last executing test programs: 2m24.355928244s ago: executing program 4 (id=1370): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001500)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="490900000000000000001500000004002b8008000300", @ANYRES32=r2], 0x58}}, 0x0) 2m24.240496575s ago: executing program 4 (id=1373): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x25dfdbfc, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_ATM={0x8, 0x4, 0x3}, @TCA_CAKE_OVERHEAD={0x8, 0x6, 0x6a}]}}]}, 0x44}}, 0x0) 2m23.999846897s ago: executing program 4 (id=1379): r0 = syz_io_uring_setup(0x782, &(0x7f0000000140)={0x0, 0x9681, 0x400, 0x2, 0x111}, &(0x7f00000001c0), &(0x7f0000000200)) r1 = syz_io_uring_setup(0x1361, &(0x7f0000000000)={0x0, 0x0, 0x10100}, &(0x7f0000000080), &(0x7f0000000100)) r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r2) 2m23.876969161s ago: executing program 4 (id=1382): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x24, r1, 0xfd39e943ccf1163b, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x50) 2m23.739958603s ago: executing program 4 (id=1385): open(&(0x7f0000000180)='./bus\x00', 0x6aeff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) rmdir(&(0x7f00000004c0)='./bus\x00') 2m23.632948548s ago: executing program 4 (id=1389): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17) mremap(&(0x7f0000c4c000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil) migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000040)=0x272) 2m8.419711945s ago: executing program 32 (id=1389): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17) mremap(&(0x7f0000c4c000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil) migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000040)=0x272) 1.650217747s ago: executing program 0 (id=3933): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000003e80)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000009c0)="18acf8b1ed479de320cdbff21bc648a4423880b9fb95564f48c38e3fdaea755288c2a91a1ef344702de01af77d599320e22a0ea41b13aa09f1b359b0e2d2e8b6074bb4119ea219d2055df8bab18280f3c3ea8e45510d60a28f7af2a9c471dbe0a88f57ae4580b0b420f5f90b70efb6805d81812d5d64c87c99f9c75e9f656dfd6e0cb005b1abd4d879a097dd9d3e6e12f85505cd45c840f9503b2fff6c33e6a675512ab99729da82acc41b65a398d515700ba76224267cdabfb9576027eb82a82c337e379c488d47691d7fe2c55bbe29a7a37633648559a31b90f145d0f5a2d8d9499f100ba95da30ce9df964d2af22e6551f8a35878071d2b5477c0f1c0ab067a8bd9368c04ed9b6e1547f04d022d726bb32daf66bded05624baa409848f50d96df5d0a86c6ce2b9b0767e85c5233c1e30aaad953301d7294b375db43804290971c857070e9d2c8b6397ab8d56358476fc0359ee79b7956f0ef1ce2edefc6bd340037706a57aa98105019c21be58ce8c868c90db57bfe8304416b3e7e02837ea3ce01ce463321f2ea429ee0c42b27d28c2b6063eb5cd746e26ade0c9ae3049ebb8c5038b01281f26c9777fb1263a5ba1262fa783e07ef5ded966eb85a4a811f5aab0d9575551239e9b0f76e5217744b0a8edcb1504774e36818033e3ab03ca6164df64fdf4352b9c88bfa91add131e13bee44e7eb4e38e613f3bab3c6c8a5038e446d57c9058b975f05f36e0e49171b426b99aa82a0656d7ffc46169ee20456aab06ee429bff9408fb1961e3976e288bee69e9ec6dc72862e1cfcc6c4804457285efcb056b0d834666748129994a3fc172c4c9c622a0c4ddd84bce972d56c70f3687222e5857f9a24b0e138a8359409f5b4ba3206c1a7f35c9e90f3ad903715ab7283e700f9ec2c641f38e998122266a8b1731ce1f03d12a643f281b3ace22f1e403dfe05052fdca3da258f8f1bd7c88949d2a14510b4116c5e403b6cee434d4969113ff8eebc1052e6a1dfa710cadfa0dbd96afa3dd1ab32b10e97d4c015e357bb938d5c2420ed83fff6a17ca9c334fc1b1a3b171f3ca2f4f88a66c59477a73265a8dc10c6d0e5ab2f595e4b9bdd160f35a7917d46df4a50b7651a5991f2444fc0a235f210e8ce8afede0b725d0cabfa20e4d36a836314d180f66614db4fbbd15ef7a947247f7f6f0eb34af0b7aeaaa9210154285dcd0389de273ad3459a1d87f062d9a050c57b6325750aeb9f47d7242117d8e0d38ae1e6cef179809d422ae852bf41f8d5ec42fac487ed46e0511a1f554cd6181e6c81dfdafa7c69daa2ba822e22e305b4b8f34c20fcc8e50cf451f053df249a7f5b20cbc0bc127f55d80bc9c0ba3cf9f0a9c56286215c20f9d60cb61276c6bbf772c151be2520e22b8f6daea2aa1f9e1b30bbeed092d3c2fb92a10fb71e7fea336a0258620c918581487ec04c54ca4e9811a83a6bf39dca6a4e89092cdee6e40024bd7c1ae7b3a8cdbb38c21ccb1de68f7fc9fa4726b832cedcfdd22b71f37d66f350e78e3c19bcae0322f8f070c316bc3c2ba0cb12a43746bd8aaa1645e3f8800b93722ac1791396bb3def1678cb5ab3f42c097c4c3684ea61dc89209ae57906bd4577a93b14eceff6f18893064198d9141a927ced2af06226011187f1851d6a5c1b5ff78a4c6d8b387a781c06a286f052d2e828ed94110cd7b9e6cfcb840e12019678080a6e9e517ce8ba6276c5a919197fd0adf86547135fcec083f2c1fea0e40564f279ceec580e827e39fa77bfa823d6e08aa7bd320491381f21be8b10dc2ed7fee1524680a52bb1e14cb6248519100edd7df29bac5c4ad1c893ee99db03aa7e077ba6608b0db797f31a6cd6d5a01077a41df98fc373ac5c149b87c55bb73bb17b09dffa7847b134b866b9ce179d547750dd2fb9c280e2003d132c87e2535f31232a32d738aeedeff052f256a9c866b6c2cb880d15f1acca7396a8f6113afe45e46e96a6c7762eb09d2c568df561d5484356b4ae71f89bf0126c6670c4fbeee59a89e20206401ef85f083039aa9ceacc2912427b031c35e29c7a702e0054f4dbb01062c0daab2a5faa49a86cd5d48d64bbee12f60ee529a00ad13a579934faff4ec12778038a3e48217fc4eb97ebe3dec9ecdfc0af3e722ed7ca0f12952c2902b0db061098d4bf14664104c440c9d07af7fbaa375274f61b04c17050a3e139dcce999071f18468139182cfe78a84c90c0428d7c75a621a6eaa69e028ce47626235ca3edbbb53e15afebebb25e18c732a820edca2f60be8c0ecd7e5a30282a0add95c6eb43b0afea34d91de7b20f4fb999d17c7fc418738f61cce38d656ce86e2d0a97f31dad0296ee63fb48e859003f88d0a27c874a47301dc0f1fd4f4e9b1bcd7806f715c751b94e182307d2d01278eb0ad2e1a48c3cac80ea5ec28b9b52f5cf6ea8b5611be5a24f91545cae2f581fd58fd47e6aa3b88b380442f21739319050ef702ffe604d7b1341013d330ad4e8d7c3cec17da298b4fcf1205e156f30642d654384d4be8b9eb4add6d9603e8fe122b9d70171d6f8ea5", 0xfffffdef}], 0x1}}], 0x1, 0x0) 1.131954927s ago: executing program 2 (id=3944): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0xfffffffd, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8}, @TCA_CODEL_TARGET={0xfffffffffffffeaf}]}}]}, 0x44}}, 0x0) 1.129919096s ago: executing program 5 (id=3945): capset(&(0x7f00000004c0)={0x20071026}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffe}) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000480)={'ip6tnl0\x00', 0x0}) 1.11191631s ago: executing program 1 (id=3946): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x3c, r0, 0x801, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "01959e56da"}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4091}, 0x0) 1.020016593s ago: executing program 3 (id=3947): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000640)=0x10) dup3(r0, r1, 0x0) 935.97684ms ago: executing program 5 (id=3948): r0 = syz_io_uring_setup(0x5bbd, &(0x7f00000002c0)={0x0, 0x0, 0x80}, &(0x7f0000000380), &(0x7f00000001c0)) syz_io_uring_setup(0x10278e, &(0x7f0000000440)={0x0, 0x0, 0x10}, &(0x7f0000000200), &(0x7f0000000180)) io_uring_enter(r0, 0x71d9, 0xc6b, 0x2, 0x0, 0x0) io_uring_enter(r0, 0x46, 0x0, 0x0, 0x0, 0x0) 935.786313ms ago: executing program 0 (id=3949): r0 = socket$inet6(0xa, 0x6, 0x0) r1 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x2}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000001100)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x14a8}, 0x0, 0x685249f91fe34f9c, 0x2}) io_uring_enter(r1, 0x2ded, 0x4000, 0x0, 0x0, 0x0) 865.658954ms ago: executing program 1 (id=3950): mkdir(&(0x7f0000000100)='./file1\x00', 0x0) r0 = inotify_init1(0x80800) inotify_add_watch(r0, &(0x7f00000000c0)='./file1\x00', 0x410000e6) inotify_add_watch(r0, &(0x7f0000000040)='./file1\x00', 0x50000113) 849.634896ms ago: executing program 2 (id=3951): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x19) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) 781.321054ms ago: executing program 3 (id=3952): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SG_IO(r1, 0x2285, &(0x7f00000004c0)={0x53, 0xfffffffffffffffb, 0x6, 0xd7, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="4423edeeb449", 0x0, 0x7, 0x10012, 0x2, 0x0}) 749.439448ms ago: executing program 5 (id=3953): r0 = epoll_create1(0x0) r1 = socket(0x1, 0x80802, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x10000000}) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x10000001}) 748.912399ms ago: executing program 0 (id=3954): r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, 0x1c) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000040)={0x8, 0x8007, 0x2, 0x10}, &(0x7f0000000080)=0x10) 685.221829ms ago: executing program 2 (id=3955): openat$uinput(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) io_setup(0x6, &(0x7f0000001380)=0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00') io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 601.44267ms ago: executing program 1 (id=3956): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000000)={r1, 0xa001}, 0x8) 601.296389ms ago: executing program 3 (id=3957): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, 0x19, 0xa, 0x201, 0x0, 0x0, {0x2}}, 0x14}}, 0x8840) 600.921428ms ago: executing program 5 (id=3958): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="34000000110001002dbd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="4000000010000000140035"], 0x34}}, 0x0) 499.999604ms ago: executing program 2 (id=3959): mknod(&(0x7f0000001940)='./file0\x00', 0x8000, 0xcb) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) setresuid(0x0, 0x0, r0) setreuid(0x0, r0) 491.578589ms ago: executing program 0 (id=3960): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10) sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1400"], 0x7c}}, 0x0) 484.30029ms ago: executing program 3 (id=3961): r0 = syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x109041) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x1000, {0x2a00, 0x80010000, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x10, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d09000000000000008dd4992861ac00", "90be8b1c559265406c09306003d8002000", [0x0, 0x9]}}) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) 462.970434ms ago: executing program 1 (id=3962): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmsg(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)=""/70, 0x46}], 0x1}, 0x40000141) 418.558931ms ago: executing program 5 (id=3963): bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(serpent)\x00'}, 0x58) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = socket$can_j1939(0x1d, 0x2, 0x7) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000cab000)=0xc) 360.319256ms ago: executing program 2 (id=3964): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000003c40)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x18) getdents64(r0, &(0x7f0000000a00)=""/4096, 0x1000) 287.969461ms ago: executing program 1 (id=3965): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="1800000024000103000000000000000001"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000540)=""/4090, 0xffa}], 0x1}, 0xacd2}], 0x1, 0x10000, 0x0) 287.797137ms ago: executing program 3 (id=3966): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x2c, r1, 0x1, 0xffffffff, 0xa, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random='\x00'}, @crypto_settings=[@NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xfac00}]]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 250.108228ms ago: executing program 5 (id=3967): r0 = syz_open_procfs(0x0, &(0x7f0000001d00)='net/unix\x00') r1 = fanotify_init(0x0, 0x1) fanotify_mark(r1, 0x1, 0x40000011, r0, 0x0) preadv2(r0, &(0x7f00000001c0)=[{&(0x7f0000000440)=""/147, 0x93}], 0x1, 0x9, 0x80000000, 0x1) 208.476208ms ago: executing program 0 (id=3968): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@rights={{0x14, 0x1, 0x1, [r1]}}], 0x18, 0x24048014}, 0x8000) setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4) recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002d00)=""/78, 0xf}, 0x0) 129.303514ms ago: executing program 2 (id=3969): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8}) clock_adjtime(0x0, &(0x7f0000000900)={0x6, 0xe, 0xf, 0x0, 0xf, 0x8000000000000000, 0xa, 0x2, 0x9, 0x2, 0x4, 0x8000000000000000, 0xc, 0x9, 0x7, 0x9, 0x7, 0x3, 0x8, 0xfffffffffffffffa, 0x0, 0x5, 0x8, 0x7, 0x3, 0x6}) 128.724702ms ago: executing program 3 (id=3970): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001500)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="490900000000000000001500000004002b8008000300", @ANYRES32=r2, @ANYBLOB="08002a0000000000050029000100000020002b80040003800800010001040000050002"], 0x58}}, 0x0) 124.324553ms ago: executing program 1 (id=3971): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={0x0}, 0x1, 0x0, 0x4000000}, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) 0s ago: executing program 0 (id=3972): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1e, {0x6, 0x6, 0x47, 0x350, 0x4, 0x9, 0x200, 0x3, 0x1}}}}]}, 0x58}}, 0x8880) kernel console output (not intermixed with test programs): 847][ T5923] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 136.908645][T10984] batadv_slave_1: left promiscuous mode [ 137.046800][ T58] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 137.056836][ T5923] usb 4-1: Using ep0 maxpacket: 16 [ 137.067834][ T5923] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 137.085356][ T5923] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 137.105371][ T5923] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 137.128607][ T5923] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 137.143887][ T5923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.152053][ T5923] usb 4-1: Product: syz [ 137.156330][ T5923] usb 4-1: Manufacturer: syz [ 137.166588][ T5923] usb 4-1: SerialNumber: syz [ 137.198452][ T58] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 137.209512][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.232883][ T58] usb 3-1: config 0 descriptor?? [ 137.266782][ T58] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 137.475856][ T58] gp8psk: usb in 128 operation failed. [ 137.495133][ T58] gp8psk: usb in 137 operation failed. [ 137.510985][ T58] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 137.534421][ T58] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver) [ 137.552350][ T58] usb 3-1: media controller created [ 137.604425][ T58] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 137.654786][ T58] gp8psk_fe: Frontend attached [ 137.674173][ T58] usb 3-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 137.685392][ T58] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 137.728152][T11008] netlink: 11 bytes leftover after parsing attributes in process `syz.1.1028'. [ 137.985814][ T58] gp8psk: usb in 137 operation failed. [ 137.991554][ T58] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected. [ 138.001753][ T51] usb 4-1: USB disconnect, device number 11 [ 138.012019][ T58] gp8psk: found Genpix USB device pID = 203 (hex) [ 138.047147][ T58] usb 3-1: USB disconnect, device number 13 [ 138.178002][ T58] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected. [ 138.414903][T11035] netlink: 'syz.1.1041': attribute type 15 has an invalid length. [ 138.437097][ T5904] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 138.607307][ T5904] usb 5-1: Using ep0 maxpacket: 16 [ 138.624631][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 138.666599][ T5904] usb 5-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=94.47 [ 138.688883][ T5904] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 138.721721][ T5904] usb 5-1: Product: syz [ 138.725929][ T5904] usb 5-1: Manufacturer: syz [ 138.747289][ T5904] usb 5-1: SerialNumber: syz [ 138.765422][ T5904] usb 5-1: config 0 descriptor?? [ 139.040896][ T5904] usb 5-1: USB disconnect, device number 12 [ 139.676515][T11077] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1058'. [ 141.962081][T11177] syz.4.1106 (11177) used greatest stack depth: 17936 bytes left [ 142.509467][T11198] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1116'. [ 143.329328][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 143.336608][T11145] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 144.117071][T11145] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 144.138958][T11145] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 144.150957][T11145] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 144.160399][T11145] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 144.170985][T11145] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 144.189561][T11145] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 144.195597][T11145] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 144.215109][T11145] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 144.240590][T11145] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 144.247455][T11145] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 144.264722][T11145] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 144.536776][ T58] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 144.696965][ T58] usb 1-1: Using ep0 maxpacket: 16 [ 144.715364][ T58] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 144.754617][ T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 144.802265][ T58] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 144.819591][ T58] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.829636][ T58] usb 1-1: Product: syz [ 144.834082][ T58] usb 1-1: Manufacturer: syz [ 144.847181][ T58] usb 1-1: SerialNumber: syz [ 144.878508][ T58] usb 1-1: config 0 descriptor?? [ 144.902431][ T58] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 144.916771][T11281] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1151'. [ 144.926226][ T58] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class) [ 144.941463][T11281] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1151'. [ 145.202986][T11281] gtp0: entered promiscuous mode [ 145.213842][T11281] gtp0: entered allmulticast mode [ 145.233644][T11288] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 145.242886][T11288] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 145.252107][T11288] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 145.261075][T11288] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 145.406938][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 145.443241][T11299] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1158'. [ 145.498020][T11299] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 145.500362][T11292] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 145.513656][ T58] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 145.535737][T11299] bridge0: port 3(batadv1) entered blocking state [ 145.556961][T11299] bridge0: port 3(batadv1) entered disabled state [ 145.573858][T11299] batadv1: entered allmulticast mode [ 145.596849][T11299] batadv1: entered promiscuous mode [ 145.622906][T11299] bridge0: port 3(batadv1) entered blocking state [ 145.630914][T11299] bridge0: port 3(batadv1) entered forwarding state [ 145.714583][ T58] em28xx 1-1:0.0: Config register raw data: 0xfffffffb [ 145.738221][ T58] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 145.763102][ T58] em28xx 1-1:0.0: No AC97 audio processor [ 145.783578][ T58] usb 1-1: USB disconnect, device number 9 [ 145.795673][ T58] em28xx 1-1:0.0: Disconnecting em28xx [ 145.810336][ T58] em28xx 1-1:0.0: Freeing device [ 145.964539][T11318] Attempt to restore checkpoint with obsolete wellknown handles [ 145.983897][ T6157] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 145.993627][ T6157] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 146.206829][ T5841] Bluetooth: hci4: command 0x0c1a tx timeout [ 146.206959][ T5836] Bluetooth: hci3: command 0x0c1a tx timeout [ 146.286849][ T5836] Bluetooth: hci2: command 0x0c1a tx timeout [ 146.725462][T11359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1187'. [ 147.036997][ T5904] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 147.218438][ T5904] usb 1-1: Using ep0 maxpacket: 16 [ 147.239399][ T5904] usb 1-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=62.ba [ 147.266734][ T5904] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.287519][T11383] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1198'. [ 147.298156][ T5904] usb 1-1: Product: syz [ 147.306163][ T5904] usb 1-1: Manufacturer: syz [ 147.336837][ T5904] usb 1-1: SerialNumber: syz [ 147.351417][ T5904] usb 1-1: config 0 descriptor?? [ 147.365775][T11388] tipc: Started in network mode [ 147.372943][T11388] tipc: Node identity type_len, cluster identity 4711 [ 147.384954][T11388] tipc: Enabling of bearer rejected, failed to enable media [ 147.486801][ T5836] Bluetooth: hci1: command 0x0c1a tx timeout [ 147.590455][ T5904] snd-usb-hiface 1-1:0.0: probe with driver snd-usb-hiface failed with error -22 [ 147.617796][ T5904] usb 1-1: USB disconnect, device number 10 [ 147.637738][T11398] lo: entered allmulticast mode [ 148.287482][ T5836] Bluetooth: hci3: command 0x0c1a tx timeout [ 148.289998][ T5841] Bluetooth: hci4: command 0x0c1a tx timeout [ 148.366810][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 148.867177][ T29] audit: type=1800 audit(1740198558.258:11): pid=11444 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.1225" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 149.988300][T11490] netlink: 'syz.0.1243': attribute type 2 has an invalid length. [ 150.040197][T11497] overlayfs: failed to clone lowerpath [ 150.366831][ T5841] Bluetooth: hci4: command 0x0c1a tx timeout [ 150.376738][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 150.446873][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 150.726944][ T5904] usb 4-1: new full-speed USB device number 12 using dummy_hcd [ 150.919234][ T5904] usb 4-1: config 4 has an invalid interface number: 44 but max is 0 [ 150.936758][ T5904] usb 4-1: config 4 has no interface number 0 [ 150.942917][ T5904] usb 4-1: config 4 interface 44 altsetting 0 endpoint 0x7 has invalid maxpacket 104, setting to 64 [ 150.987018][ T5904] usb 4-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice=80.20 [ 151.001478][ T5904] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.021741][ T5904] usb 4-1: Product: syz [ 151.042365][ T5904] usb 4-1: Manufacturer: syz [ 151.047112][ T5904] usb 4-1: SerialNumber: syz [ 151.476166][ T5904] dvb-usb: found a 'Gigabyte U7000' in warm state. [ 151.498342][ T5904] dvb-usb: will use the device's hardware PID filter (table count: 32). [ 151.518839][ T5904] dvbdev: DVB: registering new adapter (Gigabyte U7000) [ 151.526460][ T5904] usb 4-1: media controller created [ 151.548812][ T5904] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 151.638258][ T5904] DVB: Unable to find symbol dib7000p_attach() [ 151.644579][ T5904] dvb-usb: no frontend was attached by 'Gigabyte U7000' [ 151.770418][ T5904] rc_core: IR keymap rc-dib0700-rc5 not found [ 151.789251][ T5904] Registered IR keymap rc-empty [ 151.801437][ T5904] dvb-usb: could not initialize remote control. [ 151.818648][ T5904] dvb-usb: Gigabyte U7000 successfully initialized and connected. [ 151.835926][ T5904] dib0700: There's no endpoint for remote controller [ 152.044475][ T5904] usb 4-1: USB disconnect, device number 12 [ 152.080292][ T5904] dvb-usb: Gigabyte U7000 successfully deinitialized and disconnected. [ 152.366061][T11612] fuse: Bad value for 'fd' [ 152.856388][T11632] syz.3.1303 (11632): drop_caches: 2 [ 152.866761][ T58] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 152.972353][T11636] netlink: 'syz.1.1305': attribute type 1 has an invalid length. [ 153.030369][ T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.047299][ T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.061286][ T58] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 153.070551][ T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.080634][ T58] usb 1-1: config 0 descriptor?? [ 153.365817][T11648] hpfs: Bad magic ... probably not HPFS [ 153.503470][ T58] lg-g15 0003:046D:C222.000A: unknown main item tag 0x0 [ 153.512597][ T58] lg-g15 0003:046D:C222.000A: unknown main item tag 0x0 [ 153.524918][ T58] lg-g15 0003:046D:C222.000A: unknown main item tag 0x0 [ 153.536178][ T58] lg-g15 0003:046D:C222.000A: unknown main item tag 0x0 [ 153.565649][ T58] lg-g15 0003:046D:C222.000A: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0 [ 153.726215][ T5873] usb 1-1: USB disconnect, device number 11 [ 153.771917][T11657] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 153.945117][T11674] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1322'. [ 154.026792][ T29] audit: type=1326 audit(1740198563.418:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.2.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 154.054174][ T29] audit: type=1326 audit(1740198563.418:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.2.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 154.077581][ T29] audit: type=1326 audit(1740198563.448:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.2.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 154.099265][ T29] audit: type=1326 audit(1740198563.448:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.2.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 154.145537][ T29] audit: type=1326 audit(1740198563.448:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.2.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 154.212428][ T29] audit: type=1326 audit(1740198563.478:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.2.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 154.309402][ T29] audit: type=1326 audit(1740198563.518:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.2.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 154.371112][ T29] audit: type=1326 audit(1740198563.518:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.2.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe93d184127 code=0x7ffc0000 [ 154.393436][ T29] audit: type=1326 audit(1740198563.518:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.2.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe93d129359 code=0x7ffc0000 [ 154.427736][ T29] audit: type=1326 audit(1740198563.518:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11678 comm="syz.2.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe93d184127 code=0x7ffc0000 [ 154.700536][T11705] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1336'. [ 155.696570][T11733] netlink: 'syz.0.1346': attribute type 5 has an invalid length. [ 156.556896][ T5873] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 156.717027][ T5873] usb 1-1: Using ep0 maxpacket: 16 [ 156.726199][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 156.740461][ T5873] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 156.768747][ T5873] usb 1-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00 [ 156.788470][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.801417][T11780] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1364'. [ 156.821786][ T5873] usb 1-1: config 0 descriptor?? [ 156.904011][T11783] netlink: 'syz.4.1366': attribute type 1 has an invalid length. [ 157.088041][T11793] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1370'. [ 157.244903][ T5873] razer 0003:1532:010E.000B: unknown main item tag 0x0 [ 157.269095][ T5873] razer 0003:1532:010E.000B: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.0-1/input0 [ 157.480446][ T58] usb 1-1: USB disconnect, device number 12 [ 157.575288][T11817] dvmrp1: tun_chr_ioctl cmd 1074025677 [ 157.583491][T11817] dvmrp1: linktype set to 823 [ 158.364427][T11827] syz.3.1387 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 159.030850][T11847] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1396'. [ 159.327208][ T5836] Bluetooth: hci2: command 0x0c1a tx timeout [ 160.276919][ T5877] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 160.449325][ T5877] usb 3-1: Using ep0 maxpacket: 8 [ 160.468009][ T5877] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 160.496974][ T5877] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.526954][ T5877] usb 3-1: config 0 descriptor?? [ 161.167366][ T5877] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 161.186483][ T5877] asix 3-1:0.0: probe with driver asix failed with error -71 [ 161.203303][ T5877] usb 3-1: USB disconnect, device number 14 [ 161.894838][T11930] loop2: detected capacity change from 0 to 524287999 [ 161.915361][ C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.924859][ C0] Buffer I/O error on dev loop2, logical block 0, async page read [ 161.936980][ C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.946202][ C0] Buffer I/O error on dev loop2, logical block 0, async page read [ 161.966802][ C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.976047][ C0] Buffer I/O error on dev loop2, logical block 0, async page read [ 161.984016][ C0] I/O error, dev loop2, sector 524288 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.996370][ C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 162.005638][ C0] Buffer I/O error on dev loop2, logical block 0, async page read [ 162.014986][ C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 162.024247][ C0] Buffer I/O error on dev loop2, logical block 0, async page read [ 162.033503][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 162.042755][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 162.067217][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 162.076408][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 162.086674][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 162.095874][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 162.103997][T11930] ldm_validate_partition_table(): Disk read failed. [ 162.115527][ C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 162.124792][ C0] Buffer I/O error on dev loop2, logical block 0, async page read [ 162.133201][ C0] Buffer I/O error on dev loop2, logical block 0, async page read [ 162.144157][T11930] Dev loop2: unable to read RDB block 0 [ 162.179292][T11930] loop2: unable to read partition table [ 162.196370][T11930] loop_reread_partitions: partition scan of loop2 (3 ) failed (rc=-5) [ 162.501531][T11949] IPv6: addrconf: prefix option has invalid lifetime [ 163.338858][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 163.338875][ T29] audit: type=1326 audit(1740198572.738:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11977 comm="syz.2.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 163.400045][ T29] audit: type=1326 audit(1740198572.738:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11977 comm="syz.2.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 163.432284][ T29] audit: type=1326 audit(1740198572.788:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11977 comm="syz.2.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 163.454133][ T29] audit: type=1326 audit(1740198572.788:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11977 comm="syz.2.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 163.475748][ C0] vkms_vblank_simulate: vblank timer overrun [ 163.485387][ T29] audit: type=1326 audit(1740198572.788:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11977 comm="syz.2.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 163.518121][T11986] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1459'. [ 163.544804][ T29] audit: type=1326 audit(1740198572.788:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11977 comm="syz.2.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 163.629835][ T29] audit: type=1326 audit(1740198572.788:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11977 comm="syz.2.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 163.657396][ T5904] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 163.687471][ T29] audit: type=1326 audit(1740198572.788:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11977 comm="syz.2.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 163.708979][ C0] vkms_vblank_simulate: vblank timer overrun [ 163.725947][ T29] audit: type=1326 audit(1740198572.788:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11977 comm="syz.2.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x7ffc0000 [ 163.751457][T11996] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1464'. [ 163.857937][ T5904] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 163.884271][ T5904] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 163.907834][ T5904] usb 4-1: New USB device found, idVendor=056a, idProduct=0065, bcdDevice= 0.00 [ 163.916825][ T5877] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 163.932390][ T5904] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.952874][ T5904] usb 4-1: config 0 descriptor?? [ 164.073250][ T5877] usb 1-1: Using ep0 maxpacket: 32 [ 164.080429][ T5877] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 164.106835][ T5877] usb 1-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00 [ 164.119508][ T5877] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.131172][ T5877] usb 1-1: config 0 descriptor?? [ 164.381545][T11982] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 164.394592][T11982] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.415327][ T5904] wacom 0003:056A:0065.000C: unknown main item tag 0x7 [ 164.436698][ T5904] wacom 0003:056A:0065.000C: unknown main item tag 0x4 [ 164.444230][ T5904] wacom 0003:056A:0065.000C: Unknown device_type for 'HID 056a:0065'. Assuming pen. [ 164.479830][ T5904] wacom 0003:056A:0065.000C: hidraw0: USB HID v0.00 Device [HID 056a:0065] on usb-dummy_hcd.3-1/input0 [ 164.508225][ T5904] input: Wacom Bamboo Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0065.000C/input/input18 [ 164.552458][ T5877] lenovo 0003:17EF:60EE.000D: item fetching failed at offset 2/5 [ 164.573467][ T5877] lenovo 0003:17EF:60EE.000D: hid_parse failed [ 164.585551][ T5877] lenovo 0003:17EF:60EE.000D: probe with driver lenovo failed with error -22 [ 164.619487][ T5877] usb 4-1: USB disconnect, device number 13 [ 164.749114][ T58] usb 1-1: USB disconnect, device number 13 [ 165.620283][T12035] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1482'. [ 167.246939][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.658229][T12110] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1518'. [ 167.696840][T12110] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1518'. [ 167.807803][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.817108][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 168.287165][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 168.295745][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 168.303932][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 169.333176][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 170.306994][ T51] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 170.368842][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 170.486782][ T51] usb 4-1: Using ep0 maxpacket: 32 [ 170.502497][ T51] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.527046][ T51] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.555602][ T51] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 170.572554][ T51] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.607930][ T51] hub 4-1:4.0: USB hub found [ 170.807705][ T51] hub 4-1:4.0: 6 ports detected [ 170.812949][ T51] hub 4-1:4.0: insufficient power available to use all downstream ports [ 170.847177][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 170.856137][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 171.008892][ T51] hub 4-1:4.0: hub_hub_status failed (err = -71) [ 171.015777][ T51] hub 4-1:4.0: config failed, can't get hub status (err -71) [ 171.077493][ T51] usb 4-1: USB disconnect, device number 14 [ 171.415185][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 172.068403][ T58] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 172.245211][ T58] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 172.264024][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.294715][ T58] usb 3-1: config 0 descriptor?? [ 172.302899][ T58] cp210x 3-1:0.0: cp210x converter detected [ 172.934561][ T58] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 172.946907][ T58] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 172.962636][ T58] usb 3-1: cp210x converter now attached to ttyUSB0 [ 172.988687][ T58] usb 3-1: USB disconnect, device number 15 [ 173.017092][ T58] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 173.025790][ T58] cp210x 3-1:0.0: device disconnected [ 173.185725][T12260] bridge0: port 2(bridge_slave_1) entered learning state [ 173.478368][T12272] net_ratelimit: 1 callbacks suppressed [ 173.478387][T12272] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 173.491054][T12272] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 173.508103][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.533879][ T5831] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 173.547413][ T5831] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 173.558491][ T5831] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 173.566487][ T5831] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 173.577551][ T5831] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 173.584924][ T5831] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 173.652457][T12280] netlink: 165 bytes leftover after parsing attributes in process `syz.1.1596'. [ 173.814091][T12286] IPv6: NLM_F_REPLACE set, but no existing node found! [ 173.888059][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.896972][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.905966][T12273] chnl_net:caif_netlink_parms(): no params data found [ 174.142003][T12273] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.150042][T12273] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.157439][T12273] bridge_slave_0: entered allmulticast mode [ 174.165731][T12273] bridge_slave_0: entered promiscuous mode [ 174.180665][T12273] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.187956][T12273] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.195278][T12273] bridge_slave_1: entered allmulticast mode [ 174.202481][T12273] bridge_slave_1: entered promiscuous mode [ 174.360520][T12273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.379186][T12273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.426767][ T58] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 174.536951][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 174.574439][T11256] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.593529][ T58] usb 4-1: Using ep0 maxpacket: 32 [ 174.618043][ T58] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 174.622440][T12273] team0: Port device team_slave_0 added [ 174.640316][T12273] team0: Port device team_slave_1 added [ 174.660380][ T58] usb 4-1: config 0 has no interfaces? [ 174.679887][ T58] usb 4-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=70.f8 [ 174.697193][ T58] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.715509][ T58] usb 4-1: Product: syz [ 174.719977][ T58] usb 4-1: Manufacturer: syz [ 174.724666][ T58] usb 4-1: SerialNumber: syz [ 174.738772][ T58] usb 4-1: config 0 descriptor?? [ 174.758301][T11256] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.823096][T12273] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.854318][T12273] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.926312][T12273] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.953820][ T5877] usb 4-1: USB disconnect, device number 15 [ 175.016055][T11256] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.057174][T12273] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 175.073592][T12273] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.100975][T12273] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.189917][T11256] netdevsim netdevsim4 netdevsim0 (unregistering): left allmulticast mode [ 175.239659][T11256] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.330488][T12273] hsr_slave_0: entered promiscuous mode [ 175.339111][T12273] hsr_slave_1: entered promiscuous mode [ 175.345338][T12273] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 175.366700][T12273] Cannot create hsr debugfs directory [ 175.575245][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 175.646921][ T5836] Bluetooth: hci5: command tx timeout [ 175.786300][T11256] bridge_slave_1: left allmulticast mode [ 175.794241][T11256] bridge_slave_1: left promiscuous mode [ 175.809569][T11256] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.853751][T11256] bridge_slave_0: left allmulticast mode [ 175.886774][T11256] bridge_slave_0: left promiscuous mode [ 175.908598][T11256] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.062617][T12377] sctp: [Deprecated]: syz.1.1638 (pid 12377) Use of int in max_burst socket option deprecated. [ 176.062617][T12377] Use struct sctp_assoc_value instead [ 176.619042][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 176.709754][T11256] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 176.721009][T11256] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 176.731484][T11256] bond0 (unregistering): Released all slaves [ 176.776914][ T5877] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 176.927130][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 176.936052][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 176.962586][ T5877] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 176.993462][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.012739][ T5877] usb 4-1: Product: syz [ 177.027842][ T5877] usb 4-1: Manufacturer: syz [ 177.032546][ T5877] usb 4-1: SerialNumber: syz [ 177.056342][ T5877] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 177.076284][T12273] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 177.106942][ T58] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 177.143691][T12273] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 177.220147][T12273] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 177.303116][T12273] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 177.317580][ T5873] kernel write not supported for file /input/mouse0 (pid: 5873 comm: kworker/1:3) [ 177.536913][T11256] hsr_slave_0: left promiscuous mode [ 177.543525][T11256] hsr_slave_1: left promiscuous mode [ 177.550770][T11256] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 177.558584][T11256] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 177.578652][T11256] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 177.586187][T11256] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 177.668966][T11256] veth1_macvtap: left promiscuous mode [ 177.675829][T11256] veth0_macvtap: left promiscuous mode [ 177.681730][T11256] veth1_vlan: left promiscuous mode [ 177.687525][T11256] veth0_vlan: left promiscuous mode [ 177.726806][ T5836] Bluetooth: hci5: command tx timeout [ 177.807379][ T5877] usb 4-1: USB disconnect, device number 16 [ 178.361867][T12442] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1669'. [ 178.606852][ T58] usb 4-1: Service connection timeout for: 257 [ 178.629209][ T58] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services [ 178.660146][ T58] ath9k_htc: Failed to initialize the device [ 178.681676][ T5877] usb 4-1: ath9k_htc: USB layer deinitialized [ 178.697082][ T51] net_ratelimit: 3 callbacks suppressed [ 178.697102][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 178.817505][T11256] team0 (unregistering): Port device team_slave_1 removed [ 178.876247][T11256] team0 (unregistering): Port device team_slave_0 removed [ 179.379968][ T29] audit: type=1400 audit(1740198588.758:50): lsm=SMACK fn=smack_inode_permission action=denied subject="y" object="_" requested=wx pid=12460 comm="syz.2.1679" name="343" dev="tmpfs" ino=1751 [ 179.451278][T12449] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1673'. [ 179.584019][T12273] 8021q: adding VLAN 0 to HW filter on device bond0 [ 179.633866][T12273] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.688632][ T6161] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.695773][ T6161] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.731450][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 179.737948][ T6161] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.746733][ T6161] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.807759][ T5836] Bluetooth: hci5: command tx timeout [ 179.966961][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 179.975885][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 180.347214][T12273] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.741174][T12273] veth0_vlan: entered promiscuous mode [ 180.767508][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 180.782416][T12273] veth1_vlan: entered promiscuous mode [ 180.838604][T12273] veth0_macvtap: entered promiscuous mode [ 180.861462][T12273] veth1_macvtap: entered promiscuous mode [ 180.955592][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.984160][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.016691][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 181.046241][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.074723][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 181.129044][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.165492][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 181.203328][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.216304][T12273] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 181.242692][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 181.274862][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.303049][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 181.336339][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.364698][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 181.393726][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.435093][T12273] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 181.478521][T12273] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.512643][T12273] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.539503][T12273] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.561182][T12273] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.780066][T11256] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.807245][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 181.822970][T11256] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.886900][ T5836] Bluetooth: hci5: command tx timeout [ 181.890772][ T3521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.915403][ T3521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.997829][T12560] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1721'. [ 182.849646][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.012331][ T5923] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.021919][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.167272][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.444208][T12602] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 183.558524][ T29] audit: type=1326 audit(1740198592.948:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12603 comm="syz.0.1739" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd85078d169 code=0x0 [ 183.858726][T12623] netlink: 'syz.1.1748': attribute type 10 has an invalid length. [ 183.890615][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 184.069731][T12623] bond0: (slave bond_slave_0): Releasing backup interface [ 184.324851][T12639] syzkaller0: tun_chr_ioctl cmd 1074025680 [ 184.930143][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 185.177187][T12686] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1777'. [ 185.198953][T12688] IPVS: length: 131 != 8 [ 185.926158][T12722] program syz.3.1793 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 185.976441][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 186.047331][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 186.057685][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 186.965172][T12758] input: syz0 as /devices/virtual/input/input21 [ 187.007541][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 187.085721][T12766] loop6: detected capacity change from 0 to 524287999 [ 187.490422][ T5923] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 187.498852][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 188.046963][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.056758][ T5877] usb 3-1: new full-speed USB device number 16 using dummy_hcd [ 189.086886][ T5923] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.095073][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.103222][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.263575][ T5877] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 189.274743][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 189.296096][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 189.313803][ T5877] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 189.339150][ T5877] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 189.376802][ T5877] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 189.384856][ T5877] usb 3-1: Manufacturer: syz [ 189.408256][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.430937][ T5877] usb 3-1: config 0 descriptor?? [ 189.461824][ T29] audit: type=1400 audit(1740198598.858:52): lsm=SMACK fn=smack_inode_permission action=denied subject="y" object="_" requested=wx pid=12873 comm="syz.3.1863" name="352" dev="tmpfs" ino=1819 [ 189.727358][ T5877] rc_core: IR keymap rc-hauppauge not found [ 189.743497][ T5877] Registered IR keymap rc-empty [ 189.755540][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 189.816842][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 189.839471][ T5877] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 189.877731][ T5877] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input22 [ 189.922142][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 189.946952][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 189.977043][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 189.996973][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 190.017761][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 190.047921][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 190.076058][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 190.106747][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 190.129318][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 190.137407][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 190.156787][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 190.177339][ T5877] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 190.221037][ T5877] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 190.245103][ T5877] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 190.261331][ T5877] usb 3-1: USB disconnect, device number 16 [ 191.177041][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 191.596183][T12986] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1912'. [ 191.673472][T12991] sg_read: process 802 (syz.3.1915) changed security contexts after opening file descriptor, this is not allowed. [ 192.126975][ T5923] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 192.136010][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 192.206988][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 192.964567][T13031] netlink: 'syz.0.1932': attribute type 4 has an invalid length. [ 193.167555][T13042] sctp: [Deprecated]: syz.3.1935 (pid 13042) Use of int in maxseg socket option. [ 193.167555][T13042] Use struct sctp_assoc_value instead [ 193.247902][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 193.611065][ T29] audit: type=1326 audit(1740198603.008:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13063 comm="syz.3.1948" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f581838d169 code=0x0 [ 193.789224][ T5877] kernel write not supported for file /snd/seq (pid: 5877 comm: kworker/0:5) [ 194.286858][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 194.532719][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.539162][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.598009][T13102] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 194.673677][T13109] netlink: 'syz.3.1966': attribute type 21 has an invalid length. [ 194.696764][T13109] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1966'. [ 194.745608][T13109] netlink: 'syz.3.1966': attribute type 4 has an invalid length. [ 194.759847][T13109] netlink: 'syz.3.1966': attribute type 5 has an invalid length. [ 194.774292][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1966'. [ 194.925035][T13117] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1971'. [ 194.946966][T13117] batadv1: left allmulticast mode [ 194.962852][T13117] batadv1: left promiscuous mode [ 194.973015][T13117] bridge0: port 3(batadv1) entered disabled state [ 195.029082][T13117] bridge_slave_1: left allmulticast mode [ 195.034791][T13117] bridge_slave_1: left promiscuous mode [ 195.055828][T13117] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.093574][T13117] bridge_slave_0: left allmulticast mode [ 195.105343][T13117] bridge_slave_0: left promiscuous mode [ 195.114336][T13117] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.171783][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 195.180723][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 195.330292][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 195.479684][T13135] Bluetooth: MGMT ver 1.23 [ 195.520801][T13141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 195.538056][T13141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 195.546764][T13141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 195.565350][T13143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1984'. [ 195.576463][T13139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 195.598626][T13139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 195.612410][T13143] netlink: 'syz.1.1984': attribute type 30 has an invalid length. [ 195.726813][ T5877] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 195.916953][ T5877] usb 1-1: Using ep0 maxpacket: 16 [ 195.959928][ T5877] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 195.993224][ T5877] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 196.033768][ T5877] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 196.062486][ T5877] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 196.085424][ T5877] usb 1-1: Product: syz [ 196.100546][ T5877] usb 1-1: Manufacturer: syz [ 196.105302][ T5877] usb 1-1: SerialNumber: syz [ 196.113014][ T5877] usb 1-1: config 0 descriptor?? [ 196.123009][ T5877] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 196.140374][ T5877] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class) [ 196.368792][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 196.744461][ T5877] em28xx 1-1:0.0: chip ID is em2882/3 [ 196.945303][ T5877] em28xx 1-1:0.0: Config register raw data: 0xfffffffb [ 196.962026][ T5877] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 196.982966][ T5877] em28xx 1-1:0.0: No AC97 audio processor [ 197.013499][ T5877] usb 1-1: USB disconnect, device number 14 [ 197.030090][ T5877] em28xx 1-1:0.0: Disconnecting em28xx [ 197.067272][ T5877] em28xx 1-1:0.0: Freeing device [ 197.355241][T13204] block nbd3: shutting down sockets [ 197.451184][ T29] audit: type=1326 audit(1740198606.848:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13205 comm="syz.1.2014" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f018c58d169 code=0x0 [ 197.583967][T13214] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2017'. [ 197.676777][ T5877] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 197.840103][ T5877] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 197.849320][ T5877] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 197.864795][ T5877] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 197.880391][ T5877] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 197.892236][ T5877] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 197.944278][ T5877] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 197.963815][ T5877] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 197.978830][ T5877] usb 6-1: Product: syz [ 197.983046][ T5877] usb 6-1: Manufacturer: syz [ 198.003371][ T5877] cdc_wdm 6-1:1.0: skipping garbage [ 198.014584][ T5877] cdc_wdm 6-1:1.0: skipping garbage [ 198.024833][ T5877] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 198.035483][ T5877] cdc_wdm 6-1:1.0: Unknown control protocol [ 198.243200][ T58] usb 6-1: USB disconnect, device number 2 [ 199.122836][T13283] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2048'. [ 199.331473][T13290] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 199.359192][ T58] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 199.494302][ T5904] net_ratelimit: 6 callbacks suppressed [ 199.494323][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 199.536782][ T58] usb 3-1: Using ep0 maxpacket: 8 [ 199.557829][ T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.585746][ T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 199.621789][ T58] usb 3-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00 [ 199.641247][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.682900][ T58] usb 3-1: config 0 descriptor?? [ 199.910830][ T58] usbhid 3-1:0.0: can't add hid device: -71 [ 199.933041][ T58] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 199.967354][ T58] usb 3-1: USB disconnect, device number 17 [ 200.139631][T13314] dummy0: entered promiscuous mode [ 200.335915][T13317] ip6gretap1: entered promiscuous mode [ 200.354563][T13317] ip6gretap1: entered allmulticast mode [ 200.544423][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 200.697875][T13331] netpci0: tun_chr_ioctl cmd 1074025677 [ 200.703695][T13331] netpci0: linktype set to 773 [ 201.243166][ T29] audit: type=1326 audit(1740198610.638:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13358 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 201.275107][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 201.284051][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 201.293245][ T29] audit: type=1326 audit(1740198610.638:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13358 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 201.315614][ T29] audit: type=1326 audit(1740198610.688:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13358 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 201.338418][ T29] audit: type=1326 audit(1740198610.688:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13358 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 201.360217][ T29] audit: type=1326 audit(1740198610.688:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13358 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 201.382192][ T29] audit: type=1326 audit(1740198610.708:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13358 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 201.475502][ T29] audit: type=1326 audit(1740198610.858:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13358 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 201.533696][ T29] audit: type=1326 audit(1740198610.858:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13358 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5818384127 code=0x7ffc0000 [ 201.555587][T13361] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2085'. [ 201.567029][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 201.581809][T13361] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2085'. [ 201.607546][ T29] audit: type=1326 audit(1740198610.858:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13358 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5818329359 code=0x7ffc0000 [ 201.969530][T13377] netlink: 'syz.1.2091': attribute type 1 has an invalid length. [ 202.151781][T13385] use of bytesused == 0 is deprecated and will be removed in the future, [ 202.161107][T13385] use the actual size instead. [ 202.278510][T13391] netlink: 4272 bytes leftover after parsing attributes in process `syz.1.2098'. [ 202.607521][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.981693][ T29] kauditd_printk_skb: 115 callbacks suppressed [ 202.981711][ T29] audit: type=1326 audit(1740198612.378:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13418 comm="syz.2.2111" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe93d18d169 code=0x0 [ 202.996913][ T51] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 203.177317][ T51] usb 6-1: Using ep0 maxpacket: 32 [ 203.199797][ T51] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 203.211956][ T51] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 203.226584][ T51] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 203.246226][ T51] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 203.271394][ T51] usb 6-1: config 0 interface 0 has no altsetting 0 [ 203.285844][ T51] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 203.300576][ T51] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 203.322818][ T51] usb 6-1: Product: syz [ 203.340873][ T51] usb 6-1: Manufacturer: syz [ 203.358508][ T51] usb 6-1: SerialNumber: syz [ 203.371100][ T51] usb 6-1: config 0 descriptor?? [ 203.383691][ T51] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 203.401375][ T51] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 203.513089][T13445] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 203.519670][T13445] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 203.531160][T13445] vhci_hcd vhci_hcd.0: Device attached [ 203.547044][T13445] vhci_hcd vhci_hcd.0: port 0 already used [ 203.560842][T13447] vhci_hcd: connection closed [ 203.562010][T13452] 9pnet_fd: Insufficient options for proto=fd [ 203.562152][ T6157] vhci_hcd: stop threads [ 203.586545][ T6157] vhci_hcd: release socket [ 203.591848][ T6157] vhci_hcd: disconnect device [ 203.656748][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.136272][T13483] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2136'. [ 204.170082][T13485] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2137'. [ 204.286971][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.295839][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.365107][T13493] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2139'. [ 204.468278][T13501] netlink: 'syz.0.2143': attribute type 10 has an invalid length. [ 204.508485][T13501] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 204.550113][ T29] audit: type=1326 audit(1740198613.948:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13502 comm="syz.3.2144" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f5818384127 code=0x0 [ 204.687058][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.779417][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.788402][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.800937][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.809253][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.907040][ T5875] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 204.949816][T13517] random: crng reseeded on system resumption [ 205.068291][ T5875] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 205.078964][ T5875] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 205.098589][ T5875] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 205.116901][ T5875] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 205.124971][ T5875] usb 1-1: SerialNumber: syz [ 205.242317][ T29] audit: type=1326 audit(1740198614.638:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13521 comm="syz.1.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f018c584127 code=0x7ffc0000 [ 205.264996][ T29] audit: type=1326 audit(1740198614.638:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13521 comm="syz.1.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f018c529359 code=0x7ffc0000 [ 205.297057][ T29] audit: type=1326 audit(1740198614.638:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13521 comm="syz.1.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f018c584127 code=0x7ffc0000 [ 205.338667][ T29] audit: type=1326 audit(1740198614.638:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13521 comm="syz.1.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f018c529359 code=0x7ffc0000 [ 205.372834][ T5875] usb 1-1: 0:2 : does not exist [ 205.386190][ T29] audit: type=1326 audit(1740198614.638:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13521 comm="syz.1.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f018c58d169 code=0x7ffc0000 [ 205.424396][ T5875] usb 1-1: USB disconnect, device number 15 [ 205.449072][ T29] audit: type=1326 audit(1740198614.638:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13521 comm="syz.1.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f018c58d169 code=0x7ffc0000 [ 205.471021][ T29] audit: type=1326 audit(1740198614.658:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13521 comm="syz.1.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f018c58d169 code=0x7ffc0000 [ 205.492657][ C1] vkms_vblank_simulate: vblank timer overrun [ 205.506223][ T29] audit: type=1326 audit(1740198614.658:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13521 comm="syz.1.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f018c58d169 code=0x7ffc0000 [ 205.527817][ C1] vkms_vblank_simulate: vblank timer overrun [ 205.727065][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 205.765963][T13538] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 205.783419][ T51] usb 6-1: USB disconnect, device number 3 [ 205.799694][ T51] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 206.124899][T13556] program syz.5.2170 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 206.464994][T13571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2175'. [ 206.536837][T13571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2175'. [ 206.776784][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 206.956982][T13597] block nbd2: not configured, cannot reconfigure [ 206.995101][T13601] netlink: 'syz.1.2191': attribute type 1 has an invalid length. [ 207.320080][T13614] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 207.390931][T13614] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.087408][ T5904] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 208.268481][ T5904] usb 1-1: Using ep0 maxpacket: 8 [ 208.288753][ T5904] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 208.314136][ T5904] usb 1-1: config 179 has no interface number 0 [ 208.326292][ T5904] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 208.367479][ T5904] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 208.389364][ T5904] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 208.406282][ T5904] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 208.418291][ T5904] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 208.452455][ T5904] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 208.479928][ T5904] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.522270][T13639] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 208.760433][ T5904] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input23 [ 208.988966][ T5904] usb 1-1: USB disconnect, device number 16 [ 208.989017][ C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 209.003352][ C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 209.011757][ C1] vkms_vblank_simulate: vblank timer overrun [ 209.020058][ T5904] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 209.698486][T13687] net_ratelimit: 1191 callbacks suppressed [ 209.698508][T13687] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.713609][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.721981][ T5875] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 209.729861][T13687] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.738432][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.747542][T13687] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.755876][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.765128][T13687] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.773770][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.782593][T13687] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.790953][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.988476][T13694] netlink: 'syz.0.2233': attribute type 11 has an invalid length. [ 210.022846][T13694] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2233'. [ 210.106742][ T5875] usb 6-1: Using ep0 maxpacket: 16 [ 210.119409][ T5875] usb 6-1: config 0 has an invalid interface number: 251 but max is 0 [ 210.131543][ T5875] usb 6-1: config 0 has no interface number 0 [ 210.152926][ T5875] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 210.181403][ T5875] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 210.208316][ T5875] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 210.233701][ T5875] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.256683][ T5875] usb 6-1: Product: syz [ 210.260909][ T5875] usb 6-1: Manufacturer: syz [ 210.265523][ T5875] usb 6-1: SerialNumber: syz [ 210.296395][ T5875] usb 6-1: config 0 descriptor?? [ 210.311052][T13682] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 210.325535][T13682] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 210.563393][ T5875] asix 6-1:0.251: probe with driver asix failed with error -71 [ 210.591324][ T5875] usb 6-1: USB disconnect, device number 4 [ 210.622999][T13712] misc userio: Can't change port type on an already running userio instance [ 210.733334][T13716] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2242'. [ 210.742781][T13716] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2242'. [ 210.924177][ T5831] Bluetooth: hci2: sending frame failed (-49) [ 210.932565][ T5836] Bluetooth: hci2: Opcode 0x1003 failed: -49 [ 211.304826][T13730] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2249'. [ 211.391129][T13730] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2249'. [ 212.486868][ T5875] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 212.572243][T13787] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2275'. [ 212.647269][ T5875] usb 3-1: Using ep0 maxpacket: 32 [ 212.664946][ T5875] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 212.687081][ T5875] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 212.709037][ T5875] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 212.747679][ T5875] usb 3-1: config 1 has no interface number 0 [ 212.754261][ T5875] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 212.790228][ T5875] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 212.824017][ T5875] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 212.835820][ T5875] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.867345][ T5875] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 213.068928][ T5875] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached [ 213.106769][T13808] netlink: 'syz.5.2285': attribute type 6 has an invalid length. [ 213.167210][ T5831] Bluetooth: hci2: command 0x1003 tx timeout [ 213.173880][ T5836] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 213.558655][ T5875] usb 3-1: USB disconnect, device number 18 [ 213.565609][ T5875] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 214.924295][T13884] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2318'. [ 214.951213][T13884] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2318'. [ 215.088529][ T5874] net_ratelimit: 875 callbacks suppressed [ 215.088549][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.659181][T13924] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2337'. [ 215.736745][ T5874] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 215.896815][ T5874] usb 3-1: Using ep0 maxpacket: 32 [ 215.920699][ T5874] usb 3-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 215.945583][ T5874] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 215.979157][ T5874] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 215.995972][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 216.004797][ T5874] usb 3-1: Product: syz [ 216.016306][ T5874] usb 3-1: Manufacturer: syz [ 216.023599][ T5874] usb 3-1: SerialNumber: syz [ 216.045876][ T5874] appletouch 3-1:1.0: Could not find int-in endpoint [ 216.069878][ T5874] appletouch 3-1:1.0: probe with driver appletouch failed with error -5 [ 216.104854][ T5874] usbhid 3-1:1.0: couldn't find an input interrupt endpoint [ 216.127429][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 216.189958][T13950] mkiss: ax0: crc mode is auto. [ 216.261502][ T5877] usb 3-1: USB disconnect, device number 19 [ 216.476763][ T5875] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 216.640793][ T5875] usb 4-1: Using ep0 maxpacket: 32 [ 216.652017][ T5875] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 216.662855][ T5875] usb 4-1: config 0 has no interface number 0 [ 216.680048][ T5875] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 216.698771][T13974] 8021q: adding VLAN 0 to HW filter on device bond1 [ 216.708906][T13974] bond0: (slave bond1): Enslaving as an active interface with an up link [ 216.715844][ T5875] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 216.751543][ T5875] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 216.780210][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.805950][ T5875] usb 4-1: config 0 descriptor?? [ 216.931097][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 216.931645][T13985] vivid-000: disconnect [ 216.939950][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 216.973572][T13984] vivid-000: reconnect [ 217.017079][ T5874] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 217.172705][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.186916][ T5874] usb 1-1: Using ep0 maxpacket: 32 [ 217.200946][ T5874] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 217.217486][ T5874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.225797][ T5874] usb 1-1: Product: syz [ 217.235733][ T5874] usb 1-1: Manufacturer: syz [ 217.242870][ T5874] usb 1-1: SerialNumber: syz [ 217.256295][ T5874] usb 1-1: config 0 descriptor?? [ 217.279471][ T5874] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 217.416889][T13999] veth1_to_hsr: default FDB implementation only supports local addresses [ 217.482872][ T5875] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0094.000E/input/input25 [ 217.606922][ T5875] uclogic 0003:28BD:0094.000E: input,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.3-1/input1 [ 217.712656][ T5875] usb 4-1: USB disconnect, device number 17 [ 218.088213][ T5874] gspca_stk1135: reg_w 0x5 err -71 [ 218.094565][ T5874] gspca_stk1135: serial bus timeout: status=0x00 [ 218.106379][ T5874] gspca_stk1135: Sensor write failed [ 218.112247][ T5874] gspca_stk1135: serial bus timeout: status=0x00 [ 218.119444][ T5874] gspca_stk1135: Sensor write failed [ 218.124871][ T5874] gspca_stk1135: serial bus timeout: status=0x00 [ 218.132210][ T5874] gspca_stk1135: Sensor read failed [ 218.138720][ T5874] gspca_stk1135: serial bus timeout: status=0x00 [ 218.145422][ T5874] gspca_stk1135: Sensor read failed [ 218.150774][ T5874] gspca_stk1135: Detected sensor type unknown (0x0) [ 218.166895][ T5874] gspca_stk1135: serial bus timeout: status=0x00 [ 218.180400][ T5874] gspca_stk1135: Sensor read failed [ 218.200001][ T5874] gspca_stk1135: serial bus timeout: status=0x00 [ 218.217440][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.228074][ T5874] gspca_stk1135: Sensor read failed [ 218.241530][ T5874] gspca_stk1135: serial bus timeout: status=0x00 [ 218.251958][ T5874] gspca_stk1135: Sensor write failed [ 218.260504][ T5874] gspca_stk1135: serial bus timeout: status=0x00 [ 218.288959][ T5874] gspca_stk1135: Sensor write failed [ 218.294409][ T5874] stk1135 1-1:0.0: probe with driver stk1135 failed with error -71 [ 218.329889][ T5874] usb 1-1: USB disconnect, device number 17 [ 219.257051][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.498718][T14043] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 219.846749][ T58] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 219.982297][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.991068][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.016786][ T58] usb 3-1: Using ep0 maxpacket: 16 [ 220.024190][ T58] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 18273, setting to 1024 [ 220.041865][ T58] usb 3-1: config 0 interface 0 has no altsetting 0 [ 220.058185][ T58] usb 3-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 220.070950][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.083573][ T58] usb 3-1: config 0 descriptor?? [ 220.090169][T14076] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 220.127480][T11262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.136437][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.146524][ T6157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.155883][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.287515][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.573395][ T58] cougar 0003:060B:500A.000F: usage count exceeds max: fixing up report descriptor [ 220.607457][ T58] cougar 0003:060B:500A.000F: unexpected long global item [ 220.615210][ T58] cougar 0003:060B:500A.000F: parse failed [ 220.656971][ T58] cougar 0003:060B:500A.000F: probe with driver cougar failed with error -22 [ 220.713957][ T5904] kernel write not supported for file /sequencer (pid: 5904 comm: kworker/1:6) [ 220.740117][ T58] usb 3-1: USB disconnect, device number 20 [ 220.819350][T14132] netlink: 'syz.0.2434': attribute type 1 has an invalid length. [ 221.326880][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.366888][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.423014][T14208] 9pnet_fd: Insufficient options for proto=fd [ 223.169626][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.178515][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.407025][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.014802][T14280] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.060273][T14280] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.211703][T14283] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.218968][T14283] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.285557][T14283] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.292787][T14283] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.734517][T14316] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2518'. [ 224.750931][T14316] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2518'. [ 224.777026][T14316] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2518'. [ 224.790783][T14316] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2518'. [ 224.801167][T14316] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2518'. [ 224.811824][T14316] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2518'. [ 224.820882][ T51] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 224.988780][ T51] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 225.002178][ T51] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 225.013066][ T51] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 225.023565][ T51] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.046270][T14306] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 225.060517][ T51] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 225.488077][ T5874] net_ratelimit: 1 callbacks suppressed [ 225.488096][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.648051][ T51] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 225.816763][ T51] usb 1-1: Using ep0 maxpacket: 32 [ 225.826072][ T51] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 225.834793][ T51] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 225.843735][ T51] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 225.854514][ T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 225.865175][ T51] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 225.894567][ T51] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 225.908124][T11262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.917046][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.926651][ T3521] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.934996][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.941810][ T51] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 225.979116][ T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.002033][ T51] usb 1-1: config 0 descriptor?? [ 226.237172][ T51] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 18 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 226.472784][ T5875] usb 1-1: USB disconnect, device number 18 [ 226.521120][ T5875] usblp0: removed [ 226.538006][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 227.517145][T14414] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2561'. [ 227.567378][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 227.605035][T14418] bridge_slave_0: default FDB implementation only supports local addresses [ 227.619048][ T5875] usb 3-1: USB disconnect, device number 21 [ 228.676474][T14453] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 228.693944][T14453] batadv_slave_0: entered promiscuous mode [ 229.383100][T14482] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2592'. [ 229.479325][ T58] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 229.542938][T14489] netlink: 830 bytes leftover after parsing attributes in process `syz.2.2595'. [ 229.650092][ T58] usb 4-1: Using ep0 maxpacket: 16 [ 229.653740][T14497] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2598'. [ 229.668547][ T58] usb 4-1: config 0 interface 0 has no altsetting 0 [ 229.675212][ T58] usb 4-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 229.694737][ T58] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.731185][ T58] usb 4-1: config 0 descriptor?? [ 229.826875][T14503] netlink: 'syz.5.2601': attribute type 1 has an invalid length. [ 230.019995][T14514] sp0: Synchronizing with TNC [ 230.078562][T14514] Falling back ldisc for ttyS3. [ 230.203949][ T58] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.0010/input/input26 [ 230.294458][ T58] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.0010/input/input27 [ 230.397521][ T58] kye 0003:0458:5013.0010: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.3-1/input0 [ 230.444610][ T58] usb 4-1: USB disconnect, device number 18 [ 230.488402][T14532] bond0: option use_carrier: invalid value (2) [ 231.232742][T14571] mkiss: ax0: crc mode is auto. [ 231.303465][T14578] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2636'. [ 232.067184][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 232.067202][ T29] audit: type=1326 audit(1740198641.458:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14572 comm="syz.3.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7fc00000 [ 232.871208][ T5875] IPVS: starting estimator thread 0... [ 232.986801][T14630] IPVS: using max 25 ests per chain, 60000 per kthread [ 233.205896][T14647] syzkaller0: tun_chr_ioctl cmd 35108 [ 235.640391][T14737] VFS: could not find a valid V7 on nullb0. [ 235.686438][T14737] hpfs: Bad magic ... probably not HPFS [ 237.647271][ T5836] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 237.657826][ T5836] Bluetooth: hci5: Injecting HCI hardware error event [ 237.667568][ T5831] Bluetooth: hci5: hardware error 0x00 [ 238.306878][ T5874] usb 3-1: new full-speed USB device number 22 using dummy_hcd [ 238.498622][ T5874] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 238.514150][ T5874] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 238.516971][T14850] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2726'. [ 238.560049][ T5874] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 238.570430][T14850] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2726'. [ 238.593137][ T5874] usb 3-1: config 1 has no interface number 1 [ 238.613800][ T5874] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 238.620544][T14850] netlink: 'syz.3.2726': attribute type 4 has an invalid length. [ 238.656781][ T5874] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4 [ 238.699002][ T5874] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 238.719413][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.747922][ T5874] usb 3-1: Product: syz [ 238.752180][ T5874] usb 3-1: Manufacturer: syz [ 238.767005][ T5874] usb 3-1: SerialNumber: syz [ 239.008903][ T5874] usb 3-1: 2:1 : no or invalid class specific endpoint descriptor [ 239.104781][ T5874] usb 3-1: USB disconnect, device number 22 [ 239.382046][T14892] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2740'. [ 239.557094][T14904] program syz.5.2744 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 239.776826][ T5875] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 239.897693][ T29] audit: type=1326 audit(1740198649.288:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14917 comm="syz.2.2751" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe93d18d169 code=0x0 [ 239.958452][ T5875] usb 1-1: Using ep0 maxpacket: 8 [ 239.991054][ T5875] usb 1-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a [ 240.006674][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 240.024926][ T5875] usb 1-1: Product: syz [ 240.035040][ T5875] usb 1-1: Manufacturer: syz [ 240.052513][ T5875] usb 1-1: SerialNumber: syz [ 240.076504][ T5875] usb 1-1: config 0 descriptor?? [ 240.089955][ T5875] gspca_main: sn9c2028-2.14.0 probing 0458:7003 [ 240.216323][ T5831] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 240.306747][ T5875] gspca_sn9c2028: read1 error -32 [ 240.314046][ T5875] gspca_sn9c2028: read1 error -32 [ 240.531281][T14943] netlink: 'syz.5.2763': attribute type 6 has an invalid length. [ 240.540531][T14943] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.2763'. [ 240.542615][ T5877] usb 1-1: USB disconnect, device number 19 [ 241.613865][T14984] overlayfs: missing 'lowerdir' [ 242.846849][ T5836] Bluetooth: hci4: command 0x0c1a tx timeout [ 242.866455][T15021] Bluetooth: MGMT ver 1.23 [ 243.635262][T15061] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2814'. [ 244.686924][ T29] audit: type=1326 audit(1740198654.078:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15070 comm="syz.1.2819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f018c58d169 code=0x7fc00000 [ 244.708533][ C1] vkms_vblank_simulate: vblank timer overrun [ 245.829784][T15169] 9pnet_fd: Insufficient options for proto=fd [ 246.399182][T15188] netlink: 'syz.1.2871': attribute type 3 has an invalid length. [ 246.417994][T15188] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 247.139811][T15216] netlink: 'syz.0.2885': attribute type 33 has an invalid length. [ 247.159275][T15216] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2885'. [ 247.894686][T15252] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2902'. [ 248.229823][T15269] tipc: Started in network mode [ 248.245016][T15269] tipc: Node identity ac14140f, cluster identity 4711 [ 248.272531][T15269] tipc: New replicast peer: 255.255.255.255 [ 248.300545][T15269] tipc: Enabled bearer , priority 10 [ 249.028025][T15315] loop9: detected capacity change from 0 to 8 [ 249.054774][T15315] Dev loop9: unable to read RDB block 8 [ 249.066871][T15315] loop9: unable to read partition table [ 249.084989][T15315] loop9: partition table beyond EOD, truncated [ 249.102637][T15318] netlink: 'syz.1.2933': attribute type 1 has an invalid length. [ 249.107664][T15315] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 249.429449][ T51] tipc: Node number set to 2886997007 [ 249.604255][T15344] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 249.947892][T15363] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2955'. [ 251.416755][ T5874] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 251.596021][ T5874] usb 1-1: config 0 has no interfaces? [ 251.605894][ T5874] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice=e5.83 [ 251.622361][ T5874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.651052][ T5874] usb 1-1: Product: syz [ 251.657066][ T5874] usb 1-1: Manufacturer: syz [ 251.666122][ T5874] usb 1-1: SerialNumber: syz [ 251.678665][ T5874] usb 1-1: config 0 descriptor?? [ 251.797096][ T5875] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 251.963391][ T5874] usb 1-1: USB disconnect, device number 20 [ 251.972389][ T5875] usb 3-1: Using ep0 maxpacket: 32 [ 251.994184][ T5875] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 252.017317][ T5875] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 252.026790][ T5875] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.034814][ T5875] usb 3-1: Product: syz [ 252.045703][ T5875] usb 3-1: Manufacturer: syz [ 252.050661][ T5875] usb 3-1: SerialNumber: syz [ 252.068060][ T5875] usb 3-1: config 0 descriptor?? [ 252.087287][T15441] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 252.106816][ T5875] hub 3-1:0.0: bad descriptor, ignoring hub [ 252.112857][ T5875] hub 3-1:0.0: probe with driver hub failed with error -5 [ 252.140827][ T5875] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input28 [ 252.334072][ T5875] usb 3-1: USB disconnect, device number 23 [ 252.334133][ C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 253.187809][T15497] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 253.194432][T15497] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 253.520542][T15517] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3022'. [ 253.590797][T15517] bond1 (unregistering): Released all slaves [ 254.078182][ T5875] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 254.250394][ T5875] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 254.273706][ T5875] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.294675][ T5875] usb 3-1: Product: syz [ 254.303974][ T5875] usb 3-1: Manufacturer: syz [ 254.317382][ T5875] usb 3-1: SerialNumber: syz [ 254.332476][ T5875] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 254.357065][ T58] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 254.418254][T15547] [U]  [ 255.017070][ T5877] usb 3-1: USB disconnect, device number 24 [ 255.648968][ T58] usb 3-1: Service connection timeout for: 256 [ 255.663687][ T58] ath9k_htc 3-1:1.0: ath9k_htc: Unable to initialize HTC services [ 255.684064][ T58] ath9k_htc: Failed to initialize the device [ 255.690426][ T5877] usb 3-1: ath9k_htc: USB layer deinitialized [ 255.968826][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.975486][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.117776][T15625] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3072'. [ 256.137781][T15627] 9pnet_fd: Insufficient options for proto=fd [ 256.150809][T15625] vlan2: entered promiscuous mode [ 256.155886][T15625] gretap0: entered promiscuous mode [ 256.218062][T15625] gretap0: left promiscuous mode [ 256.766887][T15657] erspan0: entered promiscuous mode [ 256.789781][T15657] erspan0: left promiscuous mode [ 257.654538][T15695] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 258.569553][T15737] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3122'. [ 260.000198][T15795] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3148'. [ 260.067864][T15795] team0: Device ipvlan2 failed to register rx_handler [ 260.539281][T15813] vivid-006: disconnect [ 260.552117][T15812] vivid-006: reconnect [ 261.001177][T15841] netem: incorrect gi model size [ 261.099777][T15846] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3171'. [ 262.055764][ T29] audit: type=1326 audit(1740198671.448:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15880 comm="syz.3.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 262.142608][ T5904] Process accounting resumed [ 262.158861][ T29] audit: type=1326 audit(1740198671.498:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15880 comm="syz.3.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 262.227274][ T29] audit: type=1326 audit(1740198671.498:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15880 comm="syz.3.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 262.291336][ T29] audit: type=1326 audit(1740198671.498:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15880 comm="syz.3.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 262.364213][ T29] audit: type=1326 audit(1740198671.498:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15880 comm="syz.3.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 262.458985][ T29] audit: type=1326 audit(1740198671.498:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15880 comm="syz.3.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 262.481896][ T29] audit: type=1326 audit(1740198671.498:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15880 comm="syz.3.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5818384127 code=0x7ffc0000 [ 262.504754][ T29] audit: type=1326 audit(1740198671.498:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15880 comm="syz.3.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5818329359 code=0x7ffc0000 [ 262.527495][ T29] audit: type=1326 audit(1740198671.498:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15880 comm="syz.3.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5818384127 code=0x7ffc0000 [ 262.579683][ T29] audit: type=1326 audit(1740198671.498:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15880 comm="syz.3.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5818329359 code=0x7ffc0000 [ 262.774723][ T58] kernel write not supported for file bpf-map (pid: 58 comm: kworker/0:2) [ 263.533410][T15944] lo speed is unknown, defaulting to 1000 [ 263.562621][T15944] lo speed is unknown, defaulting to 1000 [ 263.584639][T15944] lo speed is unknown, defaulting to 1000 [ 263.630167][T15944] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 263.637757][T15951] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3216'. [ 263.689852][T15944] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 263.769270][T15944] lo speed is unknown, defaulting to 1000 [ 263.794968][T15944] lo speed is unknown, defaulting to 1000 [ 263.837266][T15944] lo speed is unknown, defaulting to 1000 [ 263.844641][T15944] lo speed is unknown, defaulting to 1000 [ 263.859952][T15944] lo speed is unknown, defaulting to 1000 [ 263.966264][T15964] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 264.046167][T15967] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3225'. [ 264.322616][T15978] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3228'. [ 264.371194][ T5904] hid-generic 0000:0000:0000.0011: hidraw0: HID v0.00 Device [syz1] on syz1 [ 264.699086][T15995] ipvlan2: entered promiscuous mode [ 264.709247][T15995] bridge0: port 3(ipvlan2) entered blocking state [ 264.727003][T15995] bridge0: port 3(ipvlan2) entered disabled state [ 264.733783][T15995] ipvlan2: entered allmulticast mode [ 264.742981][T15995] bridge0: entered allmulticast mode [ 264.743215][ T5877] usb 4-1: new full-speed USB device number 19 using dummy_hcd [ 264.791897][T15995] ipvlan2: left allmulticast mode [ 264.800194][T16000] 9pnet_virtio: no channels available for device syz [ 264.807341][T15995] bridge0: left allmulticast mode [ 264.908397][ T5877] usb 4-1: config 7 has an invalid interface number: 34 but max is 0 [ 264.919055][ T5877] usb 4-1: config 7 has no interface number 0 [ 264.947238][ T5877] usb 4-1: New USB device found, idVendor=0fe9, idProduct=db51, bcdDevice=5e.35 [ 264.971977][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 264.990305][ T5877] usb 4-1: Product: syz [ 264.994585][ T5877] usb 4-1: Manufacturer: syz [ 265.014581][ T5877] usb 4-1: SerialNumber: syz [ 265.537133][ T58] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 265.633467][T16038] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3258'. [ 265.698947][ T58] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 265.726214][ T58] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 265.748072][ T58] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 265.769327][ T58] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 265.781345][ T58] usb 6-1: Manufacturer: syz [ 265.791729][ T58] usb 6-1: config 0 descriptor?? [ 265.802488][ T5877] dvb-usb: found a 'DViCO FusionHDTV DVB-T Dual USB' in warm state. [ 265.848504][ T5877] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 265.891369][ T5877] dvb-usb: DViCO FusionHDTV DVB-T Dual USB error while loading driver (-19) [ 265.922641][ T5877] dvb_usb_cxusb 4-1:7.34: probe with driver dvb_usb_cxusb failed with error -22 [ 265.932467][ T58] rc_core: IR keymap rc-hauppauge not found [ 265.946652][ T58] Registered IR keymap rc-empty [ 265.963844][ T58] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 265.983877][ T58] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input29 [ 266.009845][ T5904] usb 4-1: USB disconnect, device number 19 [ 266.245870][ C0] igorplugusb 6-1:0.0: receive overflow, at least 9 lost [ 266.455471][ T58] usb 6-1: USB disconnect, device number 5 [ 266.550292][ T5836] Bluetooth: hci4: ACL packet for unknown connection handle 200 [ 266.585065][T16086] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 266.625649][ T5877] lo speed is unknown, defaulting to 1000 [ 267.264041][T16113] 9pnet_fd: Insufficient options for proto=fd [ 267.776772][ T5904] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 267.938211][ T5904] usb 3-1: Using ep0 maxpacket: 32 [ 267.946679][ T58] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 267.956145][ T5904] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 267.971793][ T5904] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 267.982032][ T5904] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 267.996358][ T5904] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.006450][ T5904] usb 3-1: config 0 descriptor?? [ 268.109154][ T58] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 268.118415][ T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.129159][ T58] usb 1-1: config 0 descriptor?? [ 268.141795][ T58] cp210x 1-1:0.0: cp210x converter detected [ 268.428860][ T5904] ft260 0003:0403:6030.0012: unknown main item tag 0x0 [ 268.553921][ T58] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 268.566825][ T58] usb 1-1: cp210x converter now attached to ttyUSB0 [ 268.625694][ T5904] ft260 0003:0403:6030.0012: chip code: 0000 0000 [ 268.772042][ T5877] usb 1-1: USB disconnect, device number 21 [ 268.801296][ T5877] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 268.824108][ T5877] cp210x 1-1:0.0: device disconnected [ 268.831322][ T5904] ft260 0003:0403:6030.0012: failed to retrieve system status [ 268.847033][ T5904] ft260 0003:0403:6030.0012: probe with driver ft260 failed with error -71 [ 268.865492][T16169] netlink: 11 bytes leftover after parsing attributes in process `syz.3.3318'. [ 268.888683][ T5904] usb 3-1: USB disconnect, device number 25 [ 269.054646][T16179] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3323'. [ 269.182288][T16181] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 269.249047][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout [ 270.411569][T16223] IPv6: Can't replace route, no match found [ 270.691786][T16237] program syz.0.3348 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 270.897172][T16248] netlink: 'syz.2.3355': attribute type 21 has an invalid length. [ 270.905303][T16248] netlink: 'syz.2.3355': attribute type 1 has an invalid length. [ 270.916839][T16248] netlink: 16050 bytes leftover after parsing attributes in process `syz.2.3355'. [ 271.077291][ T5877] usb 4-1: new full-speed USB device number 20 using dummy_hcd [ 271.228406][ T5877] usb 4-1: config 64 has an invalid interface number: 28 but max is 0 [ 271.244279][ T5877] usb 4-1: config 64 has no interface number 0 [ 271.254732][ T5877] usb 4-1: config 64 interface 28 has no altsetting 0 [ 271.269750][ T5877] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0062, bcdDevice=25.e8 [ 271.288878][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.297183][ T5877] usb 4-1: Product: syz [ 271.301365][ T5877] usb 4-1: Manufacturer: syz [ 271.306158][ T5877] usb 4-1: SerialNumber: syz [ 271.336728][ T58] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 271.506808][ T58] usb 1-1: Using ep0 maxpacket: 8 [ 271.531432][ T58] usb 1-1: config 0 has no interfaces? [ 271.544895][ T58] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 271.557067][ T58] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.565192][ T58] usb 1-1: Product: syz [ 271.574535][ T58] usb 1-1: Manufacturer: syz [ 271.580276][ T58] usb 1-1: SerialNumber: syz [ 271.595964][ T58] usb 1-1: config 0 descriptor?? [ 271.666907][ T5904] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 271.821157][ T5875] usb 1-1: USB disconnect, device number 22 [ 271.836855][ T5904] usb 6-1: Using ep0 maxpacket: 32 [ 271.846195][ T5904] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 271.860523][ T5904] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 271.880583][ T5904] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 271.896435][ T5904] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.908114][ T5904] usb 6-1: config 0 descriptor?? [ 271.926364][ T5877] dvb-usb: found a 'Terratec Cinergy T Express' in warm state. [ 271.948958][ T5877] dvb-usb: will use the device's hardware PID filter (table count: 32). [ 271.966011][ T5877] dvbdev: DVB: registering new adapter (Terratec Cinergy T Express) [ 271.976053][ T5877] usb 4-1: media controller created [ 271.983417][ T5877] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 272.033018][ T5877] DVB: Unable to find symbol dib7000p_attach() [ 272.039762][ T5877] dvb-usb: no frontend was attached by 'Terratec Cinergy T Express' [ 272.110357][ T5877] rc_core: IR keymap rc-dib0700-rc5 not found [ 272.116495][ T5877] Registered IR keymap rc-empty [ 272.129272][ T5877] dvb-usb: could not initialize remote control. [ 272.133318][ T5874] usb 6-1: USB disconnect, device number 6 [ 272.135627][ T5877] dvb-usb: Terratec Cinergy T Express successfully initialized and connected. [ 272.161561][ T5877] usb 4-1: USB disconnect, device number 20 [ 272.203151][ T5877] dvb-usb: Terratec Cinergy T Express successfully deinitialized and disconnected. [ 273.067004][ T5874] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 273.248710][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 273.260552][ T5874] usb 4-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00 [ 273.269972][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.290116][ T5874] usb 4-1: config 0 descriptor?? [ 273.324616][T16349] program syz.0.3398 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 273.644912][T16364] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3407'. [ 273.656925][T16362] overlayfs: failed to clone lowerpath [ 273.718611][ T5874] wacom 0003:056A:0336.0013: unknown main item tag 0x0 [ 273.725586][ T5874] wacom 0003:056A:0336.0013: unknown main item tag 0x0 [ 273.736781][T16367] loop5: detected capacity change from 0 to 7 [ 273.743320][T16367] buffer_io_error: 7 callbacks suppressed [ 273.743336][T16367] Buffer I/O error on dev loop5, logical block 0, async page read [ 273.774032][ T5874] wacom 0003:056A:0336.0013: hidraw0: USB HID v0.00 Device [HID 056a:0336] on usb-dummy_hcd.3-1/input0 [ 273.785934][T16367] Buffer I/O error on dev loop5, logical block 0, async page read [ 273.795793][T16367] Buffer I/O error on dev loop5, logical block 0, async page read [ 273.804236][T16367] Buffer I/O error on dev loop5, logical block 0, async page read [ 273.817303][T16367] Buffer I/O error on dev loop5, logical block 0, async page read [ 273.826330][T16367] Buffer I/O error on dev loop5, logical block 0, async page read [ 273.866884][T16367] Buffer I/O error on dev loop5, logical block 0, async page read [ 273.874893][T16367] ldm_validate_partition_table(): Disk read failed. [ 273.882297][T16367] Buffer I/O error on dev loop5, logical block 0, async page read [ 273.916929][T16367] Buffer I/O error on dev loop5, logical block 0, async page read [ 273.944984][T16367] Buffer I/O error on dev loop5, logical block 0, async page read [ 273.945729][ T5877] usb 4-1: USB disconnect, device number 21 [ 273.966969][T16367] Dev loop5: unable to read RDB block 0 [ 273.972876][T16367] loop5: unable to read partition table [ 273.991756][T16367] loop5: partition table beyond EOD, truncated [ 274.017735][T16367] loop_reread_partitions: partition scan of loop5 (被xڬdƤݡ [ 274.017735][T16367] ) failed (rc=-5) [ 274.267926][T16393] netlink: 'syz.1.3419': attribute type 11 has an invalid length. [ 274.286854][T16393] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3419'. [ 274.518802][ T5877] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 274.707762][ T5877] usb 6-1: Using ep0 maxpacket: 16 [ 274.714983][ T5877] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 274.725629][ T5877] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 274.746779][ T5877] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 274.756489][ T5877] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 274.776691][ T5877] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 274.790634][ T5877] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 274.799837][ T5877] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 274.816674][ T5877] usb 6-1: Manufacturer: syz [ 274.817121][ T51] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 274.830459][ T5877] usb 6-1: config 0 descriptor?? [ 274.976961][ T51] usb 3-1: Using ep0 maxpacket: 16 [ 274.988989][ T51] usb 3-1: config 0 has an invalid interface number: 41 but max is 0 [ 275.003302][ T51] usb 3-1: config 0 has no interface number 0 [ 275.021225][ T51] usb 3-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 275.035047][ T51] usb 3-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 275.052827][ T51] usb 3-1: config 0 interface 41 has no altsetting 0 [ 275.073193][ T51] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 275.090024][ T51] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.117617][ T51] usb 3-1: Product: syz [ 275.122607][ T51] usb 3-1: Manufacturer: syz [ 275.128072][ T51] usb 3-1: SerialNumber: syz [ 275.134856][ T51] usb 3-1: config 0 descriptor?? [ 275.141039][T16406] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 275.146794][ T5877] rc_core: IR keymap rc-hauppauge not found [ 275.148507][T16406] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 275.154050][ T5877] Registered IR keymap rc-empty [ 275.174342][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.198280][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.237273][ T5877] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 275.267686][ T5877] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input34 [ 275.289747][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.289774][T16426] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 275.303527][T16426] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 275.328428][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.346841][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.376820][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.377290][T16406] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 275.411957][T16406] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 275.417038][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.456824][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.482903][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.506769][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.531301][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.556724][ T5877] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 275.577459][ T5877] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 275.587319][ T5877] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 275.601891][ T5877] usb 6-1: USB disconnect, device number 7 [ 275.852071][ T51] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -71 [ 275.871474][ T51] usb 3-1: USB disconnect, device number 26 [ 277.317819][T16498] veth1_macvtap: left promiscuous mode [ 277.664298][T16519] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3476'. [ 278.000729][T16530] 9pnet_fd: Insufficient options for proto=fd [ 278.097645][T16534] netlink: 'syz.3.3483': attribute type 2 has an invalid length. [ 278.125867][T16534] netlink: 212912 bytes leftover after parsing attributes in process `syz.3.3483'. [ 278.744412][T16563] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3496'. [ 279.208352][T16582] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 279.338189][ T5874] kernel write not supported for file /amidi2 (pid: 5874 comm: kworker/1:4) [ 279.397168][T16592] kAFS: unable to lookup cell '(,/M' [ 279.776994][T16614] tap0: tun_chr_ioctl cmd 1074025681 [ 280.047436][ C1] Illegal XDP return value 16128 on prog (id 259) dev veth0_to_bond, expect packet loss! [ 281.236821][ T58] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 281.409236][ T58] usb 6-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 281.443768][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 281.486870][ T58] usb 6-1: config 0 descriptor?? [ 281.500584][ T58] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 281.914532][ T58] cpia1 6-1:0.0: unexpected state after lo power cmd: 00 [ 282.022262][T16711] netlink: 'syz.2.3564': attribute type 1 has an invalid length. [ 282.030361][T16711] netlink: 'syz.2.3564': attribute type 4 has an invalid length. [ 282.039687][T16711] netlink: 188 bytes leftover after parsing attributes in process `syz.2.3564'. [ 282.049234][T16711] NCSI netlink: No device for ifindex 458760 [ 282.248852][T16717] 9pnet_fd: Insufficient options for proto=fd [ 282.316502][ T58] gspca_cpia1: usb_control_msg 02, error -71 [ 282.333013][ T58] gspca_cpia1: usb_control_msg 05, error -71 [ 282.356783][ T58] cpia1 6-1:0.0: unexpected systemstate: 00 [ 282.364284][T16725] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 282.366969][ T58] usb 6-1: USB disconnect, device number 8 [ 282.562182][ T29] kauditd_printk_skb: 68 callbacks suppressed [ 282.562200][ T29] audit: type=1326 audit(1740198691.958:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16736 comm="syz.1.3577" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f018c58d169 code=0x0 [ 282.589607][ C1] vkms_vblank_simulate: vblank timer overrun [ 282.657023][ T5877] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 282.808124][ T5877] usb 1-1: config 0 has an invalid interface number: 158 but max is 0 [ 282.816527][ T5877] usb 1-1: config 0 has no interface number 0 [ 282.822794][ T5877] usb 1-1: config 0 interface 158 altsetting 0 endpoint 0xE has invalid maxpacket 1023, setting to 64 [ 282.835395][ T5877] usb 1-1: New USB device found, idVendor=040b, idProduct=6521, bcdDevice=b3.9f [ 282.844953][ T5877] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 282.862840][ T5877] usb 1-1: Product: syz [ 282.867203][ T5877] usb 1-1: Manufacturer: syz [ 282.871898][ T5877] usb 1-1: SerialNumber: syz [ 282.879220][ T5877] usb 1-1: config 0 descriptor?? [ 282.887378][ T5877] xbox_remote_probe: Unexpected desc.bNumEndpoints: 2 [ 282.964218][T16752] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3583'. [ 283.045688][T16754] netlink: 'syz.5.3584': attribute type 12 has an invalid length. [ 283.055416][T16754] netlink: 'syz.5.3584': attribute type 29 has an invalid length. [ 283.063408][T16754] netlink: 'syz.5.3584': attribute type 2 has an invalid length. [ 283.071437][T16754] netlink: 260 bytes leftover after parsing attributes in process `syz.5.3584'. [ 283.090663][ T5877] usb 1-1: USB disconnect, device number 23 [ 284.058572][T16792] netlink: 840 bytes leftover after parsing attributes in process `syz.1.3600'. [ 284.210914][T16802] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3607'. [ 284.257122][T16802] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3607'. [ 285.089171][T16844] syz.5.3627 uses obsolete (PF_INET,SOCK_PACKET) [ 285.357832][ T51] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 285.527906][ T51] usb 6-1: Using ep0 maxpacket: 16 [ 285.544491][ T51] usb 6-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 285.554093][ T51] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.576720][ T51] usb 6-1: Product: syz [ 285.580948][ T51] usb 6-1: Manufacturer: syz [ 285.605971][ T51] usb 6-1: SerialNumber: syz [ 285.635317][ T51] usb 6-1: config 0 descriptor?? [ 285.655816][ T51] ums-onetouch 6-1:0.0: USB Mass Storage device detected [ 285.873257][ T51] usb 6-1: USB disconnect, device number 9 [ 286.667560][T16906] team0: No ports can be present during mode change [ 286.667708][ T5877] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 286.847196][ T5877] usb 3-1: Using ep0 maxpacket: 16 [ 286.859355][ T5877] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 286.889983][ T5877] usb 3-1: config 0 interface 0 has no altsetting 0 [ 286.904467][ T5877] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 286.922123][ T5877] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.941469][ T5877] usb 3-1: config 0 descriptor?? [ 287.147337][T16925] ALSA: mixer_oss: invalid OSS volume 'DIGTAL1' [ 287.391333][ T5877] nzxt-smart2 0003:1E71:2009.0014: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0 [ 287.812334][ T51] usb 3-1: USB disconnect, device number 27 [ 288.162940][T16970] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 288.178470][ T29] audit: type=1326 audit(1740198697.578:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16971 comm="syz.3.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 288.212046][ T29] audit: type=1326 audit(1740198697.578:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16971 comm="syz.3.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 288.256729][ T29] audit: type=1326 audit(1740198697.608:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16971 comm="syz.3.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 288.280347][ T29] audit: type=1326 audit(1740198697.608:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16971 comm="syz.3.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 288.315402][ T29] audit: type=1326 audit(1740198697.608:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16971 comm="syz.3.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 288.337008][ C1] vkms_vblank_simulate: vblank timer overrun [ 288.373731][T16978] sctp: [Deprecated]: syz.3.3689 (pid 16978) Use of struct sctp_assoc_value in delayed_ack socket option. [ 288.373731][T16978] Use struct sctp_sack_info instead [ 288.413422][ T29] audit: type=1326 audit(1740198697.608:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16971 comm="syz.3.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 288.443007][ T29] audit: type=1326 audit(1740198697.608:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16971 comm="syz.3.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 288.485839][ T29] audit: type=1326 audit(1740198697.608:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16971 comm="syz.3.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 288.507507][ C1] vkms_vblank_simulate: vblank timer overrun [ 288.515575][ T29] audit: type=1326 audit(1740198697.628:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16971 comm="syz.3.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 288.523120][T16982] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3690'. [ 288.537114][ C1] vkms_vblank_simulate: vblank timer overrun [ 288.539318][ T29] audit: type=1326 audit(1740198697.628:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16971 comm="syz.3.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f581838d169 code=0x7ffc0000 [ 288.573965][ C1] vkms_vblank_simulate: vblank timer overrun [ 288.737498][T16993] netlink: 280 bytes leftover after parsing attributes in process `syz.3.3695'. [ 288.993730][ C0] hrtimer: interrupt took 19554 ns [ 289.700365][T17043] netlink: 'syz.3.3718': attribute type 10 has an invalid length. [ 289.735732][T17043] netlink: 1172 bytes leftover after parsing attributes in process `syz.3.3718'. [ 289.800382][T17045] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3720'. [ 290.141344][T17065] netlink: 1256 bytes leftover after parsing attributes in process `syz.3.3731'. [ 290.362513][T17076] input: syz1 as /devices/virtual/input/input36 [ 290.936767][ T8] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 291.007372][ T5877] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 291.096663][ T8] usb 6-1: Using ep0 maxpacket: 8 [ 291.119708][ T8] usb 6-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 291.139375][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.174721][ T8] usb 6-1: Product: syz [ 291.186927][ T8] usb 6-1: Manufacturer: syz [ 291.191590][ T8] usb 6-1: SerialNumber: syz [ 291.202556][ T8] usb 6-1: config 0 descriptor?? [ 291.207967][ T5877] usb 3-1: Using ep0 maxpacket: 16 [ 291.216389][ T8] option 6-1:0.0: GSM modem (1-port) converter detected [ 291.231585][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 291.248014][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 291.266788][ T5877] usb 3-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00 [ 291.276270][ T5877] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.300051][ T5877] usb 3-1: config 0 descriptor?? [ 291.443980][ T8] usb 6-1: USB disconnect, device number 10 [ 291.455976][ T8] option 6-1:0.0: device disconnected [ 291.547004][ T51] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 291.701824][T17141] pimreg: entered allmulticast mode [ 291.708521][ T51] usb 4-1: Using ep0 maxpacket: 32 [ 291.724759][ T51] usb 4-1: config 0 interface 0 has no altsetting 0 [ 291.733030][ T5877] playstation 0003:054C:05C4.0015: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.2-1/input0 [ 291.754019][ T51] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 291.781691][ T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.790374][ T51] usb 4-1: Product: syz [ 291.794573][ T51] usb 4-1: Manufacturer: syz [ 291.807760][ T51] usb 4-1: SerialNumber: syz [ 291.824062][ T51] usb 4-1: config 0 descriptor?? [ 291.922306][ T5877] playstation 0003:054C:05C4.0015: Failed to retrieve feature with reportID 18: -32 [ 291.949817][ T5877] playstation 0003:054C:05C4.0015: Failed to retrieve DualShock4 pairing info: -32 [ 291.966700][ T5877] playstation 0003:054C:05C4.0015: Failed to get MAC address from DualShock4 [ 291.993087][ T5877] playstation 0003:054C:05C4.0015: Failed to create dualshock4. [ 292.020379][ T5877] playstation 0003:054C:05C4.0015: probe with driver playstation failed with error -32 [ 292.051232][ T5877] usb 3-1: USB disconnect, device number 28 [ 292.244625][ T51] gs_usb 4-1:0.0: Configuring for 1 interfaces [ 292.670349][ T51] usb 4-1: USB disconnect, device number 22 [ 292.679322][T17170] bond0: entered promiscuous mode [ 292.685918][T17170] bond_slave_0: entered promiscuous mode [ 292.692854][T17170] bond_slave_1: entered promiscuous mode [ 292.700583][T17170] batadv0: entered promiscuous mode [ 292.709761][T17170] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 294.072670][T17237] vxlan1: entered promiscuous mode [ 294.086722][T17237] vxlan1: entered allmulticast mode [ 294.458413][T17255] netlink: 'syz.0.3819': attribute type 1 has an invalid length. [ 294.927020][T17273] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3829'. [ 295.638649][T17298] netlink: 'syz.1.3840': attribute type 6 has an invalid length. [ 296.737044][ T5874] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 296.896803][ T5874] usb 1-1: Using ep0 maxpacket: 32 [ 296.908451][ T5874] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 296.924856][ T5874] usb 1-1: config 0 has no interface number 0 [ 296.948827][ T5874] usb 1-1: config 0 interface 2 has no altsetting 0 [ 296.967690][ T5874] usb 1-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f [ 296.986724][ T5874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 296.996288][ T5874] usb 1-1: Product: syz [ 297.010400][ T5874] usb 1-1: Manufacturer: syz [ 297.015052][ T5874] usb 1-1: SerialNumber: syz [ 297.026119][ T5874] usb 1-1: config 0 descriptor?? [ 297.229198][T17367] netlink: 216 bytes leftover after parsing attributes in process `syz.5.3872'. [ 297.244837][ T5874] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 297.249615][T17367] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3872'. [ 297.294713][ T5874] usb 1-1: USB disconnect, device number 24 [ 297.351925][T17373] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3875'. [ 297.506943][ T51] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 297.676998][ T51] usb 3-1: Using ep0 maxpacket: 16 [ 297.690696][ T51] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 297.706849][ T51] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.714926][ T51] usb 3-1: Product: syz [ 297.728057][ T51] usb 3-1: Manufacturer: syz [ 297.732829][ T51] usb 3-1: SerialNumber: syz [ 297.744476][ T51] usb 3-1: config 0 descriptor?? [ 297.758066][ T51] visor 3-1:0.0: Sony Clie 3.5 converter detected [ 297.994825][ T51] usb 3-1: clie_3_5_startup: get config number bad return length: 0 [ 298.022604][ T51] visor 3-1:0.0: probe with driver visor failed with error -5 [ 298.201279][ T51] usb 3-1: USB disconnect, device number 29 [ 298.584707][T17434] omfs: Invalid superblock (0) [ 298.679219][T17440] overlayfs: missing 'lowerdir' [ 298.862964][T17451] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3913'. [ 299.245895][T17463] netlink: 'syz.5.3921': attribute type 10 has an invalid length. [ 299.277118][T17463] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3921'. [ 299.296878][T17463] team0: entered promiscuous mode [ 299.301970][T17463] team_slave_0: entered promiscuous mode [ 299.338442][T17463] team_slave_1: entered promiscuous mode [ 299.348457][T17463] team0: entered allmulticast mode [ 299.358718][T17463] team_slave_0: entered allmulticast mode [ 299.364507][T17463] team_slave_1: entered allmulticast mode [ 299.381614][T17463] bridge0: port 3(team0) entered blocking state [ 299.392392][T17463] bridge0: port 3(team0) entered disabled state [ 299.405430][T17463] bridge0: port 3(team0) entered blocking state [ 299.411921][T17463] bridge0: port 3(team0) entered forwarding state [ 300.084397][T17506] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3940'. [ 300.330702][T17514] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3944'. [ 301.159775][T17559] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3965'. [ 406.306535][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 406.313559][ C0] rcu: 1-...!: (1 ticks this GP) idle=2bc4/1/0x4000000000000000 softirq=51858/51858 fqs=1 [ 406.325166][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5832/1:b..l P17562/1:b..l [ 406.334350][ C0] rcu: (detected by 0, t=10503 jiffies, g=51153, q=192 ncpus=2) [ 406.342098][ C0] Sending NMI from CPU 0 to CPUs 1: [ 406.342144][ C1] NMI backtrace for cpu 1 [ 406.342165][ C1] CPU: 1 UID: 0 PID: 3521 Comm: kworker/u8:9 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0 [ 406.342182][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 406.342194][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 406.342226][ C1] RIP: 0010:_raw_spin_lock_irqsave+0x92/0x120 [ 406.342244][ C1] Code: 00 4c 89 e3 48 c1 eb 03 42 80 3c 3b 00 74 08 4c 89 e7 e8 d1 2c 23 f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 42 80 3c 3b 00 <74> 08 4c 89 e7 e8 c4 2b 23 f6 4c 8b 64 24 20 fa 41 f7 c4 00 02 00 [ 406.342256][ C1] RSP: 0018:ffffc90000a18520 EFLAGS: 00000046 [ 406.342268][ C1] RAX: f3f3f300f1f1f1f1 RBX: 1ffff920001430a8 RCX: 0000000000017278 [ 406.342278][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff9a8b17e0 [ 406.342288][ C1] RBP: ffffc90000a185b0 R08: ffffc90000a1862f R09: 0000000000000000 [ 406.342298][ C1] R10: ffffc90000a18620 R11: fffff520001430c6 R12: ffffc90000a18540 [ 406.342308][ C1] R13: 1ffff920001430a4 R14: ffffffff9a8b17e0 R15: dffffc0000000000 [ 406.342319][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 406.342330][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 406.342340][ C1] CR2: 00005555555e9808 CR3: 000000000e938000 CR4: 00000000003526f0 [ 406.342353][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 406.342361][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 406.342370][ C1] Call Trace: [ 406.342377][ C1] [ 406.342387][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 406.342417][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 406.342458][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 406.342487][ C1] ? nmi_handle+0x2a/0x5a0 [ 406.342529][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 406.342545][ C1] ? nmi_handle+0x14f/0x5a0 [ 406.342562][ C1] ? nmi_handle+0x2a/0x5a0 [ 406.342580][ C1] ? _raw_spin_lock_irqsave+0x92/0x120 [ 406.342595][ C1] ? default_do_nmi+0x63/0x160 [ 406.342609][ C1] ? exc_nmi+0x123/0x1f0 [ 406.342621][ C1] ? end_repeat_nmi+0xf/0x53 [ 406.342647][ C1] ? _raw_spin_lock_irqsave+0x92/0x120 [ 406.342662][ C1] ? _raw_spin_lock_irqsave+0x92/0x120 [ 406.342678][ C1] ? _raw_spin_lock_irqsave+0x92/0x120 [ 406.342693][ C1] [ 406.342697][ C1] [ 406.342703][ C1] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 406.342723][ C1] debug_object_activate+0x17f/0x580 [ 406.342743][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 406.342759][ C1] ? __pfx_debug_object_activate+0x10/0x10 [ 406.342775][ C1] ? advance_sched+0xa02/0xca0 [ 406.342794][ C1] ? _raw_spin_lock_irq+0xdf/0x120 [ 406.342808][ C1] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 406.342825][ C1] enqueue_hrtimer+0x30/0x3c0 [ 406.342841][ C1] __hrtimer_run_queues+0x6cb/0xd30 [ 406.342855][ C1] ? ktime_get_update_offsets_now+0x2d/0x3b0 [ 406.342881][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 406.342895][ C1] ? read_tsc+0x9/0x20 [ 406.342909][ C1] ? ktime_get_update_offsets_now+0x38e/0x3b0 [ 406.342929][ C1] hrtimer_interrupt+0x403/0xa40 [ 406.342954][ C1] __sysvec_apic_timer_interrupt+0x110/0x420 [ 406.342975][ C1] sysvec_apic_timer_interrupt+0x52/0xc0 [ 406.342991][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 406.343015][ C1] RIP: 0010:pie_calculate_probability+0x5ce/0x820 [ 406.343033][ C1] Code: 00 0f b6 5d 00 31 ff 89 de e8 7e 05 c7 f7 85 db 74 07 e8 75 02 c7 f7 eb 24 e8 6e 02 c7 f7 4c 89 e0 48 c1 e8 03 42 80 3c 30 00 <74> 08 4c 89 e7 e8 28 b6 2b f8 48 8b 44 24 20 49 89 04 24 48 83 c4 [ 406.343044][ C1] RSP: 0018:ffffc90000a18a80 EFLAGS: 00000246 [ 406.343055][ C1] RAX: 1ffff11008d9e339 RBX: 0000000000000000 RCX: ffff888032dc0000 [ 406.343065][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 406.343074][ C1] RBP: ffff88802a33f31a R08: ffffffff89fab7b2 R09: fffff52000143154 [ 406.343084][ C1] R10: dffffc0000000000 R11: fffff52000143154 R12: ffff888046cf19c8 [ 406.343094][ C1] R13: 0000000000000000 R14: dffffc0000000000 R15: ffff888046cf19f8 [ 406.343107][ C1] ? pie_calculate_probability+0x5b2/0x820 [ 406.343135][ C1] fq_pie_timer+0x26d/0x590 [ 406.343152][ C1] ? fq_pie_timer+0x4d/0x590 [ 406.343173][ C1] call_timer_fn+0x187/0x650 [ 406.343192][ C1] ? call_timer_fn+0xc0/0x650 [ 406.343208][ C1] ? __pfx_fq_pie_timer+0x10/0x10 [ 406.343225][ C1] ? __pfx_call_timer_fn+0x10/0x10 [ 406.343244][ C1] ? __pfx_fq_pie_timer+0x10/0x10 [ 406.343262][ C1] ? __pfx_fq_pie_timer+0x10/0x10 [ 406.343279][ C1] ? __pfx_fq_pie_timer+0x10/0x10 [ 406.343295][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 406.343309][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 406.343324][ C1] ? __pfx_fq_pie_timer+0x10/0x10 [ 406.343342][ C1] __run_timer_base+0x66a/0x8e0 [ 406.343364][ C1] ? __pfx___run_timer_base+0x10/0x10 [ 406.343384][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 406.343401][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 406.343420][ C1] run_timer_softirq+0xb7/0x170 [ 406.343437][ C1] handle_softirqs+0x2d4/0x9b0 [ 406.343457][ C1] ? __irq_exit_rcu+0xf7/0x220 [ 406.343473][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 406.343489][ C1] ? irqtime_account_irq+0xd1/0x1d0 [ 406.343509][ C1] __irq_exit_rcu+0xf7/0x220 [ 406.343523][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 406.343541][ C1] irq_exit_rcu+0x9/0x30 [ 406.343554][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 406.343570][ C1] [ 406.343575][ C1] [ 406.343580][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 406.343598][ C1] RIP: 0010:deref_stack_reg+0x18f/0x210 [ 406.343616][ C1] Code: 31 c0 4c 39 e1 76 33 4c 39 f9 77 2e 4c 89 c7 48 89 d3 e8 f4 07 00 00 49 89 c6 48 8b 6c 24 18 48 89 e8 48 c1 e8 03 80 3c 18 00 <74> 08 48 89 ef e8 17 32 b9 00 4c 89 75 00 b0 01 48 83 c4 20 5b 41 [ 406.343627][ C1] RSP: 0018:ffffc9000ce87438 EFLAGS: 00000246 [ 406.343638][ C1] RAX: 1ffff920019d0eb4 RBX: dffffc0000000000 RCX: 0000000000000000 [ 406.343648][ C1] RDX: dffffc0000000000 RSI: ffffc9000ce80000 RDI: ffffc9000ce87988 [ 406.343658][ C1] RBP: ffffc9000ce875a0 R08: ffffc9000ce87988 R09: 0000000000000000 [ 406.343668][ C1] R10: ffffc9000ce875b0 R11: fffff520019d0eb8 R12: 1ffff920019d0ead [ 406.343678][ C1] R13: 1ffff920019d0eae R14: ffff888059cfeec0 R15: ffffc9000ce88000 [ 406.343697][ C1] ? deref_stack_reg+0x17c/0x210 [ 406.343715][ C1] ? skb_release_data+0x6a0/0x8a0 [ 406.343735][ C1] unwind_next_frame+0x1799/0x22d0 [ 406.343758][ C1] ? kfree+0x196/0x430 [ 406.343779][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 406.343796][ C1] arch_stack_walk+0x11c/0x150 [ 406.343817][ C1] ? skb_release_data+0x6a0/0x8a0 [ 406.343838][ C1] stack_trace_save+0x118/0x1d0 [ 406.343854][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 406.343872][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 406.343892][ C1] kasan_save_track+0x3f/0x80 [ 406.343909][ C1] ? kasan_save_track+0x3f/0x80 [ 406.343925][ C1] ? kasan_save_free_info+0x40/0x50 [ 406.343938][ C1] ? __kasan_slab_free+0x59/0x70 [ 406.343954][ C1] ? kfree+0x196/0x430 [ 406.343999][ C1] kasan_save_free_info+0x40/0x50 [ 406.344014][ C1] __kasan_slab_free+0x59/0x70 [ 406.344031][ C1] ? skb_release_data+0x6a0/0x8a0 [ 406.344049][ C1] kfree+0x196/0x430 [ 406.344066][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 406.344079][ C1] ? skb_release_data+0x6a0/0x8a0 [ 406.344099][ C1] skb_release_data+0x6a0/0x8a0 [ 406.344123][ C1] consume_skb+0x9f/0xf0 [ 406.344141][ C1] nsim_dev_trap_report_work+0x7cc/0xb50 [ 406.344167][ C1] ? process_scheduled_works+0x9c6/0x18e0 [ 406.344183][ C1] process_scheduled_works+0xabe/0x18e0 [ 406.344212][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 406.344232][ C1] ? assign_work+0x364/0x3d0 [ 406.344250][ C1] worker_thread+0x870/0xd30 [ 406.344270][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 406.344287][ C1] ? __kthread_parkme+0x169/0x1d0 [ 406.344305][ C1] ? __pfx_worker_thread+0x10/0x10 [ 406.344321][ C1] kthread+0x7a9/0x920 [ 406.344338][ C1] ? __pfx_kthread+0x10/0x10 [ 406.344357][ C1] ? __pfx_worker_thread+0x10/0x10 [ 406.344372][ C1] ? __pfx_kthread+0x10/0x10 [ 406.344388][ C1] ? __pfx_kthread+0x10/0x10 [ 406.344408][ C1] ? __pfx_kthread+0x10/0x10 [ 406.344425][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 406.344438][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 406.344454][ C1] ? __pfx_kthread+0x10/0x10 [ 406.344472][ C1] ret_from_fork+0x4b/0x80 [ 406.344487][ C1] ? __pfx_kthread+0x10/0x10 [ 406.344504][ C1] ret_from_fork_asm+0x1a/0x30 [ 406.344527][ C1] [ 406.345133][ C0] task:syz.5.3967 state:R running task stack:26104 pid:17562 tgid:17561 ppid:12273 task_flags:0x40054c flags:0x00004000 [ 407.187125][ C0] Call Trace: [ 407.190409][ C0] [ 407.193351][ C0] __schedule+0x18bc/0x4c40 [ 407.197980][ C0] ? __pfx___schedule+0x10/0x10 [ 407.202934][ C0] ? mark_lock+0x9a/0x360 [ 407.207294][ C0] ? preempt_schedule+0xe1/0xf0 [ 407.212160][ C0] preempt_schedule_common+0x84/0xd0 [ 407.217456][ C0] preempt_schedule+0xe1/0xf0 [ 407.222144][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 407.227540][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 407.233556][ C0] preempt_schedule_thunk+0x1a/0x30 [ 407.238791][ C0] _raw_spin_unlock+0x3e/0x50 [ 407.243477][ C0] unmap_page_range+0x3a0d/0x4510 [ 407.248556][ C0] ? validate_chain+0x11e/0x5920 [ 407.253524][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 407.258925][ C0] ? mas_next_node+0xb99/0xe00 [ 407.263718][ C0] ? mas_next_slot+0xdc6/0xea0 [ 407.268501][ C0] ? uprobe_munmap+0x183/0x460 [ 407.273282][ C0] ? unmap_single_vma+0x1bd/0x2b0 [ 407.278332][ C0] unmap_vmas+0x3cc/0x5f0 [ 407.282693][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 407.287575][ C0] ? tlb_gather_mmu_fullmm+0x160/0x210 [ 407.293066][ C0] exit_mmap+0x283/0xd40 [ 407.297346][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 407.302314][ C0] ? __pfx_exit_aio+0x10/0x10 [ 407.307024][ C0] ? uprobe_clear_state+0x271/0x290 [ 407.312241][ C0] ? mm_update_next_owner+0xa2/0x8a0 [ 407.317542][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 407.322757][ C0] __mmput+0x115/0x410 [ 407.326843][ C0] exit_mm+0x220/0x310 [ 407.330925][ C0] ? __pfx_exit_mm+0x10/0x10 [ 407.335531][ C0] ? taskstats_exit+0x326/0xa60 [ 407.340402][ C0] do_exit+0x9ad/0x28e0 [ 407.344595][ C0] ? __pfx_do_exit+0x10/0x10 [ 407.349200][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 407.354787][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 407.360968][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 407.367314][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 407.372444][ C0] do_group_exit+0x207/0x2c0 [ 407.377041][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 407.382247][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 407.387460][ C0] get_signal+0x168c/0x1720 [ 407.391987][ C0] ? __pfx_get_signal+0x10/0x10 [ 407.396948][ C0] arch_do_signal_or_restart+0x96/0x860 [ 407.404198][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 407.410378][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 407.416394][ C0] ? syscall_exit_to_user_mode+0xa3/0x340 [ 407.422132][ C0] syscall_exit_to_user_mode+0xce/0x340 [ 407.427729][ C0] do_syscall_64+0x100/0x230 [ 407.432438][ C0] ? clear_bhb_loop+0x35/0x90 [ 407.437140][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.443048][ C0] RIP: 0033:0x7f61dd78d169 [ 407.447482][ C0] RSP: 002b:00007f61de5610e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 407.455909][ C0] RAX: fffffffffffffe00 RBX: 00007f61dd9a5fa8 RCX: 00007f61dd78d169 [ 407.463889][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f61dd9a5fa8 [ 407.471864][ C0] RBP: 00007f61dd9a5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 407.479842][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61dd9a5fac [ 407.487824][ C0] R13: 0000000000000000 R14: 00007ffe1779bbc0 R15: 00007ffe1779bca8 [ 407.495820][ C0] [ 407.498863][ C0] task:syz-executor state:R running task stack:20064 pid:5832 tgid:5832 ppid:5816 task_flags:0x400140 flags:0x00004000 [ 407.512362][ C0] Call Trace: [ 407.515644][ C0] [ 407.518586][ C0] __schedule+0x18bc/0x4c40 [ 407.523125][ C0] ? __pfx___schedule+0x10/0x10 [ 407.527988][ C0] ? mark_lock+0x9a/0x360 [ 407.532343][ C0] ? preempt_schedule+0xe1/0xf0 [ 407.537201][ C0] preempt_schedule_common+0x84/0xd0 [ 407.542501][ C0] preempt_schedule+0xe1/0xf0 [ 407.547189][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 407.552566][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 407.558476][ C0] ? __page_table_check_ptes_set+0x30f/0x410 [ 407.564476][ C0] ? copy_pmd_range+0x6d81/0x77b0 [ 407.569512][ C0] preempt_schedule_thunk+0x1a/0x30 [ 407.574729][ C0] _raw_spin_unlock+0x3e/0x50 [ 407.579419][ C0] copy_pmd_range+0x6ddc/0x77b0 [ 407.584300][ C0] ? is_bpf_text_address+0x26/0x2a0 [ 407.589521][ C0] ? mas_destroy+0x1979/0x1fc0 [ 407.594299][ C0] ? __pfx_copy_pmd_range+0x10/0x10 [ 407.599514][ C0] ? look_up_lock_class+0x77/0x170 [ 407.604640][ C0] ? register_lock_class+0x102/0x980 [ 407.609944][ C0] ? __pfx_mas_destroy+0x10/0x10 [ 407.614917][ C0] ? mark_lock+0x9a/0x360 [ 407.619284][ C0] ? __lock_acquire+0x1397/0x2100 [ 407.624363][ C0] copy_page_range+0x99f/0xe90 [ 407.629167][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 407.634473][ C0] ? __pfx_up_write+0x10/0x10 [ 407.639190][ C0] ? __asan_memset+0x23/0x50 [ 407.643800][ C0] ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10 [ 407.650597][ C0] ? vma_interval_tree_insert_after+0x259/0x2b0 [ 407.656864][ C0] copy_mm+0x1269/0x2160 [ 407.661173][ C0] ? __pfx_copy_mm+0x10/0x10 [ 407.665790][ C0] ? __init_rwsem+0x122/0x160 [ 407.670488][ C0] ? copy_signal+0x51c/0x640 [ 407.675094][ C0] copy_process+0x17d1/0x3cf0 [ 407.679802][ C0] ? copy_process+0x9fa/0x3cf0 [ 407.684605][ C0] ? __pfx_copy_process+0x10/0x10 [ 407.689655][ C0] kernel_clone+0x223/0x870 [ 407.694170][ C0] ? reacquire_held_locks+0x3eb/0x690 [ 407.699558][ C0] ? vma_end_read+0x18/0x170 [ 407.704159][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 407.709205][ C0] ? __pfx_reacquire_held_locks+0x10/0x10 [ 407.714942][ C0] __x64_sys_clone+0x267/0x2e0 [ 407.719739][ C0] ? __pfx___x64_sys_clone+0x10/0x10 [ 407.725057][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 407.731399][ C0] ? exc_page_fault+0x590/0x8b0 [ 407.736265][ C0] ? do_syscall_64+0xb6/0x230 [ 407.740969][ C0] do_syscall_64+0xf3/0x230 [ 407.745499][ C0] ? clear_bhb_loop+0x35/0x90 [ 407.750200][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.756141][ C0] RIP: 0033:0x7f018c5839d3 [ 407.760584][ C0] RSP: 002b:00007fffd8b1bcc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 407.769011][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f018c5839d3 [ 407.776992][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 407.784973][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 407.792951][ C0] R10: 000055557b6777d0 R11: 0000000000000246 R12: 0000000000000000 [ 407.800960][ C0] R13: 00000000000927c0 R14: 0000000000049872 R15: 00007fffd8b1be60 [ 407.808968][ C0] [ 407.811998][ C0] rcu: rcu_preempt kthread starved for 10501 jiffies! g51153 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 407.823203][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 407.833179][ C0] rcu: RCU grace-period kthread stack dump: [ 407.839072][ C0] task:rcu_preempt state:R running task stack:25624 pid:17 tgid:17 ppid:2 task_flags:0x208040 flags:0x00004000 [ 407.852580][ C0] Call Trace: [ 407.855864][ C0] [ 407.858810][ C0] __schedule+0x18bc/0x4c40 [ 407.863327][ C0] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 407.869247][ C0] ? __pfx___schedule+0x10/0x10 [ 407.874115][ C0] ? __pfx_lock_release+0x10/0x10 [ 407.879162][ C0] ? __pfx___mod_timer+0x10/0x10 [ 407.884117][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 407.890471][ C0] ? schedule+0x90/0x320 [ 407.894723][ C0] schedule+0x14b/0x320 [ 407.898985][ C0] schedule_timeout+0x15a/0x290 [ 407.903845][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 407.909225][ C0] ? __pfx_process_timeout+0x10/0x10 [ 407.914528][ C0] ? prepare_to_swait_event+0x330/0x350 [ 407.920093][ C0] rcu_gp_fqs_loop+0x2df/0x1330 [ 407.924959][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 407.930181][ C0] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 407.936092][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 407.941389][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 407.947300][ C0] ? finish_swait+0xd4/0x1e0 [ 407.951906][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 407.957122][ C0] rcu_gp_kthread+0xa7/0x3b0 [ 407.961730][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 407.966940][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 407.972853][ C0] ? __kthread_parkme+0x169/0x1d0 [ 407.977894][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 407.983112][ C0] kthread+0x7a9/0x920 [ 407.987192][ C0] ? __pfx_kthread+0x10/0x10 [ 407.991806][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 407.997043][ C0] ? __pfx_kthread+0x10/0x10 [ 408.001655][ C0] ? __pfx_kthread+0x10/0x10 [ 408.006268][ C0] ? __pfx_kthread+0x10/0x10 [ 408.010892][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 408.016113][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 408.021328][ C0] ? __pfx_kthread+0x10/0x10 [ 408.025950][ C0] ret_from_fork+0x4b/0x80 [ 408.030383][ C0] ? __pfx_kthread+0x10/0x10 [ 408.035251][ C0] ret_from_fork_asm+0x1a/0x30 [ 408.040068][ C0] [ 408.043099][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 408.049427][ C0] CPU: 0 UID: 0 PID: 5820 Comm: syz-executor Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0 [ 408.060285][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 408.070359][ C0] RIP: 0010:smp_call_function_many_cond+0x1bb6/0x2d30 [ 408.077152][ C0] Code: 30 f5 0b 00 41 83 e4 01 4c 8b 64 24 68 75 07 e8 e0 f0 0b 00 eb 41 f3 90 48 b8 00 00 00 00 00 fc ff df 0f b6 04 03 84 c0 75 11 <41> f7 45 00 01 00 00 00 74 1e e8 bb f0 0b 00 eb db 44 89 e9 80 e1 [ 408.096793][ C0] RSP: 0018:ffffc90003edf500 EFLAGS: 00000246 [ 408.102880][ C0] RAX: 0000000000000000 RBX: 1ffff110170e88c9 RCX: ffff8880304abc00 [ 408.110863][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 408.118842][ C0] RBP: ffffc90003edf700 R08: ffffffff81b5c940 R09: 1ffffffff28a230e [ 408.126819][ C0] R10: dffffc0000000000 R11: fffffbfff28a230f R12: ffff8880b863f9c8 [ 408.134802][ C0] R13: ffff8880b8744648 R14: ffff8880b863f9c0 R15: 0000000000000001 [ 408.142782][ C0] FS: 00005555721ff500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 408.151743][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 408.158335][ C0] CR2: 000000110c3f12a5 CR3: 000000003083c000 CR4: 00000000003526f0 [ 408.166313][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 408.174292][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 408.182274][ C0] Call Trace: [ 408.185558][ C0] [ 408.188423][ C0] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 408.194776][ C0] ? print_other_cpu_stall+0x1481/0x15c0 [ 408.200446][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 408.206265][ C0] ? cgroup_rstat_updated+0x13b/0xc30 [ 408.211661][ C0] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 408.217913][ C0] ? rcu_sched_clock_irq+0xa26/0x10e0 [ 408.223316][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 408.228973][ C0] ? update_process_times+0x242/0x2f0 [ 408.234380][ C0] ? tick_nohz_handler+0x37c/0x500 [ 408.239515][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 408.245072][ C0] ? __hrtimer_run_queues+0x551/0xd30 [ 408.250469][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 408.256218][ C0] ? sched_clock+0x4a/0x70 [ 408.260661][ C0] ? read_tsc+0x9/0x20 [ 408.264750][ C0] ? ktime_get_update_offsets_now+0x38e/0x3b0 [ 408.270854][ C0] ? hrtimer_interrupt+0x403/0xa40 [ 408.276005][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 408.282178][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 408.288000][ C0] [ 408.290938][ C0] [ 408.293877][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 408.300053][ C0] ? smp_call_function_many_cond+0x1b90/0x2d30 [ 408.306221][ C0] ? smp_call_function_many_cond+0x1bb6/0x2d30 [ 408.312399][ C0] ? __mutex_unlock_slowpath+0x227/0x800 [ 408.318082][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 408.324434][ C0] ? __pfx_lock_release+0x10/0x10 [ 408.329488][ C0] ? rcu_is_watching+0x15/0xb0 [ 408.334262][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 408.339483][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 408.344691][ C0] flush_tlb_mm_range+0x42d/0x710 [ 408.349736][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 408.355310][ C0] copy_mm+0x18af/0x2160 [ 408.359590][ C0] ? __pfx_copy_mm+0x10/0x10 [ 408.364201][ C0] ? __init_rwsem+0x122/0x160 [ 408.368975][ C0] ? copy_signal+0x51c/0x640 [ 408.373578][ C0] copy_process+0x17d1/0x3cf0 [ 408.378279][ C0] ? copy_process+0x9fa/0x3cf0 [ 408.383070][ C0] ? __pfx_copy_process+0x10/0x10 [ 408.388149][ C0] kernel_clone+0x223/0x870 [ 408.392662][ C0] ? reacquire_held_locks+0x3eb/0x690 [ 408.398044][ C0] ? vma_end_read+0x18/0x170 [ 408.402649][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 408.407695][ C0] ? __pfx_reacquire_held_locks+0x10/0x10 [ 408.413431][ C0] __x64_sys_clone+0x267/0x2e0 [ 408.418220][ C0] ? __pfx___x64_sys_clone+0x10/0x10 [ 408.423531][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 408.429872][ C0] ? exc_page_fault+0x590/0x8b0 [ 408.434745][ C0] ? do_syscall_64+0xb6/0x230 [ 408.439437][ C0] do_syscall_64+0xf3/0x230 [ 408.443967][ C0] ? clear_bhb_loop+0x35/0x90 [ 408.448664][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.454570][ C0] RIP: 0033:0x7fd8507839d3 [ 408.458995][ C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 408.478613][ C0] RSP: 002b:00007ffe8a6fccb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 408.487068][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd8507839d3 [ 408.495046][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 408.503021][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 408.510997][ C0] R10: 00005555721ff7d0 R11: 0000000000000246 R12: 0000000000000000 [ 408.518973][ C0] R13: 00000000000927c0 R14: 00000000000498a4 R15: 00007ffe8a6fce50 [ 408.526969][ C0]