] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 342.936002][T12563] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 343.155075][T12587] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2600'. [ 343.224076][ T5911] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 343.394738][ T5911] usb 2-1: Using ep0 maxpacket: 8 [ 343.412117][ T5911] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 343.422848][ T1597] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 343.436844][ T5911] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 343.452161][ T5911] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 343.467131][ T5911] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 343.480513][ T5911] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 343.492737][ T5911] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 343.513533][ T5911] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 343.529111][ T5911] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 343.538931][T12600] netlink: 'syz.4.2606': attribute type 2 has an invalid length. [ 343.541240][ T5911] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 343.548055][T12600] netlink: 'syz.4.2606': attribute type 8 has an invalid length. [ 343.548077][T12600] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2606'. [ 343.603914][ T1597] usb 1-1: Using ep0 maxpacket: 32 [ 343.611470][ T5911] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 343.621824][ T1597] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 343.631109][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.639145][ T1597] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.647710][ T5911] usb 2-1: Product: syz [ 343.651930][ T5911] usb 2-1: Manufacturer: syz [ 343.661031][ T1597] usb 1-1: config 0 descriptor?? [ 343.666077][ T5911] usb 2-1: SerialNumber: syz [ 343.674751][ T1597] gspca_main: sunplus-2.14.0 probing 041e:400b [ 343.892452][ T7723] Bluetooth: hci6: Frame reassembly failed (-84) [ 343.916782][ T5840] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 344.334178][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 344.539944][T12616] af_packet: tpacket_rcv: packet too big, clamped from 65238 to 4294967272. macoff=96 [ 344.973997][ T5840] Bluetooth: hci5: command 0xfc11 tx timeout [ 344.974001][ T5837] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 345.116977][ T1597] gspca_sunplus: reg_w_riv err -71 [ 345.122302][ T1597] sunplus 1-1:0.0: probe with driver sunplus failed with error -71 [ 345.138120][ T1597] usb 1-1: USB disconnect, device number 22 [ 345.498082][ T1597] kernel write not supported for file bpf-prog (pid: 1597 comm: kworker/1:2) [ 345.732712][T12652] netlink: 'syz.0.2627': attribute type 4 has an invalid length. [ 345.744680][T12652] netlink: 'syz.0.2627': attribute type 4 has an invalid length. [ 345.934797][ T51] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 345.941680][ T5837] Bluetooth: hci6: command 0x1003 tx timeout [ 346.414603][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout [ 346.690434][T12685] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 346.702365][T12685] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 347.791344][ T43] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 347.817757][ T43] hid-generic 0000:0000:0000.0016: hidraw0: HID v0.00 Device [syz1] on syz0 [ 348.314721][T12734] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2660'. [ 348.494177][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout [ 348.764428][ T5911] adutux 2-1:168.0: interrupt endpoints not found [ 352.206740][T12768] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2674'. [ 352.238815][T12768] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2674'. [ 354.168472][T12820] netlink: 52 bytes leftover after parsing attributes in process `syz.6.2695'. [ 355.172038][T12846] vlan2: entered allmulticast mode [ 355.202338][T12846] bridge_slave_0: entered allmulticast mode [ 356.467916][T12881] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2723'. [ 356.489596][T12881] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2723'. [ 356.499697][T12884] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2720'. [ 358.732734][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 358.732754][ T30] audit: type=1326 audit(1754400051.072:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12937 comm="syz.6.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 358.853393][ T30] audit: type=1326 audit(1754400051.072:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12937 comm="syz.6.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 358.875027][ C0] vkms_vblank_simulate: vblank timer overrun [ 359.031298][ T30] audit: type=1326 audit(1754400051.072:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12937 comm="syz.6.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 359.137743][ T30] audit: type=1326 audit(1754400051.072:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12937 comm="syz.6.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 359.159322][ C0] vkms_vblank_simulate: vblank timer overrun [ 359.239560][ T30] audit: type=1326 audit(1754400051.072:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12937 comm="syz.6.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 359.328711][ T30] audit: type=1326 audit(1754400051.072:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12937 comm="syz.6.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f75b2d8eb69 code=0x7ffc0000 [ 359.356471][ T30] audit: type=1326 audit(1754400051.072:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12937 comm="syz.6.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f75b2d2ad69 code=0x7ffc0000 [ 359.386687][ T30] audit: type=1326 audit(1754400051.072:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12937 comm="syz.6.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f75b2d2ad69 code=0x7ffc0000 [ 359.408156][ C0] vkms_vblank_simulate: vblank timer overrun [ 359.480719][ T30] audit: type=1326 audit(1754400051.072:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12937 comm="syz.6.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f75b2d2ad69 code=0x7ffc0000 [ 359.548176][ T30] audit: type=1326 audit(1754400051.072:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12937 comm="syz.6.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f75b2d2ad69 code=0x7ffc0000 [ 360.775248][ T5941] usb 5-1: new full-speed USB device number 22 using dummy_hcd [ 360.992240][ T5941] usb 5-1: unable to get BOS descriptor or descriptor too short [ 361.021419][ T5941] usb 5-1: no configurations [ 361.039800][ T5941] usb 5-1: can't read configurations, error -22 [ 361.610963][T13031] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2783'. [ 362.765667][T13045] team0: Port device syz_tun removed [ 362.823703][T13045] bond0: (slave bond_slave_0): Releasing backup interface [ 362.849560][T13045] bond0: (slave bond_slave_1): Releasing backup interface [ 362.953137][T13045] team0: Port device team_slave_0 removed [ 363.010637][T13045] team0: Port device team_slave_1 removed [ 363.017338][T13045] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 363.024896][T13045] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 363.066474][T13045] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 363.134126][T13045] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 363.235701][T13045] bond1: (slave bridge0): Releasing backup interface [ 363.250431][T13045] bridge0: left promiscuous mode [ 363.507602][T13061] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2795'. [ 365.364292][ T1597] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 365.558296][ T1597] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 365.570495][T13107] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2811'. [ 365.576118][ T1597] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 365.628926][ T1597] usb 5-1: config 0 descriptor?? [ 365.674125][ T1597] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 365.864942][ T43] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 366.254699][ T1597] cpia1 5-1:0.0: unexpected state after lo power cmd: 00 [ 366.262259][ T43] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 366.354002][ T43] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 366.521920][ T43] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 366.531912][ T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.579691][T13102] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 366.595317][ T43] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 366.829492][ T43] usb 1-1: USB disconnect, device number 23 [ 366.926616][ T1597] gspca_cpia1: usb_control_msg 05, error -71 [ 366.934976][ T1597] cpia1 5-1:0.0: unexpected systemstate: 00 [ 366.962624][ T1597] usb 5-1: USB disconnect, device number 24 [ 367.168666][T13119] kvm: user requested TSC rate below hardware speed [ 367.178677][T13119] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 367.205573][T13119] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 367.784812][T13145] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2825'. [ 368.501544][T13157] loop2: detected capacity change from 0 to 7 [ 368.540282][T13157] loop2: [ 368.559566][T13157] loop2: partition table partially beyond EOD, truncated [ 369.328630][T13172] netlink: 'syz.7.2836': attribute type 4 has an invalid length. [ 369.371363][T13175] tmpfs: Unknown parameter 'usrquota0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.371363][T13175] 0 [ 369.770893][ T1102] Bluetooth: hci5: Frame reassembly failed (-84) [ 370.834040][ T43] usb 5-1: new full-speed USB device number 25 using dummy_hcd [ 370.997378][ T43] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 371.008036][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 371.016270][ T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 371.026228][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 371.037989][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 371.049640][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 371.057234][ T43] usb 5-1: config 0 descriptor?? [ 371.058173][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 371.499181][T13217] chnl_net:caif_netlink_parms(): no params data found [ 371.683149][T13217] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.697175][T13241] Invalid option length (1048372) for dns_resolver key [ 371.709852][T13217] bridge0: port 1(bridge_slave_0) entered disabled state [ 371.719233][T13217] bridge_slave_0: entered allmulticast mode [ 371.727821][T13217] bridge_slave_0: entered promiscuous mode [ 371.737944][T13217] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.745504][T13217] bridge0: port 2(bridge_slave_1) entered disabled state [ 371.753899][T13217] bridge_slave_1: entered allmulticast mode [ 371.762106][T13217] bridge_slave_1: entered promiscuous mode [ 371.774320][ T5837] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 371.917773][T13217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 371.932317][T13217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 372.011459][T13245] batadv_slave_1: entered promiscuous mode [ 372.021434][T13244] batadv_slave_1: left promiscuous mode [ 372.046536][T13217] team0: Port device team_slave_0 added [ 372.059448][T13217] team0: Port device team_slave_1 added [ 372.168886][T13217] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 372.193993][T13217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 372.229580][T13217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 372.272207][T13217] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 372.285288][T13217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 372.343866][T13217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 372.525156][ T43] pegasus 5-1:0.0: can't reset MAC [ 372.531701][ T43] pegasus 5-1:0.0: probe with driver pegasus failed with error -5 [ 372.557581][ T43] usb 5-1: USB disconnect, device number 25 [ 372.622169][T13217] hsr_slave_0: entered promiscuous mode [ 372.642087][T13217] hsr_slave_1: entered promiscuous mode [ 372.649952][T13217] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 372.671425][T13217] Cannot create hsr debugfs directory [ 373.136418][ T5840] Bluetooth: hci4: command tx timeout [ 373.314484][T13217] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 373.346581][T13217] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 373.384842][T13217] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 373.468454][T13217] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 373.750133][T13288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 373.767116][T13288] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 373.807339][T13217] 8021q: adding VLAN 0 to HW filter on device bond0 [ 373.847316][T13217] 8021q: adding VLAN 0 to HW filter on device team0 [ 373.873196][ T7732] bridge0: port 1(bridge_slave_0) entered blocking state [ 373.880455][ T7732] bridge0: port 1(bridge_slave_0) entered forwarding state [ 373.918042][ T7718] bridge0: port 2(bridge_slave_1) entered blocking state [ 373.925320][ T7718] bridge0: port 2(bridge_slave_1) entered forwarding state [ 374.230763][T13305] netlink: 'syz.6.2885': attribute type 5 has an invalid length. [ 374.244365][T13305] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2885'. [ 374.431872][T13217] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 375.200579][T13217] veth0_vlan: entered promiscuous mode [ 375.214575][ T5840] Bluetooth: hci4: command tx timeout [ 375.229995][T13217] veth1_vlan: entered promiscuous mode [ 375.290284][T13343] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 375.332869][T13217] veth0_macvtap: entered promiscuous mode [ 375.349775][T13217] veth1_macvtap: entered promiscuous mode [ 375.372069][T13217] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 375.397587][T13217] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 375.412700][T13217] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.434069][T13217] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.443214][T13217] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.459050][T13217] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.512616][T13347] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2901'. [ 375.698385][ T7732] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 375.716858][ T7732] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 375.791316][ T7723] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 375.807221][ T7723] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 376.130710][ T30] kauditd_printk_skb: 122 callbacks suppressed [ 376.130730][ T30] audit: type=1326 audit(1754400068.472:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13365 comm="syz.0.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f11b8eb69 code=0x7ffc0000 [ 376.188858][ T30] audit: type=1326 audit(1754400068.512:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13365 comm="syz.0.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f11b8eb69 code=0x7ffc0000 [ 376.250081][ T30] audit: type=1326 audit(1754400068.512:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13365 comm="syz.0.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f9f11b8eb69 code=0x7ffc0000 [ 376.328954][ T30] audit: type=1326 audit(1754400068.512:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13365 comm="syz.0.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f11b8eb69 code=0x7ffc0000 [ 376.392219][ T30] audit: type=1326 audit(1754400068.512:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13365 comm="syz.0.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f9f11b8eb69 code=0x7ffc0000 [ 376.418596][ T30] audit: type=1326 audit(1754400068.512:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13365 comm="syz.0.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f11b8eb69 code=0x7ffc0000 [ 376.456478][ T30] audit: type=1326 audit(1754400068.512:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13365 comm="syz.0.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f11b8eb69 code=0x7ffc0000 [ 376.486833][ T30] audit: type=1326 audit(1754400068.512:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13365 comm="syz.0.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f9f11b8eb69 code=0x7ffc0000 [ 376.520590][ T30] audit: type=1326 audit(1754400068.512:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13365 comm="syz.0.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f11b8eb69 code=0x7ffc0000 [ 376.668559][ T9] IPVS: starting estimator thread 0... [ 376.712490][T13393] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 376.721549][T13383] syzkaller1: entered promiscuous mode [ 376.744304][T13383] syzkaller1: entered allmulticast mode [ 376.750444][T13393] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 376.826081][T13391] IPVS: using max 26 ests per chain, 62400 per kthread [ 376.950034][T13401] misc userio: Invalid payload size [ 377.010203][T13404] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2921'. [ 377.273740][ T30] audit: type=1326 audit(1754400069.612:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13409 comm="syz.6.2925" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75b2d8eb69 code=0x0 [ 377.304179][ T5840] Bluetooth: hci4: command tx timeout [ 377.467074][T13417] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 377.720308][T13432] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 377.759255][T13432] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 377.796646][T13432] input: syz0 as /devices/virtual/input/input38 [ 378.175176][T13442] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2934'. [ 379.374602][ T5840] Bluetooth: hci4: command tx timeout [ 379.663524][T13499] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 379.684548][T13499] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 380.003927][ T9] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 380.163900][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 380.171049][ T9] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 380.179342][ T9] usb 5-1: config 0 has no interface number 0 [ 380.188927][ T9] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 380.199019][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.207164][ T9] usb 5-1: Product: syz [ 380.211478][ T9] usb 5-1: Manufacturer: syz [ 380.216248][ T9] usb 5-1: SerialNumber: syz [ 380.228645][ T9] usb 5-1: config 0 descriptor?? [ 380.236944][ T9] smsc95xx v2.0.0 [ 380.489632][T13514] loop6: detected capacity change from 0 to 2560 [ 380.499789][T13514] buffer_io_error: 4 callbacks suppressed [ 380.499809][T13514] Buffer I/O error on dev loop6, logical block 0, async page read [ 380.514691][T13514] Buffer I/O error on dev loop6, logical block 0, async page read [ 380.522753][T13514] Buffer I/O error on dev loop6, logical block 0, async page read [ 380.532791][T13514] Buffer I/O error on dev loop6, logical block 0, async page read [ 380.584080][T13514] Buffer I/O error on dev loop6, logical block 0, async page read [ 380.592441][T13514] Buffer I/O error on dev loop6, logical block 0, async page read [ 380.606834][T13514] Buffer I/O error on dev loop6, logical block 0, async page read [ 380.676210][ T9] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 380.724038][ T9] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 380.738251][T13514] Buffer I/O error on dev loop6, logical block 0, async page read [ 380.770159][T13514] ldm_validate_partition_table(): Disk read failed. [ 380.804638][T13514] Buffer I/O error on dev loop6, logical block 0, async page read [ 380.835075][T13514] Buffer I/O error on dev loop6, logical block 0, async page read [ 380.855315][T13514] Dev loop6: unable to read RDB block 0 [ 380.861635][T13514] loop6: unable to read partition table [ 380.869623][T13514] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾‚³˜) failed (rc=-5) [ 381.114316][ T5941] usb 9-1: new full-speed USB device number 2 using dummy_hcd [ 381.316208][ T5941] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 381.326763][ T5941] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 381.338922][ T5941] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 381.356121][ T5941] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 381.365798][ T5941] usb 9-1: Product: syz [ 381.370053][ T5941] usb 9-1: Manufacturer: syz [ 381.397507][ T5941] usb 9-1: SerialNumber: syz [ 381.553488][ T9] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 381.569516][ T9] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71 [ 381.593201][ T9] usb 5-1: USB disconnect, device number 26 [ 381.648269][ T5941] usb 9-1: 0:2 : does not exist [ 381.662169][ T5941] usb 9-1: 5:0: failed to get current value for ch 0 (-22) [ 381.729082][ T5941] usb 9-1: USB disconnect, device number 2 [ 383.047273][T13584] netlink: 'syz.1.2990': attribute type 12 has an invalid length. [ 383.867057][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.873520][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.416187][ T5941] usb 5-1: new full-speed USB device number 27 using dummy_hcd [ 384.600866][ T5941] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 384.615092][ T5941] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 384.628517][ T5941] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 384.637768][ T5941] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.872210][ T5941] usb 5-1: usb_control_msg returned -32 [ 384.878963][ T5941] usbtmc 5-1:16.0: can't read capabilities [ 385.989673][T13622] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 386.711979][T13638] netlink: 'syz.8.3008': attribute type 10 has an invalid length. [ 386.844785][T13638] 8021q: adding VLAN 0 to HW filter on device team0 [ 386.909096][T13638] bond0: (slave team0): Enslaving as an active interface with an up link [ 387.231788][ T5941] usb 5-1: USB disconnect, device number 27 [ 387.469431][T13655] batadv_slave_1: entered promiscuous mode [ 387.523460][T13655] hsr0: entered promiscuous mode [ 387.581918][T13658] batadv_slave_1: left promiscuous mode [ 387.630911][T13651] hsr0: left promiscuous mode [ 492.697874][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 492.704961][ C1] rcu: 0-...!: (1 GPs behind) idle=85b4/0/0x1 softirq=82052/82053 fqs=0 [ 492.714558][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P13661/1:b..l P7711/1:b..l [ 492.723753][ C1] rcu: (detected by 1, t=10502 jiffies, g=60865, q=560 ncpus=2) [ 492.731514][ C1] Sending NMI from CPU 1 to CPUs 0: [ 492.731552][ C0] NMI backtrace for cpu 0 [ 492.731584][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 492.731613][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 492.731632][ C0] RIP: 0010:__hrtimer_run_queues+0x5ac/0xc60 [ 492.731660][ C0] Code: f0 b3 a0 8f be 08 00 00 00 e8 80 97 71 00 31 f6 4c 0f a3 3d f6 3b f2 0d 41 0f 92 c7 40 0f 92 c6 bf 02 00 00 00 e8 b4 b0 11 00 <45> 84 ff 74 1f e8 7a b2 f8 ff 84 c0 49 bd 00 00 00 00 00 fc ff df [ 492.731676][ C0] RSP: 0018:ffffc90000007d40 EFLAGS: 00000006 [ 492.731692][ C0] RAX: ffffffff81ae780c RBX: ffff8880b8627c08 RCX: 0000000000010000 [ 492.731706][ C0] RDX: ffffffff8de95280 RSI: 0000000000000001 RDI: 0000000000000002 [ 492.731718][ C0] RBP: ffffc90000007e90 R08: ffffffff8fa0b3f7 R09: 1ffffffff1f4167e [ 492.731732][ C0] R10: dffffc0000000000 R11: fffffbfff1f4167f R12: ffff88807c53a340 [ 492.731746][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 492.731757][ C0] FS: 0000000000000000(0000) GS:ffff888125c57000(0000) knlGS:0000000000000000 [ 492.731772][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 492.731784][ C0] CR2: 00007f9f0f9f5f98 CR3: 000000007c782000 CR4: 00000000003526f0 [ 492.731801][ C0] DR0: ffffffffffffffff DR1: 0000000000000047 DR2: 0000000000000005 [ 492.731813][ C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 492.731824][ C0] Call Trace: [ 492.731836][ C0] [ 492.731857][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 492.731877][ C0] ? read_tsc+0x9/0x20 [ 492.731908][ C0] hrtimer_interrupt+0x45b/0xaa0 [ 492.731944][ C0] __sysvec_apic_timer_interrupt+0x108/0x410 [ 492.731967][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 492.731985][ C0] [ 492.731991][ C0] [ 492.731999][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 492.732018][ C0] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 492.732036][ C0] Code: 53 de 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 ad 21 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 492.732051][ C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2 [ 492.732065][ C0] RAX: c1270ec0364f2700 RBX: ffffffff81976918 RCX: c1270ec0364f2700 [ 492.732079][ C0] RDX: 0000000000000001 RSI: ffffffff8d982fba RDI: ffffffff8be1ba40 [ 492.732092][ C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb [ 492.732106][ C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8fa0b3f0 [ 492.732119][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50 [ 492.732134][ C0] ? do_idle+0x1e8/0x510 [ 492.732159][ C0] default_idle+0x13/0x20 [ 492.732180][ C0] default_idle_call+0x74/0xb0 [ 492.732202][ C0] do_idle+0x1e8/0x510 [ 492.732220][ C0] ? asm_sysvec_call_function_single+0x1a/0x20 [ 492.732243][ C0] ? __pfx_do_idle+0x10/0x10 [ 492.732267][ C0] ? do_idle+0xc/0x510 [ 492.732288][ C0] cpu_startup_entry+0x44/0x60 [ 492.732307][ C0] rest_init+0x2de/0x300 [ 492.732330][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 492.732372][ C0] start_kernel+0x47d/0x500 [ 492.732399][ C0] x86_64_start_reservations+0x24/0x30 [ 492.732425][ C0] x86_64_start_kernel+0x143/0x1c0 [ 492.732450][ C0] common_startup_64+0x13e/0x147 [ 492.732482][ C0] [ 492.732540][ C1] task:kworker/u8:10 state:R running task stack:21160 pid:7711 tgid:7711 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 493.072051][ C1] Workqueue: bat_events batadv_nc_worker [ 493.077730][ C1] Call Trace: [ 493.081030][ C1] [ 493.084009][ C1] __schedule+0x16aa/0x4c90 [ 493.088575][ C1] ? __lock_acquire+0xab9/0xd20 [ 493.093474][ C1] ? preempt_schedule_irq+0xb5/0x150 [ 493.098815][ C1] ? __pfx___schedule+0x10/0x10 [ 493.103706][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 493.108960][ C1] ? preempt_schedule_irq+0xaa/0x150 [ 493.114274][ C1] preempt_schedule_irq+0xb5/0x150 [ 493.119420][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 493.125180][ C1] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 493.131022][ C1] irqentry_exit+0x6f/0x90 [ 493.135466][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 493.141474][ C1] RIP: 0010:lock_acquire+0x175/0x360 [ 493.146780][ C1] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 6b 55 fe 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e [ 493.166429][ C1] RSP: 0018:ffffc90003adf980 EFLAGS: 00000206 [ 493.172548][ C1] RAX: a1194adc5b594d00 RBX: 0000000000000000 RCX: a1194adc5b594d00 [ 493.180558][ C1] RDX: 0000000000000000 RSI: ffffffff8db6fcc6 RDI: ffffffff8be1ba40 [ 493.188579][ C1] RBP: ffffffff8b345592 R08: 0000000000000000 R09: ffffffff8b345592 [ 493.196582][ C1] R10: dffffc0000000000 R11: ffffffff8b3454c0 R12: 0000000000000002 [ 493.204599][ C1] R13: ffffffff8e13f0e0 R14: 0000000000000000 R15: 0000000000000246 [ 493.212620][ C1] ? batadv_nc_worker+0xd2/0x610 [ 493.217612][ C1] ? __pfx_batadv_nc_worker+0x10/0x10 [ 493.223033][ C1] ? batadv_nc_worker+0xd2/0x610 [ 493.228036][ C1] ? batadv_nc_worker+0xd2/0x610 [ 493.233028][ C1] ? batadv_nc_worker+0xd2/0x610 [ 493.238011][ C1] batadv_nc_worker+0xef/0x610 [ 493.242833][ C1] ? batadv_nc_worker+0xd2/0x610 [ 493.247831][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 493.253588][ C1] process_scheduled_works+0xade/0x17b0 [ 493.259230][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 493.265267][ C1] worker_thread+0x8a0/0xda0 [ 493.269928][ C1] kthread+0x70e/0x8a0 [ 493.274040][ C1] ? __pfx_worker_thread+0x10/0x10 [ 493.279187][ C1] ? __pfx_kthread+0x10/0x10 [ 493.283816][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 493.289057][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 493.294300][ C1] ? __pfx_kthread+0x10/0x10 [ 493.298927][ C1] ret_from_fork+0x3fc/0x770 [ 493.303560][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 493.308716][ C1] ? __switch_to_asm+0x39/0x70 [ 493.313522][ C1] ? __switch_to_asm+0x33/0x70 [ 493.318328][ C1] ? __pfx_kthread+0x10/0x10 [ 493.322976][ C1] ret_from_fork_asm+0x1a/0x30 [ 493.327796][ C1] [ 493.330844][ C1] task:syz.0.3016 state:R running task stack:26888 pid:13661 tgid:13657 ppid:5842 task_flags:0x40054c flags:0x00004000 [ 493.344404][ C1] Call Trace: [ 493.347721][ C1] [ 493.350692][ C1] __schedule+0x16aa/0x4c90 [ 493.355243][ C1] ? free_pages_and_swap_cache+0x4be/0x520 [ 493.361100][ C1] ? __pfx_get_page_from_freelist+0x10/0x10 [ 493.367029][ C1] ? preempt_schedule_common+0x83/0xd0 [ 493.372533][ C1] ? __pfx___schedule+0x10/0x10 [ 493.377429][ C1] ? do_raw_spin_lock+0x121/0x290 [ 493.382509][ C1] ? preempt_schedule+0xae/0xc0 [ 493.387421][ C1] preempt_schedule_common+0x83/0xd0 [ 493.392737][ C1] preempt_schedule+0xae/0xc0 [ 493.397444][ C1] ? __pfx_preempt_schedule+0x10/0x10 [ 493.402863][ C1] preempt_schedule_thunk+0x16/0x30 [ 493.408111][ C1] _raw_spin_unlock+0x3f/0x50 [ 493.412832][ C1] unmap_page_range+0x3842/0x41c0 [ 493.417949][ C1] ? __pfx_unmap_page_range+0x10/0x10 [ 493.423365][ C1] ? unmap_vmas+0x144/0x580 [ 493.427908][ C1] unmap_vmas+0x399/0x580 [ 493.432283][ C1] ? __pfx_unmap_vmas+0x10/0x10 [ 493.437203][ C1] exit_mmap+0x248/0xb50 [ 493.441475][ C1] ? uprobe_clear_state+0x20f/0x290 [ 493.446708][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 493.451522][ C1] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 493.457215][ C1] ? __pfx_exit_aio+0x10/0x10 [ 493.462023][ C1] ? uprobe_clear_state+0x274/0x290 [ 493.467247][ C1] ? mm_update_next_owner+0xa7/0x870 [ 493.472605][ C1] __mmput+0x118/0x410 [ 493.476701][ C1] exit_mm+0x1da/0x2c0 [ 493.480803][ C1] ? __pfx_exit_mm+0x10/0x10 [ 493.485427][ C1] ? rcu_is_watching+0x15/0xb0 [ 493.490219][ C1] do_exit+0x648/0x22e0 [ 493.494415][ C1] ? do_raw_spin_lock+0x121/0x290 [ 493.499472][ C1] ? __pfx_do_exit+0x10/0x10 [ 493.504108][ C1] do_group_exit+0x21c/0x2d0 [ 493.508734][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 493.513964][ C1] get_signal+0x125e/0x1310 [ 493.518519][ C1] arch_do_signal_or_restart+0x9a/0x750 [ 493.524112][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 493.530323][ C1] ? exit_to_user_mode_loop+0x40/0x110 [ 493.535811][ C1] exit_to_user_mode_loop+0x75/0x110 [ 493.541123][ C1] do_syscall_64+0x2bd/0x3b0 [ 493.545738][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 493.550955][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.557045][ C1] ? clear_bhb_loop+0x60/0xb0 [ 493.561752][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.567684][ C1] RIP: 0033:0x7f9f11b8eb69 [ 493.572141][ C1] RSP: 002b:00007f9f0f9f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 493.580596][ C1] RAX: fffffffffffffe00 RBX: 00007f9f11db6088 RCX: 00007f9f11b8eb69 [ 493.588606][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9f11db6088 [ 493.596605][ C1] RBP: 00007f9f11db6080 R08: 0000000000000000 R09: 0000000000000000 [ 493.604603][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9f11db608c [ 493.612598][ C1] R13: 0000000000000000 R14: 00007ffc3b07d9a0 R15: 00007ffc3b07da88 [ 493.620620][ C1] [ 493.623668][ C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g60865 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 493.634882][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 493.644870][ C1] rcu: RCU grace-period kthread stack dump: [ 493.650775][ C1] task:rcu_preempt state:R running task stack:27320 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 493.664310][ C1] Call Trace: [ 493.667612][ C1] [ 493.670578][ C1] __schedule+0x16aa/0x4c90 [ 493.675119][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 493.680375][ C1] ? schedule+0x165/0x360 [ 493.684732][ C1] ? __lock_acquire+0xab9/0xd20 [ 493.689606][ C1] ? __pfx___schedule+0x10/0x10 [ 493.694505][ C1] ? schedule+0x91/0x360 [ 493.698770][ C1] schedule+0x165/0x360 [ 493.702950][ C1] schedule_timeout+0x12b/0x270 [ 493.707835][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 493.713246][ C1] ? __pfx_process_timeout+0x10/0x10 [ 493.718577][ C1] ? prepare_to_swait_event+0x341/0x380 [ 493.724168][ C1] rcu_gp_fqs_loop+0x301/0x1540 [ 493.729057][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 493.734023][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 493.739248][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 493.744553][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 493.749785][ C1] ? finish_swait+0xcd/0x1f0 [ 493.754410][ C1] rcu_gp_kthread+0x99/0x390 [ 493.759024][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 493.764250][ C1] ? __kthread_parkme+0x7b/0x200 [ 493.769219][ C1] ? __kthread_parkme+0x1a1/0x200 [ 493.774296][ C1] kthread+0x70e/0x8a0 [ 493.778417][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 493.783669][ C1] ? __pfx_kthread+0x10/0x10 [ 493.788299][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 493.793541][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 493.798764][ C1] ? __pfx_kthread+0x10/0x10 [ 493.803398][ C1] ret_from_fork+0x3fc/0x770 [ 493.808028][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 493.813172][ C1] ? __switch_to_asm+0x39/0x70 [ 493.817970][ C1] ? __switch_to_asm+0x33/0x70 [ 493.822766][ C1] ? __pfx_kthread+0x10/0x10 [ 493.827397][ C1] ret_from_fork_asm+0x1a/0x30 [ 493.832226][ C1] [ 493.835266][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 493.841601][ C1] CPU: 1 UID: 0 PID: 7718 Comm: kworker/u8:13 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 493.851953][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 493.862030][ C1] Workqueue: events_unbound toggle_allocation_gate [ 493.868565][ C1] RIP: 0010:smp_call_function_many_cond+0xf69/0x12d0 [ 493.875277][ C1] Code: 00 45 8b 2f 44 89 ee 83 e6 01 31 ff e8 80 6e 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 2b 6a 0b 00 eb 37 f3 90 <43> 0f b6 04 2c 84 c0 75 10 41 f7 07 01 00 00 00 74 1e e8 10 6a 0b [ 493.894912][ C1] RSP: 0018:ffffc90003c5f6a0 EFLAGS: 00000293 [ 493.901007][ C1] RAX: ffffffff81b4bbb0 RBX: ffff8880b873b040 RCX: ffff88807e5f0000 [ 493.909001][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 493.916988][ C1] RBP: ffffc90003c5f800 R08: ffffffff8fa0b3f7 R09: 1ffffffff1f4167e [ 493.924990][ C1] R10: dffffc0000000000 R11: fffffbfff1f4167f R12: 1ffff110170c835d [ 493.932990][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8880b8641ae8 [ 493.940979][ C1] FS: 0000000000000000(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000 [ 493.949924][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 493.956528][ C1] CR2: 00007f75b2f812f8 CR3: 000000000df38000 CR4: 00000000003526f0 [ 493.964526][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000004144 [ 493.972533][ C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 493.980530][ C1] Call Trace: [ 493.983835][ C1] [ 493.986808][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 493.993166][ C1] ? __pfx_text_poke_memcpy+0x10/0x10 [ 493.998574][ C1] ? kmem_cache_alloc_bulk_noprof+0x148/0x790 [ 494.004672][ C1] ? __pfx___text_poke+0x10/0x10 [ 494.009641][ C1] ? rcu_is_watching+0x15/0xb0 [ 494.014433][ C1] ? trace_contention_end+0x39/0x120 [ 494.019755][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 494.024815][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 494.029955][ C1] smp_text_poke_batch_finish+0x5e0/0x1100 [ 494.035793][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 494.040837][ C1] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 494.047132][ C1] ? arch_jump_label_transform_queue+0x97/0x110 [ 494.053421][ C1] arch_jump_label_transform_apply+0x1c/0x30 [ 494.059435][ C1] static_key_enable_cpuslocked+0x128/0x250 [ 494.065362][ C1] static_key_enable+0x1a/0x20 [ 494.070157][ C1] toggle_allocation_gate+0xad/0x240 [ 494.075470][ C1] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 494.081402][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 494.087168][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 494.092915][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 494.098667][ C1] process_scheduled_works+0xade/0x17b0 [ 494.104272][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 494.110304][ C1] worker_thread+0x8a0/0xda0 [ 494.114948][ C1] kthread+0x70e/0x8a0 [ 494.119055][ C1] ? __pfx_worker_thread+0x10/0x10 [ 494.124188][ C1] ? __pfx_kthread+0x10/0x10 [ 494.128830][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 494.134050][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 494.139264][ C1] ? __pfx_kthread+0x10/0x10 [ 494.143893][ C1] ret_from_fork+0x3fc/0x770 [ 494.148523][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 494.153664][ C1] ? __switch_to_asm+0x39/0x70 [ 494.158470][ C1] ? __switch_to_asm+0x33/0x70 [ 494.163260][ C1] ? __pfx_kthread+0x10/0x10 [ 494.167904][ C1] ret_from_fork_asm+0x1a/0x30 [ 494.172725][ C1]