last executing test programs: 9m48.246882815s ago: executing program 1 (id=3000): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r2, &(0x7f0000000400)={&(0x7f00000008c0)=@id={0x1e, 0x3, 0x3, {0x4e20, 0x2}}, 0x10, 0x0}, 0x20) 9m48.083398616s ago: executing program 1 (id=3004): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x112}) ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000040)={0x0, 0x0}) 9m47.893082049s ago: executing program 1 (id=3009): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x121400, 0x0) ioctl$TIOCSLCKTRMIOS(r3, 0x5433, 0x0) 9m47.813808224s ago: executing program 1 (id=3010): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0) mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x84000, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00') sendfile(r3, r3, &(0x7f0000000000)=0x2eb4, 0x2000007ff) 9m46.905424369s ago: executing program 1 (id=3023): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000080)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x12, r2, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 9m46.508279318s ago: executing program 1 (id=3027): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) 9m45.508332633s ago: executing program 32 (id=3027): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) 4m54.779655661s ago: executing program 5 (id=6905): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000200)={0x8, 0xeeee8000, 0x2, 0xffffffffffffffff, 0xf}) 4m54.495482424s ago: executing program 5 (id=6910): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x4]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000000000095000040"]) 4m54.19913234s ago: executing program 5 (id=6917): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) getdents64(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2}) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3}) ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000040)=0x1) ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000080)=0x2) 4m52.503013495s ago: executing program 5 (id=6933): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0) unshare(0x26020480) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x80000, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) 4m51.554464644s ago: executing program 5 (id=6941): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) syz_clone(0xa0801280, 0x0, 0x0, 0x0, 0x0, 0x0) 4m51.243398117s ago: executing program 5 (id=6944): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101842, 0x0) ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000140)=0x4) ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000000)=0xffff0001) close_range(r2, 0xffffffffffffffff, 0x0) 4m50.870253531s ago: executing program 33 (id=6944): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101842, 0x0) ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000140)=0x4) ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000000)=0xffff0001) close_range(r2, 0xffffffffffffffff, 0x0) 5.437284743s ago: executing program 2 (id=10269): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket(0x10, 0x803, 0x0) recvmmsg(r3, 0x0, 0x0, 0x40012160, 0x0) 5.246301257s ago: executing program 2 (id=10272): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r2) ptrace$cont(0x20, r2, 0x0, 0x0) ptrace$cont(0x20, r2, 0x1, 0x3) 5.19028409s ago: executing program 0 (id=10274): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) 5.011602941s ago: executing program 0 (id=10276): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) 4.912485872s ago: executing program 2 (id=10278): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) execve(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) 4.860447922s ago: executing program 0 (id=10279): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r3 = syz_io_uring_setup(0xd2, &(0x7f0000000880)={0x0, 0xdff9, 0x80, 0x1000}, 0x0, 0x0) io_uring_enter(r3, 0x12e3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, 0x0}], 0x1, 0x4e, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @remote}]}, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0x1e000}) syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4.600657413s ago: executing program 2 (id=10283): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) 4.427188761s ago: executing program 0 (id=10285): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = socket(0x1e, 0x1, 0x0) connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}}}, 0x10) write$binfmt_misc(r2, &(0x7f0000000340), 0x2000011a) 4.34072098s ago: executing program 2 (id=10288): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) timer_create(0x0, 0x0, 0x0) 4.03911965s ago: executing program 2 (id=10293): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x80782, 0x0) ioctl$TCXONC(r1, 0x540a, 0x2) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000000)) r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x6) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) ioctl$int_in(r2, 0x5452, &(0x7f0000001080)=0x3) write(r2, &(0x7f0000000080)='g', 0x1) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000140)={0x6, 0x3, 0x6, 0x7fff, 0x1a, "ee1dd756f560f25a63b2f119c3439425ea59d8"}) 3.608705325s ago: executing program 3 (id=10300): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400"], 0x64}}, 0x0) 3.369962573s ago: executing program 3 (id=10305): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0xfcee) r3 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r3, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) 3.087377074s ago: executing program 3 (id=10307): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) connect$inet6(0xffffffffffffffff, 0x0, 0x0) 2.900112113s ago: executing program 3 (id=10310): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="020d000014000000000000000000000005000500000000000a00000000000000f65e0190536134fc010000000000000000000000000000000000000000000005000500000000000a000000000000000000000000000000000000000000000000000000000000000800120002000200ff"], 0xa0}}, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff00092406050602010000092403000303000549"], 0x0) setsockopt$inet6_opts(r2, 0x29, 0x40, &(0x7f00000001c0)=ANY=[@ANYBLOB="000a000000000fd60730000000000a0000000000000000000000000000000000000000000000000000000d00000000000000000000ef60fc4bd8ecc4e3200000000006004dee00000000000032acaace3269d47147"], 0xd0060) 2.836978693s ago: executing program 0 (id=10311): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x7542d000) 2.661760821s ago: executing program 6 (id=10313): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f0000000200)='m', 0x1) r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x801) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100)) r2 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65) write$snddsp(r2, &(0x7f0000000200)="a3", 0x1) ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) r3 = syz_io_uring_setup(0x1ba8, &(0x7f0000000300)={0x0, 0xa5e5, 0x2, 0x3, 0x2}, &(0x7f00000003c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd=r2, 0x0, 0x0, 0x0, {0x4c8}}) io_uring_enter(r3, 0x17ffa, 0xba1c, 0x2, 0x0, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) 2.589117141s ago: executing program 4 (id=10314): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r4, 0x0, 0xff5f) 2.39502872s ago: executing program 4 (id=10315): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000dc0)={0x15c, r4, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_PEERS={0x140, 0x8, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x1, @mcast1, 0x2}}, @WGPEER_A_FLAGS={0x8, 0x3, 0x7}]}, {0xe8, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ALLOWEDIPS={0xc0, 0x9, 0x0, 0x1, [{0x58, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x41, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}]}]}]}, {0x4}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r5}]}, 0x15c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) 2.171348214s ago: executing program 4 (id=10316): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) rt_sigsuspend(&(0x7f0000000040)={[0x1e5]}, 0x8) 1.887238181s ago: executing program 6 (id=10317): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=@newtaction={0x44, 0x32, 0xc20bc6c7745b97d7, 0x70bd29, 0x25dfdbfc, {}, [{0x30, 0x1, [@m_ipt={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x3, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x0, 0x3, 0x101}, @TCA_IPT_TARG={0x0, 0x6, {0xba15, 'security\x00', 0xdb, 0x4, "7235abc3ea74ebfe13207f3546e4fab4397e89d456e50ff5de907536ebdc"}}, @TCA_IPT_TABLE={0x0, 0x1, 'raw\x00'}, @TCA_IPT_INDEX={0x0, 0x3, 0x2}, @TCA_IPT_TABLE={0x0, 0x1, 'filter\x00'}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x6400c041}, 0x9080) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="020100030e0000002cbd70000000000005000600332000000a00000000000000fe800000000000000000000000000018000000000000000005000500000000000a00000000000000000000000000000000000000000000000000000000000000020013"], 0x70}, 0x1, 0x7}, 0x4000000) 1.645056566s ago: executing program 6 (id=10318): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x541b, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185) r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r3, 0x402, 0x8000003d) fallocate(r2, 0x0, 0x1000000, 0x3) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x2000000) 1.580388613s ago: executing program 0 (id=10319): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mprotect(&(0x7f00003fd000/0xc00000)=nil, 0xc00000, 0x6) 1.114725656s ago: executing program 4 (id=10320): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) flistxattr(0xffffffffffffffff, 0x0, 0x0) 819.871178ms ago: executing program 3 (id=10321): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000008c"]) 781.176304ms ago: executing program 4 (id=10322): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94) 534.410549ms ago: executing program 6 (id=10323): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_SETPROPERTY(r3, 0xc01064ab, &(0x7f0000000440)={0x1, 0x0, r4}) 483.497415ms ago: executing program 4 (id=10324): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) truncate(0x0, 0x8c) close(0xffffffffffffffff) chdir(0x0) syz_usb_connect(0x0, 0x2d, 0x0, 0x0) userfaultfd(0x80001) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) setrlimit(0xf, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 282.584241ms ago: executing program 3 (id=10325): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) openat$dir(0xffffffffffffff9c, 0x0, 0xea, 0x0) prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000003c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000240)={r3, 0x2, r2}) 238.50676ms ago: executing program 6 (id=10326): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(r0, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x81, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15) 0s ago: executing program 6 (id=10327): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = fsopen(&(0x7f0000000080)='devpts\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) fsmount(r2, 0x0, 0xb) fsconfig$FSCONFIG_SET_FLAG(r2, 0x0, &(0x7f0000000040)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): etlink: 36 bytes leftover after parsing attributes in process `syz.4.7709'. [ 677.903264][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 678.026173][ T30] audit: type=1326 audit(1763130215.610:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23403 comm="syz.6.7704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72aa78f6c9 code=0x7fc00000 [ 678.371249][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 679.034665][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 679.983703][ T980] IPVS: starting estimator thread 0... [ 680.046181][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 680.105970][T23453] IPVS: using max 26 ests per chain, 62400 per kthread [ 680.211474][T23457] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 680.266388][ T980] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 680.363201][T23463] netlink: 'syz.6.7725': attribute type 13 has an invalid length. [ 680.446271][ T980] usb 3-1: Using ep0 maxpacket: 8 [ 680.455689][ T980] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=95.0d [ 680.468541][ T980] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 680.477058][ T10] usb 4-1: new full-speed USB device number 18 using dummy_hcd [ 680.496781][ T980] usb 3-1: Product: syz [ 680.503117][ T980] usb 3-1: Manufacturer: syz [ 680.510613][ T980] usb 3-1: SerialNumber: syz [ 680.520387][ T980] usb 3-1: config 0 descriptor?? [ 680.648589][ T10] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 680.685222][ T10] usb 4-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 680.698420][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 680.707298][ T10] usb 4-1: Product: syz [ 680.711538][ T10] usb 4-1: Manufacturer: syz [ 680.734511][ T10] usb 4-1: SerialNumber: syz [ 680.748358][ T980] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 680.778567][ T10] usb 4-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 680.800373][ T980] dvb_usb_af9015 3-1:0.0: probe with driver dvb_usb_af9015 failed with error -22 [ 680.818243][ T980] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 680.836087][ T980] dvb_usb_af9035 3-1:0.0: probe with driver dvb_usb_af9035 failed with error -22 [ 680.857384][ T980] usb 3-1: USB disconnect, device number 23 [ 681.089522][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 681.180037][T23457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 681.204239][ T10] usb 4-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 681.206549][T23457] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 681.495660][ T44] usb 4-1: USB disconnect, device number 18 [ 682.128816][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 682.137944][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 682.148318][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 682.345810][T23489] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 682.354369][T23489] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 682.361605][T23489] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 682.373527][T23489] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 682.397989][T23489] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 682.415778][T23489] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 682.467908][T23489] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 682.847760][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 683.167992][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 683.213423][ T30] audit: type=1326 audit(1763130220.800:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23530 comm="syz.4.7755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 683.295222][ T30] audit: type=1326 audit(1763130220.830:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23530 comm="syz.4.7755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 683.425983][ T30] audit: type=1326 audit(1763130220.830:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23530 comm="syz.4.7755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 683.536356][ T30] audit: type=1326 audit(1763130220.830:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23530 comm="syz.4.7755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 683.656199][T21093] Bluetooth: hci1: command 0x0406 tx timeout [ 683.662447][ T30] audit: type=1326 audit(1763130220.830:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23530 comm="syz.4.7755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 683.690442][ T30] audit: type=1326 audit(1763130220.830:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23530 comm="syz.4.7755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 683.765979][ T30] audit: type=1326 audit(1763130220.850:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23530 comm="syz.4.7755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 683.846067][ T30] audit: type=1326 audit(1763130220.850:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23530 comm="syz.4.7755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 683.916016][ T30] audit: type=1326 audit(1763130220.850:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23530 comm="syz.4.7755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 683.956084][ T30] audit: type=1326 audit(1763130220.850:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23530 comm="syz.4.7755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 684.127636][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 684.206571][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 684.366183][T21093] Bluetooth: hci2: command 0x0406 tx timeout [ 684.372343][ T5149] Bluetooth: hci0: command 0x0c1a tx timeout [ 684.446082][T21093] Bluetooth: hci3: command 0x0c1a tx timeout [ 684.452372][ T5149] Bluetooth: hci4: command 0x0406 tx timeout [ 684.656331][T23556] fuse: Bad value for 'fd' [ 685.305755][T23570] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 685.312342][T23570] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 685.319528][T23570] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 685.356934][T23570] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 685.381511][T23570] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 685.983031][T23592] kvm_intel: kvm [23591]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xb9 [ 686.526739][T23602] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 686.527747][T21093] Bluetooth: hci1: command 0x0406 tx timeout [ 686.882225][T23615] fuse: Bad value for 'group_id' [ 686.888640][T23615] fuse: Bad value for 'group_id' [ 687.203398][T23621] syzkaller0: entered promiscuous mode [ 687.217865][T23621] syzkaller0: entered allmulticast mode [ 687.328368][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 687.337500][ T5891] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 687.357374][T21093] Bluetooth: hci2: command 0x0406 tx timeout [ 687.363491][ T5149] Bluetooth: hci0: command 0x0c1a tx timeout [ 687.370578][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 687.406080][ T5149] Bluetooth: hci3: command 0x0c1a tx timeout [ 687.412208][T21093] Bluetooth: hci4: command 0x0406 tx timeout [ 687.468963][T23637] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7800'. [ 688.272988][T23660] netlink: 44 bytes leftover after parsing attributes in process `syz.2.7811'. [ 688.447981][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 688.617198][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 689.488425][ T5149] Bluetooth: hci3: command 0x0c1a tx timeout [ 689.495180][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 689.897294][ T1005] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 690.533590][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 690.846541][T23704] netlink: 76 bytes leftover after parsing attributes in process `syz.3.7828'. [ 691.172691][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.179374][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.574446][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 692.206122][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 692.362534][T23727] netlink: 'syz.3.7841': attribute type 1 has an invalid length. [ 692.493114][T23731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 692.616534][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 692.838975][T23740] netlink: 200 bytes leftover after parsing attributes in process `syz.4.7846'. [ 693.087160][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 693.097273][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 693.106234][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 693.175998][ T5919] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 693.350187][ T5919] usb 1-1: config 0 has no interfaces? [ 693.404268][ T5919] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 693.426305][ T5919] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 693.434462][ T5919] usb 1-1: Product: syz [ 693.466866][ T5919] usb 1-1: Manufacturer: syz [ 693.471810][ T5919] usb 1-1: SerialNumber: syz [ 693.493671][ T5919] usb 1-1: config 0 descriptor?? [ 693.579160][T23771] vlan2: entered promiscuous mode [ 693.584283][T23771] bridge0: entered promiscuous mode [ 693.592543][T23773] netlink: 'syz.4.7862': attribute type 16 has an invalid length. [ 693.600905][T23773] netlink: 64130 bytes leftover after parsing attributes in process `syz.4.7862'. [ 693.649990][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 693.776396][ T10] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 694.005174][ T5891] usb 1-1: USB disconnect, device number 16 [ 694.129171][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 694.153706][ T10] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 694.172638][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 694.363947][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 694.381389][ T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 694.406604][ T10] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 694.525801][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 694.659424][ T10] usb 3-1: config 0 descriptor?? [ 694.665019][T23770] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 695.113427][ T10] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0 [ 695.131230][ T10] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0 [ 695.162841][ T10] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0 [ 695.170901][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 695.191190][ T10] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0 [ 695.231185][ T10] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0 [ 695.256332][ T10] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0 [ 695.314671][ T10] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 695.409147][ T10] usb 3-1: USB disconnect, device number 24 [ 695.562459][T23801] fido_id[23801]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 695.659078][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 696.136787][T23824] netlink: 52 bytes leftover after parsing attributes in process `syz.2.7885'. [ 696.206521][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 696.346791][T23829] netlink: 88 bytes leftover after parsing attributes in process `syz.0.7888'. [ 698.195358][T23891] net_ratelimit: 1 callbacks suppressed [ 698.195379][T23891] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 698.289016][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 698.580695][T23902] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 698.846056][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 699.189127][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 699.197322][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 699.206458][ T5892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 699.215411][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 699.526387][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 699.526404][ T30] audit: type=1326 audit(1763130237.070:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23907 comm="syz.4.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 699.606062][ T30] audit: type=1326 audit(1763130237.070:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23907 comm="syz.4.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 699.769094][ T30] audit: type=1326 audit(1763130237.070:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23907 comm="syz.4.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 699.895993][ T30] audit: type=1326 audit(1763130237.070:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23907 comm="syz.4.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 700.372852][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 700.396358][ T30] audit: type=1326 audit(1763130237.070:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23907 comm="syz.4.7923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 701.419186][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 701.428909][ T1005] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 703.259642][T23963] loop4: detected capacity change from 0 to 7 [ 703.282979][T23963] loop4: [POWERTEC] p1 p2 p3 p4 p5 [ 703.301809][T23963] loop4: p1 size 2228224 extends beyond EOD, truncated [ 703.348365][T23963] loop4: p2 start 1982821989 is beyond EOD, truncated [ 703.359576][T23963] loop4: p3 size 327680 extends beyond EOD, truncated [ 703.430718][T23963] loop4: p4 start 1970174324 is beyond EOD, truncated [ 703.467010][T23963] loop4: p5 start 1680801792 is beyond EOD, truncated [ 703.492306][ T5906] net_ratelimit: 1 callbacks suppressed [ 703.492326][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 703.617545][ T5844] udevd[5844]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 703.621738][ T6367] udevd[6367]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 704.530340][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 704.542144][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 704.550974][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 704.619880][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 704.930686][T23998] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 704.937452][T23998] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 704.945555][T23998] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 704.953741][T23998] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 704.967023][T23998] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 705.585492][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 705.758701][ T5892] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 705.785748][ T5892] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 706.016332][ T10] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 706.179813][ T10] usb 4-1: config 0 has no interfaces? [ 706.189666][ T10] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 706.203422][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 706.215107][ T10] usb 4-1: SerialNumber: syz [ 706.219935][ T5149] Bluetooth: hci1: command 0x0406 tx timeout [ 706.338520][ T10] usb 4-1: config 0 descriptor?? [ 706.611602][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 706.632179][T24065] netlink: 188 bytes leftover after parsing attributes in process `syz.0.7987'. [ 707.006978][ T5149] Bluetooth: hci0: command 0x0c1a tx timeout [ 707.007032][T21093] Bluetooth: hci3: command 0x0c1a tx timeout [ 707.013102][ T5149] Bluetooth: hci4: command 0x0406 tx timeout [ 707.019657][T21093] Bluetooth: hci2: command 0x0406 tx timeout [ 707.174234][T22130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 707.330172][T24077] netlink: 44 bytes leftover after parsing attributes in process `syz.4.7991'. [ 707.374463][T24077] netlink: 67 bytes leftover after parsing attributes in process `syz.4.7991'. [ 707.650234][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 708.731777][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 708.797819][ T5906] usb 4-1: USB disconnect, device number 19 [ 709.864764][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 710.384000][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 710.392246][T22130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 710.401361][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 710.410180][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.006031][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.486173][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.756069][ T5919] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 711.915978][ T5919] usb 1-1: Using ep0 maxpacket: 16 [ 711.939441][ T5919] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 711.952604][ T5919] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 711.982806][ T5919] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 712.014997][ T5919] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 712.048312][ T5919] usb 1-1: config 0 descriptor?? [ 712.363356][T24182] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8036'. [ 712.527397][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 712.638726][ T30] audit: type=1326 audit(1763130250.230:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24196 comm="syz.6.8043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72aa78f6c9 code=0x7ffc0000 [ 712.707551][ T30] audit: type=1326 audit(1763130250.230:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24196 comm="syz.6.8043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72aa78f6c9 code=0x7ffc0000 [ 712.751850][ T5919] usbhid 1-1:0.0: can't add hid device: -71 [ 712.775636][ T5919] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 712.777129][ T30] audit: type=1326 audit(1763130250.230:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24196 comm="syz.6.8043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f72aa78f6c9 code=0x7ffc0000 [ 712.821508][ T5919] usb 1-1: USB disconnect, device number 17 [ 712.863986][ T30] audit: type=1326 audit(1763130250.230:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24196 comm="syz.6.8043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72aa78f6c9 code=0x7ffc0000 [ 712.904075][ T30] audit: type=1326 audit(1763130250.230:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24196 comm="syz.6.8043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72aa78f6c9 code=0x7ffc0000 [ 712.927661][ T30] audit: type=1326 audit(1763130250.230:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24196 comm="syz.6.8043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f72aa78f6c9 code=0x7ffc0000 [ 712.932736][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 712.949850][ C1] vkms_vblank_simulate: vblank timer overrun [ 712.957297][ T30] audit: type=1326 audit(1763130250.230:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24196 comm="syz.6.8043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72aa78f6c9 code=0x7ffc0000 [ 713.000296][ T30] audit: type=1326 audit(1763130250.230:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24196 comm="syz.6.8043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72aa78f6c9 code=0x7ffc0000 [ 713.068555][ T30] audit: type=1326 audit(1763130250.230:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24196 comm="syz.6.8043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f72aa78f6c9 code=0x7ffc0000 [ 713.099698][ T30] audit: type=1326 audit(1763130250.230:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24196 comm="syz.6.8043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72aa78f6c9 code=0x7ffc0000 [ 714.280726][T24233] binder: 24232:24233 ioctl c0306201 0 returned -14 [ 714.606223][ T44] net_ratelimit: 1 callbacks suppressed [ 714.606265][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 714.766384][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 715.668736][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 716.126817][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 716.687257][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 716.724474][T24293] netlink: 36 bytes leftover after parsing attributes in process `syz.0.8080'. [ 717.420052][T24311] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 717.730086][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 718.159362][T24306] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8082'. [ 718.686486][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 718.778694][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 718.913313][T24350] netlink: 44 bytes leftover after parsing attributes in process `syz.0.8105'. [ 718.992990][T24350] netlink: 59 bytes leftover after parsing attributes in process `syz.0.8105'. [ 719.020341][T24350] netlink: 59 bytes leftover after parsing attributes in process `syz.0.8105'. [ 719.806164][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 719.993326][T24402] netlink: 'syz.3.8131': attribute type 1 has an invalid length. [ 720.130566][T24402] bond2: (slave vcan1): The slave device specified does not support setting the MAC address [ 720.182004][T24402] bond2: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 720.225277][T24402] bond2: (slave vcan1): making interface the new active one [ 720.246533][T24402] bond2: (slave vcan1): Enslaving as an active interface with an up link [ 720.266753][T24408] bond2: entered allmulticast mode [ 720.271959][T24408] vcan1: entered allmulticast mode [ 720.316917][T24413] veth0_to_team: entered promiscuous mode [ 720.322718][T24413] veth0_to_team: entered allmulticast mode [ 720.846398][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 721.886513][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 721.894691][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 722.928505][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 723.968591][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 724.620875][T24511] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8175'. [ 724.656042][T24511] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8175'. [ 725.008975][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 726.047350][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 726.103490][T24547] binder: 24544:24547 ioctl c0306201 200000000940 returned -22 [ 726.750292][T24573] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8200'. [ 727.092559][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 727.651248][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 728.128809][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 728.286446][ T1005] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 728.601157][T24616] netlink: 'syz.3.8219': attribute type 4 has an invalid length. [ 729.213195][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 730.313337][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 730.826550][ T5891] usb 3-1: new full-speed USB device number 25 using dummy_hcd [ 731.060408][ T5891] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 731.072586][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 731.080867][ T5891] usb 3-1: Product: syz [ 731.085067][ T5891] usb 3-1: Manufacturer: syz [ 731.113201][ T5891] usb 3-1: SerialNumber: syz [ 731.130002][ T5891] usb 3-1: config 0 descriptor?? [ 731.328745][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 731.366078][ T5891] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 731.506754][T24690] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8255'. [ 731.767663][T24704] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8262'. [ 731.855990][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 732.030356][ T10] usb 7-1: config 0 has too many interfaces: 204, using maximum allowed: 32 [ 732.046295][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 204 [ 732.059750][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 732.071586][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 732.083475][ T10] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 732.102884][ T10] usb 7-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00 [ 732.115229][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 732.155395][ T10] usb 7-1: config 0 descriptor?? [ 732.366334][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 732.630068][ T10] input: HID 28bd:0909 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:28BD:0909.000A/input/input32 [ 732.743138][ T10] uclogic 0003:28BD:0909.000A: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.6-1/input0 [ 732.801396][ T5891] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 732.840048][ T5891] usb 3-1: USB disconnect, device number 25 [ 732.895675][ T10] usb 7-1: USB disconnect, device number 2 [ 733.028160][T24735] fido_id[24735]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 733.409381][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 733.419183][ T1005] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 734.106882][ T1005] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 734.414607][T24776] netlink: 84 bytes leftover after parsing attributes in process `syz.0.8292'. [ 734.447018][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 735.326196][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 735.836042][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.517043][T24805] netlink: 156 bytes leftover after parsing attributes in process `syz.6.8304'. [ 736.877336][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.891950][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.900934][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.920687][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.929469][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.943982][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.952612][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.983340][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 737.169865][T24820] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8312'. [ 737.444882][T24830] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8315'. [ 739.640496][T24873] netlink: 'syz.3.8335': attribute type 1 has an invalid length. [ 739.719436][T24873] bond3: (slave gretap0): making interface the new active one [ 739.800501][T24873] bond3: (slave gretap0): Enslaving as an active interface with an up link [ 740.446770][ T44] net_ratelimit: 1020 callbacks suppressed [ 740.446792][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 741.193239][T24901] binder: 24900:24901 ioctl c0306201 2000000002c0 returned -14 [ 741.282460][T24905] netlink: 'syz.2.8350': attribute type 1 has an invalid length. [ 741.374924][T24905] 8021q: adding VLAN 0 to HW filter on device bond1 [ 741.433061][T24913] bond1: option lacp_active: mode dependency failed, not supported in mode balance-alb(6) [ 741.491781][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 741.570136][T24905] bond1: (slave ip6gretap1): making interface the new active one [ 741.611460][T24905] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 742.741555][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 743.896271][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 744.311651][T24979] mac80211_hwsim hwsim8 syzkaller0: entered promiscuous mode [ 744.319351][T24979] mac80211_hwsim hwsim8 syzkaller0: entered allmulticast mode [ 744.507496][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 744.507516][ T30] audit: type=1326 audit(1763130282.090:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24981 comm="syz.2.8381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 744.627253][ T30] audit: type=1326 audit(1763130282.100:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24981 comm="syz.2.8381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 744.697628][ T30] audit: type=1326 audit(1763130282.130:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24981 comm="syz.2.8381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 744.774731][ T30] audit: type=1326 audit(1763130282.130:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24981 comm="syz.2.8381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 744.876376][ T30] audit: type=1326 audit(1763130282.130:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24981 comm="syz.2.8381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 744.926363][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 744.939214][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 744.951887][ T30] audit: type=1326 audit(1763130282.130:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24981 comm="syz.2.8381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 745.053546][ T30] audit: type=1326 audit(1763130282.130:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24981 comm="syz.2.8381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 745.125549][ T30] audit: type=1326 audit(1763130282.130:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24981 comm="syz.2.8381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 745.566632][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 745.594792][T25034] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 745.948781][T25053] netlink: 68 bytes leftover after parsing attributes in process `syz.4.8411'. [ 745.968070][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 746.696263][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 747.056800][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 747.456874][T25084] syzkaller1: entered promiscuous mode [ 747.462412][T25084] syzkaller1: entered allmulticast mode [ 747.481142][T25088] loop5: detected capacity change from 0 to 7 [ 747.493763][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 747.502211][ C1] blk_print_req_error: 10 callbacks suppressed [ 747.502234][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 747.517596][ C1] buffer_io_error: 9 callbacks suppressed [ 747.517609][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 747.533632][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 747.542864][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 747.556943][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 747.566178][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 747.575967][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 747.585147][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 747.593995][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 747.603243][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 747.615150][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 747.624402][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 747.633489][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 747.642707][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 747.650746][T25088] ldm_validate_partition_table(): Disk read failed. [ 747.658782][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 747.668024][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 747.677357][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 747.686566][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 747.696201][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 747.705393][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 747.715111][T25088] Dev loop5: unable to read RDB block 0 [ 747.768905][T25088] loop5: unable to read partition table [ 747.774845][T25088] loop5: partition table beyond EOD, truncated [ 747.786185][T25088] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 748.076917][T25099] blkio.reset_stats is deprecated [ 748.606213][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.646130][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 750.607389][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 750.686908][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 750.702655][T22130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 751.708303][T25189] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8475'. [ 751.726522][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 751.832230][ T30] audit: type=1326 audit(1763130289.420:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25190 comm="syz.2.8477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 751.866383][ T10] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 751.894187][ T30] audit: type=1326 audit(1763130289.420:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25190 comm="syz.2.8477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 751.956506][ T30] audit: type=1326 audit(1763130289.420:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25190 comm="syz.2.8477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 752.008537][ T30] audit: type=1326 audit(1763130289.420:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25190 comm="syz.2.8477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 752.039958][ T30] audit: type=1326 audit(1763130289.420:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25190 comm="syz.2.8477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 752.062788][ T30] audit: type=1326 audit(1763130289.420:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25190 comm="syz.2.8477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 752.076124][ T10] usb 7-1: config index 0 descriptor too short (expected 55488, got 27) [ 752.097981][ T30] audit: type=1326 audit(1763130289.420:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25190 comm="syz.2.8477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 752.127592][ T10] usb 7-1: config 0 has an invalid descriptor of length 216, skipping remainder of the config [ 752.172437][ T30] audit: type=1326 audit(1763130289.420:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25190 comm="syz.2.8477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 752.195652][ T10] usb 7-1: config 0 has no interfaces? [ 752.199331][ T10] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 752.221856][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 752.226710][T25197] kvm: vcpu 2044: requested lapic timer restore with starting count register 0x390=3343437945 (53495007120 ns) > initial count (52285443328 ns). Using initial count to start timer. [ 752.261332][ T10] usb 7-1: Product: syz [ 752.273313][ T10] usb 7-1: Manufacturer: syz [ 752.273383][ T30] audit: type=1326 audit(1763130289.420:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25190 comm="syz.2.8477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 752.302956][ T10] usb 7-1: SerialNumber: syz [ 752.331403][ T30] audit: type=1326 audit(1763130289.420:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25190 comm="syz.2.8477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 752.372962][ T10] usb 7-1: config 0 descriptor?? [ 752.613362][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.619925][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.658298][T25216] mac80211_hwsim hwsim8 syzkaller0: left promiscuous mode [ 752.669856][T25216] mac80211_hwsim hwsim8 syzkaller0: left allmulticast mode [ 752.791312][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 752.871895][ T5919] usb 7-1: USB disconnect, device number 3 [ 753.806959][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 753.817956][T25242] netlink: 156 bytes leftover after parsing attributes in process `syz.0.8498'. [ 753.846718][T25242] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8498'. [ 754.846440][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 755.862619][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 755.886229][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 756.457232][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 756.934882][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 757.287724][T25325] netlink: 36 bytes leftover after parsing attributes in process `syz.0.8535'. [ 757.966195][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 758.585602][T25369] netlink: 'syz.2.8554': attribute type 21 has an invalid length. [ 759.006542][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 759.073404][T25392] netlink: 64 bytes leftover after parsing attributes in process `syz.0.8564'. [ 759.726320][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 759.726339][ T30] audit: type=1326 audit(1763130297.310:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.2.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 759.789751][ T30] audit: type=1326 audit(1763130297.310:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.2.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 759.831548][ T30] audit: type=1326 audit(1763130297.310:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.2.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 759.859856][ T30] audit: type=1326 audit(1763130297.310:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.2.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 759.883398][ T30] audit: type=1326 audit(1763130297.310:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.2.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 759.906465][ T30] audit: type=1326 audit(1763130297.310:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.2.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 759.931126][ T30] audit: type=1326 audit(1763130297.310:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.2.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 759.987443][ T30] audit: type=1326 audit(1763130297.310:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.2.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 760.046308][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 760.069473][ T30] audit: type=1326 audit(1763130297.310:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.2.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 760.190821][ T30] audit: type=1326 audit(1763130297.310:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.2.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 760.225951][ T10] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 760.416245][ T10] usb 1-1: Using ep0 maxpacket: 32 [ 760.434146][ T10] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 760.463439][ T10] usb 1-1: config 0 has no interface number 0 [ 760.481393][ T10] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 760.494190][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 760.535956][ T10] usb 1-1: Product: syz [ 760.546310][ T10] usb 1-1: Manufacturer: syz [ 760.551047][ T10] usb 1-1: SerialNumber: syz [ 760.580694][ T10] usb 1-1: config 0 descriptor?? [ 760.637610][ T10] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 760.872264][ T10] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 760.928598][T25443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8587'. [ 760.956671][ T10] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 761.089116][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 761.309310][ C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 761.324941][ T5919] usb 1-1: USB disconnect, device number 18 [ 761.363357][ T5919] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 761.422384][ T5919] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 761.445010][ T5919] quatech2 1-1:0.51: device disconnected [ 761.566410][T22130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 762.127871][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 762.207675][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 763.050562][T25514] binder: 25511:25514 ioctl c0306201 200000000940 returned -22 [ 763.169712][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 763.958582][T25546] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8635'. [ 764.206103][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 765.015756][T25588] netlink: 128 bytes leftover after parsing attributes in process `syz.3.8655'. [ 765.052502][T25588] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8655'. [ 765.256050][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 765.290706][T25601] netlink: 'syz.2.8659': attribute type 13 has an invalid length. [ 765.300410][T25601] netlink: 'syz.2.8659': attribute type 27 has an invalid length. [ 766.046235][ T5891] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 766.208770][ T5891] usb 4-1: Using ep0 maxpacket: 16 [ 766.227376][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 766.240077][ T5891] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 766.252665][ T5891] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 766.281557][ T5891] usb 4-1: Product: syz [ 766.285799][ T5891] usb 4-1: Manufacturer: syz [ 766.296278][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.305641][ T5891] usb 4-1: SerialNumber: syz [ 766.345127][ T5891] usb 4-1: config 0 descriptor?? [ 766.364733][ T5891] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 766.425629][ T5891] em28xx 4-1:0.0: DVB interface 0 found: bulk [ 766.652093][T25651] binder: 25650:25651 unknown command 0 [ 766.675951][T25651] binder: 25650:25651 ioctl c0306201 2000000001c0 returned -22 [ 766.816740][T25658] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.827156][T25658] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.835522][T25658] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.864905][T25658] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.873625][T25658] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.882933][T25658] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.892641][T25658] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.901978][T25658] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.912033][T25658] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.970049][ T5891] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 767.091975][ T30] kauditd_printk_skb: 39 callbacks suppressed [ 767.091995][ T30] audit: type=1326 audit(1763130304.680:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25663 comm="syz.4.8691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 767.176188][ T30] audit: type=1326 audit(1763130304.710:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25663 comm="syz.4.8691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 767.249004][ T30] audit: type=1326 audit(1763130304.710:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25663 comm="syz.4.8691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 767.282547][T25672] netlink: 388 bytes leftover after parsing attributes in process `syz.4.8694'. [ 767.298269][ T30] audit: type=1326 audit(1763130304.710:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25663 comm="syz.4.8691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 767.365976][ T30] audit: type=1326 audit(1763130304.710:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25663 comm="syz.4.8691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311198f6c9 code=0x7ffc0000 [ 767.819817][T25692] netlink: 'syz.6.8702': attribute type 16 has an invalid length. [ 767.846092][T25692] netlink: 'syz.6.8702': attribute type 2 has an invalid length. [ 767.859487][T25692] netlink: 64094 bytes leftover after parsing attributes in process `syz.6.8702'. [ 768.397837][ T30] audit: type=1326 audit(1763130305.990:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25720 comm="syz.2.8716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 768.432769][ T30] audit: type=1326 audit(1763130305.990:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25720 comm="syz.2.8716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 768.460083][ T30] audit: type=1326 audit(1763130305.990:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25720 comm="syz.2.8716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 768.504322][ T30] audit: type=1326 audit(1763130305.990:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25720 comm="syz.2.8716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 769.011824][ T5891] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 769.052326][ T5891] em28xx 4-1:0.0: board has no eeprom [ 769.146443][ T5891] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 769.165297][ T5891] em28xx 4-1:0.0: dvb set to bulk mode. [ 769.204984][ T980] em28xx 4-1:0.0: Binding DVB extension [ 769.214226][ T5891] usb 4-1: USB disconnect, device number 20 [ 769.217592][T25758] fuse: Invalid rootmode [ 769.237470][ T5891] em28xx 4-1:0.0: Disconnecting em28xx [ 769.306528][ T30] audit: type=1800 audit(1763130306.860:754): pid=25761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.8735" name="file1" dev="tmpfs" ino=10658 res=0 errno=0 [ 769.380042][ T980] em28xx 4-1:0.0: Registering input extension [ 769.390084][ T5891] em28xx 4-1:0.0: Closing input extension [ 769.432721][ T5891] em28xx 4-1:0.0: Freeing device [ 769.816768][ T980] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 769.874108][T25785] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8747'. [ 769.895149][T25785] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8747'. [ 770.018598][ T980] usb 7-1: Using ep0 maxpacket: 16 [ 770.028470][ T980] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 770.055456][ T980] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 770.094311][ T980] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 770.102534][ T5891] usb 4-1: new low-speed USB device number 21 using dummy_hcd [ 770.122883][ T980] usb 7-1: Product: syz [ 770.133782][ T980] usb 7-1: Manufacturer: syz [ 770.139652][ T980] usb 7-1: SerialNumber: syz [ 770.149506][ T980] usb 7-1: config 0 descriptor?? [ 770.167643][ T980] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 770.187201][ T980] em28xx 7-1:0.0: DVB interface 0 found: bulk [ 770.290977][ T5891] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 770.301056][ T5891] usb 4-1: config 0 has no interface number 0 [ 770.308313][ T5891] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 770.320379][ T5891] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 770.332165][ T5891] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 770.341826][ T5891] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 770.354272][ T5891] usb 4-1: config 0 descriptor?? [ 770.362893][T25787] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 770.378644][ T5891] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 770.446459][ T10] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 770.583428][T25787] binder: 25786:25787 ioctl 4018620d 0 returned -22 [ 770.599496][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 770.611382][ T10] usb 3-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 770.620591][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 770.632029][ T10] usb 3-1: config 0 descriptor?? [ 770.652581][ T5906] usb 4-1: USB disconnect, device number 21 [ 770.658675][ C1] iowarrior 4-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19 [ 770.774490][ T980] em28xx 7-1:0.0: unknown em28xx chip ID (0) [ 770.915045][ T10] usbhid 3-1:0.0: can't add hid device: -71 [ 770.921154][ T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 770.932534][ T10] usb 3-1: USB disconnect, device number 26 [ 771.190491][ T980] em28xx 7-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 771.201076][ T980] em28xx 7-1:0.0: board has no eeprom [ 771.488811][ T5906] net_ratelimit: 55 callbacks suppressed [ 771.488833][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 771.504684][T25809] fuse: Bad value for 'fd' [ 771.961088][T25826] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8764'. [ 771.970398][T25826] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8764'. [ 772.296603][T25771] em28xx 7-1:0.0: reading from i2c device at 0xfffe failed (error=-5) [ 772.347844][ T980] em28xx 7-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 772.366056][ T980] em28xx 7-1:0.0: dvb set to bulk mode. [ 772.374236][T25803] em28xx 7-1:0.0: Binding DVB extension [ 772.399436][ T980] usb 7-1: USB disconnect, device number 4 [ 772.429269][ T980] em28xx 7-1:0.0: Disconnecting em28xx [ 772.492556][T25803] em28xx 7-1:0.0: Registering input extension [ 772.500853][ T980] em28xx 7-1:0.0: Closing input extension [ 772.529875][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 772.535044][ T980] em28xx 7-1:0.0: Freeing device [ 772.826351][ T10] usb 3-1: new full-speed USB device number 27 using dummy_hcd [ 773.002704][T25866] netlink: 'syz.0.8783': attribute type 1 has an invalid length. [ 773.030910][ T10] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 773.056118][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 773.064656][ T10] usb 3-1: Product: syz [ 773.087419][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 773.117279][T25866] bond1: entered promiscuous mode [ 773.122992][T25866] 8021q: adding VLAN 0 to HW filter on device bond1 [ 773.136889][ T10] usb 3-1: Manufacturer: syz [ 773.141643][ T10] usb 3-1: SerialNumber: syz [ 773.188994][ T10] usb 3-1: config 0 descriptor?? [ 773.240613][T25866] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 773.248910][T25866] IPv6: NLM_F_CREATE should be set when creating new route [ 773.256685][T25866] IPv6: NLM_F_CREATE should be set when creating new route [ 773.317938][T25866] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 773.342863][T25872] 8021q: adding VLAN 0 to HW filter on device bond1 [ 773.353299][T25872] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address [ 773.365675][T25872] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode [ 773.386344][T25872] bond1: (slave wireguard0): making interface the new active one [ 773.406028][T25872] wireguard0: entered promiscuous mode [ 773.412390][ T10] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 773.427829][T25872] bond1: (slave wireguard0): Enslaving as an active interface with an up link [ 773.523901][T25866] bond1: (slave wireguard1): The slave device specified does not support setting the MAC address [ 773.542146][T25866] bond1: (slave wireguard1): Enslaving as a backup interface with an up link [ 773.583766][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 773.732664][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 774.606422][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 775.113655][T25945] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8818'. [ 775.424106][ T10] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 775.444495][ T10] usb 3-1: USB disconnect, device number 27 [ 775.648568][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 776.177581][T25978] netlink: 188 bytes leftover after parsing attributes in process `syz.0.8832'. [ 776.310241][T25980] binder: BINDER_SET_CONTEXT_MGR already set [ 776.318877][T25980] binder: 25979:25980 ioctl 4018620d 200000000040 returned -16 [ 776.336907][T25980] binder: 25979:25980 ioctl c018620c 200000000100 returned -1 [ 776.562290][T25984] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8835'. [ 776.686149][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 777.728727][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 778.711342][T26045] random: crng reseeded on system resumption [ 778.766289][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 778.811476][T26047] netlink: 36 bytes leftover after parsing attributes in process `syz.6.8863'. [ 778.820834][T26047] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8863'. [ 778.856453][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 778.875124][T26047] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8863'. [ 779.183302][T26061] tipc: New replicast peer: 2001:0000:0000:0000:0000:0000:0000:0002 [ 779.487730][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 779.643826][T26083] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8879'. [ 779.683631][T26085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8880'. [ 779.811411][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 780.204558][T26105] program syz.4.8890 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 780.848850][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 780.916458][ T5906] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 781.047314][T26133] netlink: 'syz.0.8903': attribute type 11 has an invalid length. [ 781.064179][T26133] netlink: 'syz.0.8903': attribute type 1 has an invalid length. [ 781.117719][T26133] netlink: 3593 bytes leftover after parsing attributes in process `syz.0.8903'. [ 781.119344][ T5906] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 781.150103][ T5906] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 781.196419][ T5906] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 781.233310][ T5906] usb 3-1: config 0 descriptor?? [ 781.264056][ T5906] pwc: Askey VC010 type 2 USB webcam detected. [ 781.667847][ T5906] pwc: recv_control_msg error -32 req 02 val 2b00 [ 781.687076][ T5906] pwc: recv_control_msg error -32 req 02 val 2700 [ 781.726329][ T5906] pwc: recv_control_msg error -32 req 02 val 2c00 [ 781.830556][ T5906] pwc: recv_control_msg error -32 req 04 val 1000 [ 781.851263][ T5906] pwc: recv_control_msg error -32 req 04 val 1300 [ 781.863154][ T5906] pwc: recv_control_msg error -32 req 04 val 1400 [ 781.883622][ T5906] pwc: recv_control_msg error -32 req 02 val 2000 [ 781.890821][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 781.903506][ T5906] pwc: recv_control_msg error -32 req 02 val 2100 [ 782.117071][ T5906] pwc: recv_control_msg error -71 req 02 val 2500 [ 782.125243][ T5906] pwc: recv_control_msg error -71 req 02 val 2400 [ 782.149062][T26163] netlink: 108 bytes leftover after parsing attributes in process `syz.3.8916'. [ 782.151506][ T5906] pwc: recv_control_msg error -71 req 02 val 2600 [ 782.216648][ T5906] pwc: recv_control_msg error -71 req 02 val 2900 [ 782.238698][ T5906] pwc: recv_control_msg error -71 req 02 val 2800 [ 782.259836][ T5906] pwc: recv_control_msg error -71 req 04 val 1100 [ 782.282810][ T5906] pwc: recv_control_msg error -71 req 04 val 1200 [ 782.358126][ T5906] pwc: Registered as video103. [ 782.384977][ T5906] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input35 [ 782.549664][ T5906] usb 3-1: USB disconnect, device number 28 [ 782.926141][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 783.515506][T26188] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8926'. [ 783.968808][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 784.606395][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 785.006202][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 785.247392][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 785.376972][T26262] netlink: 100 bytes leftover after parsing attributes in process `syz.2.8963'. [ 785.715066][T26278] fuse: Unknown parameter '&' [ 786.048169][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 787.086759][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 788.128757][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 788.446055][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 788.585043][T26376] lo: Caught tx_queue_len zero misconfig [ 788.792728][T26385] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9016'. [ 789.166295][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 790.206293][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 790.378068][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 790.437574][ T30] audit: type=1326 audit(1763130328.020:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26434 comm="syz.2.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7fc00000 [ 790.876180][ T30] audit: type=1326 audit(1763130328.060:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26434 comm="syz.2.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7fc00000 [ 790.972822][ T30] audit: type=1326 audit(1763130328.060:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26434 comm="syz.2.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7fc00000 [ 791.018514][ T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 791.119502][T26443] netlink: 224 bytes leftover after parsing attributes in process `syz.6.9042'. [ 791.204749][ T30] audit: type=1326 audit(1763130328.060:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26434 comm="syz.2.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7fc00000 [ 791.246390][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 791.277116][ T30] audit: type=1326 audit(1763130328.060:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26434 comm="syz.2.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7fc00000 [ 791.336370][ T30] audit: type=1326 audit(1763130328.060:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26434 comm="syz.2.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7fc00000 [ 791.442758][ T30] audit: type=1326 audit(1763130328.060:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26434 comm="syz.2.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7fc00000 [ 791.497817][ T30] audit: type=1326 audit(1763130328.060:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26434 comm="syz.2.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7fc00000 [ 791.666141][ T30] audit: type=1326 audit(1763130328.060:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26434 comm="syz.2.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7fc00000 [ 791.689357][ T30] audit: type=1326 audit(1763130328.060:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26434 comm="syz.2.9038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7fc00000 [ 792.286390][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 792.782092][T26472] netlink: 104 bytes leftover after parsing attributes in process `syz.6.9056'. [ 793.326140][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 794.367271][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 795.232709][T26394] syz.0.9015 (26394): drop_caches: 1 [ 795.406246][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 795.630562][T26540] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 795.645288][T25803] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 795.701447][T25803] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 795.807268][T25803] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 796.026631][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 796.452358][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 797.496541][ T5906] net_ratelimit: 2 callbacks suppressed [ 797.496560][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 797.898975][T26602] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 798.518390][ T5919] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 798.537771][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 798.686436][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 798.695913][ T5919] usb 4-1: Using ep0 maxpacket: 32 [ 798.703515][ T5919] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 798.725939][ T5919] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 798.759071][ T5919] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 798.766351][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 798.777806][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 798.801629][ T5919] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 798.835439][ T5919] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 798.875996][ T5919] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 798.904993][ T5919] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 798.918522][ T5919] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 798.928443][ T5919] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 798.969281][ T5919] usb 4-1: config 0 descriptor?? [ 799.221128][ T5919] usb 4-1: USB disconnect, device number 22 [ 799.566192][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 799.666208][ T44] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 799.784959][T26658] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 799.875956][ T44] usb 4-1: Using ep0 maxpacket: 32 [ 799.887012][ T44] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 799.895399][ T44] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 799.914452][ T44] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 799.934979][ T44] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 799.956276][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 799.976504][ T44] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 799.995941][ T44] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 800.016151][ T44] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 800.045589][ T44] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 800.068752][ T44] usb 4-1: config 0 descriptor?? [ 800.295604][ T44] usb 4-1: USB disconnect, device number 23 [ 800.606384][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 800.778811][T26689] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9153'. [ 800.956118][T26691] loop5: detected capacity change from 0 to 7 [ 801.359769][T26707] pim6reg1: entered promiscuous mode [ 801.365227][T26707] pim6reg1: entered allmulticast mode [ 801.481034][T26691] Dev loop5: unable to read RDB block 7 [ 801.487235][T26691] loop5: unable to read partition table [ 801.493209][T26691] loop5: partition table beyond EOD, truncated [ 801.503269][T26691] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 801.611831][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 801.611850][ T30] audit: type=1326 audit(1763130339.200:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26718 comm="syz.2.9169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 801.651266][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 801.710874][ T30] audit: type=1326 audit(1763130339.200:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26718 comm="syz.2.9169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 801.733353][ C0] vkms_vblank_simulate: vblank timer overrun [ 801.796075][ T30] audit: type=1326 audit(1763130339.200:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26718 comm="syz.2.9169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 801.975126][T26724] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 801.977783][ T30] audit: type=1326 audit(1763130339.570:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26718 comm="syz.2.9169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 802.056532][ T30] audit: type=1326 audit(1763130339.600:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26718 comm="syz.2.9169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 802.079092][ C0] vkms_vblank_simulate: vblank timer overrun [ 802.089848][ T30] audit: type=1326 audit(1763130339.610:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26718 comm="syz.2.9169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 802.112140][ C0] vkms_vblank_simulate: vblank timer overrun [ 802.134764][ T30] audit: type=1326 audit(1763130339.610:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26718 comm="syz.2.9169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 802.203046][ T30] audit: type=1326 audit(1763130339.610:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26718 comm="syz.2.9169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 802.233904][ T30] audit: type=1326 audit(1763130339.620:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26718 comm="syz.2.9169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f148f58df10 code=0x7ffc0000 [ 802.261549][ T30] audit: type=1326 audit(1763130339.620:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26718 comm="syz.2.9169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f148f58f2cb code=0x7ffc0000 [ 802.324828][T25803] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 802.446424][ T44] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 802.521850][T25803] usb 3-1: Using ep0 maxpacket: 32 [ 802.531624][T25803] usb 3-1: config 0 has no interfaces? [ 802.539053][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 802.547230][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 802.558580][T25803] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 802.575185][T25803] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 802.608724][T25803] usb 3-1: config 0 descriptor?? [ 802.629504][ T44] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 802.682612][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 802.694149][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 802.704314][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 802.712872][ T44] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 802.729554][ T44] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 802.740260][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 802.798280][ T44] usb 1-1: config 0 descriptor?? [ 802.839598][ T980] usb 3-1: USB disconnect, device number 29 [ 802.968685][T26764] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9189'. [ 803.242435][ T44] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 803.730027][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 804.766326][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 804.786018][ T5919] usb 1-1: reset high-speed USB device number 19 using dummy_hcd [ 805.005742][T26803] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 805.015255][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 805.047382][T26802] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 805.066150][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 805.084792][T26802] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 806.419616][ T5919] usb 1-1: device descriptor read/64, error -71 [ 806.690709][ T5919] usb 1-1: reset high-speed USB device number 19 using dummy_hcd [ 806.717188][ T5919] usb 1-1: device reset changed ep0 maxpacket size! [ 806.719273][ T44] usb 1-1: USB disconnect, device number 19 [ 807.046109][ T44] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 807.200231][ T44] usb 1-1: Using ep0 maxpacket: 16 [ 807.209897][ T44] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 807.209928][ T44] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 807.213387][ T44] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 807.213419][ T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 807.213440][ T44] usb 1-1: Product: syz [ 807.213456][ T44] usb 1-1: Manufacturer: syz [ 807.213472][ T44] usb 1-1: SerialNumber: syz [ 807.293594][T26870] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9234'. [ 807.470363][ T44] usb 1-1: 0:2 : does not exist [ 807.517085][ T44] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 807.589234][ T44] usb 1-1: USB disconnect, device number 20 [ 807.647492][T22133] net_ratelimit: 4 callbacks suppressed [ 807.647512][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 807.704476][ T5844] udevd[5844]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 808.046116][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 808.443643][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 809.087474][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 809.456251][T26931] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9262'. [ 809.591348][T26935] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 809.599701][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 809.784209][T26939] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9265'. [ 809.866192][T26943] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9265'. [ 810.136050][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 810.642175][T26966] netlink: 120 bytes leftover after parsing attributes in process `syz.3.9277'. [ 810.660997][T26966] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9277'. [ 810.671876][T26969] netlink: 80 bytes leftover after parsing attributes in process `syz.6.9278'. [ 810.681615][T26966] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9277'. [ 810.932302][T26980] syzkaller0: entered promiscuous mode [ 810.937909][T26980] syzkaller0: entered allmulticast mode [ 811.169062][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 812.217516][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 812.889765][T27034] netlink: 44 bytes leftover after parsing attributes in process `syz.2.9305'. [ 812.936807][T27034] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9305'. [ 813.247924][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 813.340757][T27057] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9326'. [ 813.406363][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 813.790930][T27081] netlink: 36 bytes leftover after parsing attributes in process `syz.6.9327'. [ 814.051177][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.057660][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.067754][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 814.286372][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 814.582689][T27098] input: syz1 as /devices/virtual/input/input37 [ 814.821119][T27106] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9340'. [ 815.326816][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 816.366324][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 816.951008][T27151] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9359'. [ 817.245964][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 817.410510][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 818.439249][T27172] mac80211_hwsim hwsim8 syzkaller0: entered promiscuous mode [ 818.447458][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 818.464644][T27172] mac80211_hwsim hwsim8 syzkaller0: entered allmulticast mode [ 819.166477][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 819.176352][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 819.541175][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 819.726316][ T5831] Bluetooth: hci1: command 0x0406 tx timeout [ 820.606194][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 820.763095][T27227] binder: 27226:27227 ioctl c0306201 2000000004c0 returned -22 [ 821.371443][T27251] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9402'. [ 821.380923][T27251] bridge_slave_1: left allmulticast mode [ 821.387769][T27251] bridge_slave_1: left promiscuous mode [ 821.394138][T27251] bridge0: port 2(bridge_slave_1) entered disabled state [ 821.407011][T27251] bridge_slave_0: left allmulticast mode [ 821.425679][T27251] bridge_slave_0: left promiscuous mode [ 821.438334][T27251] bridge0: port 1(bridge_slave_0) entered disabled state [ 821.647839][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 821.851301][T27269] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 822.686306][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 822.860503][T27296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 823.735226][ T5919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 824.766096][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 824.926922][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 824.935726][T22133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 825.807100][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 826.136107][ T44] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 826.454629][ T44] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 826.464461][ T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 826.497928][ T44] usb 3-1: Product: syz [ 826.543529][ T44] usb 3-1: Manufacturer: syz [ 826.613904][ T44] usb 3-1: SerialNumber: syz [ 826.871557][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 826.899760][T27416] tipc: Enabling of bearer rejected, already enabled [ 827.092006][ T44] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE [ 827.115981][ T44] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE [ 827.890330][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 828.384739][ T44] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE [ 828.529548][T27459] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9491'. [ 828.823923][ T44] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -EPROTO [ 828.846977][ T44] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO [ 828.876011][ T44] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 828.900241][ T44] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 828.929576][ T44] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71 [ 828.946282][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 828.975380][ T44] usb 3-1: USB disconnect, device number 30 [ 829.138552][T27459] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 829.170702][T27459] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 829.192946][T27459] bond0 (unregistering): Released all slaves [ 829.796027][ T5906] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 829.966478][ T5906] usb 7-1: Using ep0 maxpacket: 16 [ 829.972898][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 829.988756][ T5906] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 830.012364][ T5906] usb 7-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 830.044595][ T5906] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 830.066462][ T5906] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x8F has invalid wMaxPacketSize 0 [ 830.094270][ T5906] usb 7-1: config 0 interface 0 has no altsetting 0 [ 830.103946][ T5906] usb 7-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 830.115909][ T5906] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 830.123987][ T5906] usb 7-1: Product: syz [ 830.146208][ T5906] usb 7-1: Manufacturer: syz [ 830.150885][ T5906] usb 7-1: SerialNumber: syz [ 830.170234][ T5906] usb 7-1: config 0 descriptor?? [ 830.344324][ T30] kauditd_printk_skb: 21 callbacks suppressed [ 830.344344][ T30] audit: type=1326 audit(1763130367.930:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27508 comm="syz.0.9514" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f341498f6c9 code=0x0 [ 830.420190][ T5906] input: syz syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input38 [ 830.445305][ T5184] synaptics_usb 7-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 830.468726][ T5184] synaptics_usb 7-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 830.480083][ T5184] synaptics_usb 7-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 830.496775][ T5184] synaptics_usb 7-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 830.585379][ T6367] synaptics_usb 7-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 830.607109][ T5184] synaptics_usb 7-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 830.641357][ T5184] synaptics_usb 7-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 830.647842][ T980] usb 7-1: USB disconnect, device number 5 [ 830.687809][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 830.696770][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 830.787347][T27519] netlink: 72 bytes leftover after parsing attributes in process `syz.2.9517'. [ 830.831692][T27521] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9510'. [ 830.869323][T27523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 830.948296][T27521] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9510'. [ 831.006471][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 831.015343][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 831.024339][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 834.126796][ T44] net_ratelimit: 3 callbacks suppressed [ 834.126817][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 834.397319][T27620] netlink: 'syz.2.9560': attribute type 6 has an invalid length. [ 834.465983][ T10] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 834.617409][ T10] usb 4-1: Using ep0 maxpacket: 8 [ 834.633841][ T10] usb 4-1: config 0 interface 0 altsetting 247 endpoint 0x81 has an invalid bInterval 202, changing to 11 [ 834.656381][ T10] usb 4-1: config 0 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 834.680054][ T10] usb 4-1: config 0 interface 0 has no altsetting 0 [ 834.696265][ T10] usb 4-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.00 [ 834.715936][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 834.740362][ T10] usb 4-1: config 0 descriptor?? [ 835.169610][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 835.173705][T27613] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 835.239000][T27642] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 835.260354][ T10] playstation 0003:054C:09CC.000C: hidraw0: USB HID vff.ed Device [HID 054c:09cc] on usb-dummy_hcd.3-1/input0 [ 835.272988][T27642] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 835.405510][T27642] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 835.412902][T27642] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 835.451992][ T10] playstation 0003:054C:09CC.000C: Failed to retrieve feature with reportID 18: -71 [ 835.467194][T27642] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 835.475093][T27642] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 835.475115][ T10] playstation 0003:054C:09CC.000C: Failed to retrieve DualShock4 pairing info: -71 [ 835.515717][ T10] playstation 0003:054C:09CC.000C: Failed to get MAC address from DualShock4 [ 835.524781][T27642] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 835.524832][T27642] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 835.544088][T27642] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 835.548128][ T10] playstation 0003:054C:09CC.000C: Failed to create dualshock4. [ 835.563998][T27642] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 835.636892][ T10] playstation 0003:054C:09CC.000C: probe with driver playstation failed with error -71 [ 835.695749][ T10] usb 4-1: USB disconnect, device number 24 [ 835.730411][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 836.140772][T27665] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 836.185307][T27665] kvm: pic: non byte read [ 836.230833][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 836.266230][T27665] kvm: pic: level sensitive irq not supported [ 836.266312][T27665] kvm: pic: non byte read [ 836.329731][T27665] kvm: pic: level sensitive irq not supported [ 836.329861][T27665] kvm: pic: non byte read [ 836.382274][T27665] kvm: pic: level sensitive irq not supported [ 836.382349][T27665] kvm: pic: non byte read [ 836.425616][T27665] kvm: pic: level sensitive irq not supported [ 836.425692][T27665] kvm: pic: non byte read [ 836.598470][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 836.616333][T27665] kvm: pic: level sensitive irq not supported [ 836.616442][T27665] kvm: pic: non byte read [ 836.679236][T27665] kvm: pic: level sensitive irq not supported [ 836.679317][T27665] kvm: pic: non byte read [ 836.718299][T27665] kvm: pic: level sensitive irq not supported [ 836.718365][T27665] kvm: pic: non byte read [ 836.731959][T27665] kvm: pic: level sensitive irq not supported [ 836.732073][T27665] kvm: pic: non byte read [ 836.789524][T27665] kvm: pic: level sensitive irq not supported [ 836.789611][T27665] kvm: pic: non byte read [ 836.814439][T27665] kvm: pic: level sensitive irq not supported [ 837.246420][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 838.286174][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 838.641443][ T30] audit: type=1326 audit(1763130376.230:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27744 comm="syz.2.9617" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x0 [ 839.326316][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.495959][ T980] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 839.676013][ T980] usb 7-1: Using ep0 maxpacket: 8 [ 839.682807][ T980] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 839.693513][ T980] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 839.706019][ T980] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 839.718642][ T980] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 839.733206][ T980] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 839.792512][ T980] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 840.304484][ T980] usb 7-1: GET_CAPABILITIES returned 0 [ 840.316299][ T980] usbtmc 7-1:16.0: can't read capabilities [ 840.366084][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 840.520284][ C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.529689][ C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.538776][ C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.547867][ C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.557068][ C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.691061][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.700189][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.709249][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.718310][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.727371][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.985219][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 840.994396][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 841.003532][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 841.012659][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 841.026154][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 841.035341][ C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2 [ 841.054588][ T980] usb 7-1: USB disconnect, device number 6 [ 841.084454][T27810] kvm: requested 73752 ns i8254 timer period limited to 200000 ns [ 841.097718][T27810] kvm: requested 181866 ns i8254 timer period limited to 200000 ns [ 841.142520][T27810] kvm: requested 136609 ns i8254 timer period limited to 200000 ns [ 841.234280][T27810] kvm: requested 129904 ns i8254 timer period limited to 200000 ns [ 841.246461][T27810] kvm: requested 198628 ns i8254 timer period limited to 200000 ns [ 841.304462][T27810] kvm: requested 198628 ns i8254 timer period limited to 200000 ns [ 841.416022][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 841.566112][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 841.794668][T27839] usb usb8: usbfs: process 27839 (syz.2.9653) did not claim interface 0 before use [ 842.206266][T22130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 842.446617][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 842.956697][T25803] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 843.109081][T25803] usb 1-1: Using ep0 maxpacket: 32 [ 843.122868][T25803] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 843.143895][T25803] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 843.184494][T25803] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 843.203987][T25803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 843.215368][T25803] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 843.225607][T25803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 843.243228][T25803] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 843.259668][T25803] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 843.310689][T25803] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 843.333969][T25803] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 843.363486][T25803] usb 1-1: config 0 descriptor?? [ 843.487255][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.509927][T27896] input: syz1 as /devices/virtual/input/input39 [ 843.587311][T25803] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 21 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 843.649387][T25803] usb 1-1: USB disconnect, device number 21 [ 843.748219][T25803] usblp0: removed [ 844.545630][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 844.634602][ T30] audit: type=1326 audit(1763130382.220:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.9684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 844.675949][T25803] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 844.744700][ T30] audit: type=1326 audit(1763130382.220:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.9684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 844.771716][ T1005] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 844.786299][ T30] audit: type=1326 audit(1763130382.220:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.9684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 844.816967][ T30] audit: type=1326 audit(1763130382.220:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.9684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f148f58df10 code=0x7ffc0000 [ 844.856812][T25803] usb 1-1: Using ep0 maxpacket: 32 [ 844.865323][T27919] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9689'. [ 844.887243][T25803] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 844.901199][ T30] audit: type=1326 audit(1763130382.220:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.9684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 844.927055][T25803] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 844.940358][T25803] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 844.950153][T25803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 844.963777][ T30] audit: type=1326 audit(1763130382.250:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.9684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 844.990576][T25803] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 845.011644][T25803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 845.023017][ T30] audit: type=1326 audit(1763130382.250:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.9684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x7ffc0000 [ 845.070252][T25803] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 845.086599][T25803] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 845.106264][T25803] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 845.166631][T25803] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 845.189779][T25803] usb 1-1: config 0 descriptor?? [ 845.322488][T27928] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.356087][T27928] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.376285][T27928] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.417438][T25803] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 22 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 845.421027][T27924] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.446258][T25803] usb 1-1: USB disconnect, device number 22 [ 845.492574][T27924] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.498601][T25803] usblp0: removed [ 845.568673][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.936289][ T24] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 846.106281][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 846.127019][ T24] usb 3-1: config 0 has an invalid interface number: 67 but max is 0 [ 846.141640][ T24] usb 3-1: config 0 has no interface number 0 [ 846.158980][ T24] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 846.169479][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 846.188916][ T24] usb 3-1: Product: syz [ 846.218005][ T24] usb 3-1: Manufacturer: syz [ 846.227274][ T24] usb 3-1: SerialNumber: syz [ 846.248632][ T24] usb 3-1: config 0 descriptor?? [ 846.272606][ T24] smsc95xx v2.0.0 [ 846.606265][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 846.640823][T27961] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9709'. [ 846.681252][ T24] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 846.717037][ T24] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 847.417143][T27982] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9720'. [ 847.428896][T27982] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9720'. [ 847.646245][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.592884][ T24] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000006c: -71 [ 848.614576][ T24] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71 [ 848.651831][ T24] usb 3-1: USB disconnect, device number 31 [ 849.196284][ T24] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 849.526015][ T24] usb 4-1: Using ep0 maxpacket: 32 [ 849.574752][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 849.595459][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 849.652686][ T24] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 849.691179][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 849.739802][ T44] net_ratelimit: 2 callbacks suppressed [ 849.739823][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 849.766612][ T24] usb 4-1: config 0 descriptor?? [ 849.793440][ T24] hub 4-1:0.0: USB hub found [ 850.032890][ T24] hub 4-1:0.0: config failed, can't read hub descriptor (err -22) [ 850.066587][ T24] usbhid 4-1:0.0: can't add hid device: -71 [ 850.072653][ T24] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 850.386885][ T24] usb 4-1: USB disconnect, device number 25 [ 850.587361][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 850.753314][T28032] netlink: 'syz.2.9740': attribute type 13 has an invalid length. [ 850.776111][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 851.009213][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 851.121549][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 851.476219][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 851.606398][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 852.496890][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 853.010504][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 853.612535][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 854.495472][T28107] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9772'. [ 855.022491][T28117] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9777'. [ 855.740007][ T44] net_ratelimit: 3 callbacks suppressed [ 855.740026][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 856.125229][T28152] netlink: 'syz.0.9792': attribute type 13 has an invalid length. [ 856.144832][T28150] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9791'. [ 856.286444][T22127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 856.743754][T28150] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 856.772528][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 856.808935][T28150] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 856.864967][T28150] bond0 (unregistering): Released all slaves [ 857.812563][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 858.104698][T28206] loop5: detected capacity change from 0 to 7 [ 858.439981][T28206] Dev loop5: unable to read RDB block 7 [ 858.445670][T28206] loop5: unable to read partition table [ 858.487270][T28206] loop5: partition table beyond EOD, truncated [ 858.494424][T28206] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 858.851038][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 858.859653][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 859.362654][T28233] netlink: 188 bytes leftover after parsing attributes in process `syz.4.9831'. [ 859.893155][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 860.699632][T28285] TCP: TCP_TX_DELAY enabled [ 860.931621][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 860.964562][T28293] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9855'. [ 861.108763][T28299] netlink: 108 bytes leftover after parsing attributes in process `syz.4.9858'. [ 861.164542][T28299] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9858'. [ 861.397005][ T44] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 861.649084][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 861.662948][ T44] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 861.692926][ T44] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 861.736853][ T44] usb 4-1: config 0 descriptor?? [ 861.969965][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 861.982001][ T44] usbhid 4-1:0.0: can't add hid device: -71 [ 861.993321][ T44] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 862.018467][ T44] usb 4-1: USB disconnect, device number 26 [ 862.047047][ T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 863.013123][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 864.053543][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 864.643736][T22130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 864.723559][ T30] audit: type=1326 audit(1763130402.310:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28398 comm="syz.0.9901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341498f6c9 code=0x7ffc0000 [ 864.977297][ T30] audit: type=1326 audit(1763130402.310:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28398 comm="syz.0.9901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341498f6c9 code=0x7ffc0000 [ 865.041852][ T30] audit: type=1326 audit(1763130402.310:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28398 comm="syz.0.9901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f341498f6c9 code=0x7ffc0000 [ 865.186050][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 865.296381][ T30] audit: type=1326 audit(1763130402.310:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28398 comm="syz.0.9901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341498f6c9 code=0x7ffc0000 [ 865.381713][T28408] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 866.006700][T25803] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 866.035945][ T5892] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 866.207156][T25803] usb 7-1: Using ep0 maxpacket: 8 [ 866.212319][ T5892] usb 1-1: Using ep0 maxpacket: 16 [ 866.224562][T25803] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 866.256150][ T5892] usb 1-1: config 0 has no interfaces? [ 866.272616][T25803] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 866.283119][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 866.295683][ T5892] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 866.315498][ T5892] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 866.324938][T25803] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 866.345102][ T5892] usb 1-1: Product: syz [ 866.354189][T25803] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 866.367855][ T5892] usb 1-1: Manufacturer: syz [ 866.373331][ T5892] usb 1-1: SerialNumber: syz [ 866.397082][ T5892] r8152-cfgselector 1-1: Unknown version 0x0000 [ 866.403531][T25803] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 866.413009][ T5892] r8152-cfgselector 1-1: config 0 descriptor?? [ 866.426904][T25803] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 866.760980][ T5892] r8152-cfgselector 1-1: USB disconnect, device number 23 [ 866.777455][T25803] usb 7-1: GET_CAPABILITIES returned 0 [ 866.801689][T25803] usbtmc 7-1:16.0: can't read capabilities [ 866.897913][T28448] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9922'. [ 867.038361][ T5892] usb 7-1: USB disconnect, device number 7 [ 867.330105][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 868.231011][T28482] netlink: 36 bytes leftover after parsing attributes in process `syz.6.9939'. [ 868.367770][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 868.856406][ T44] usb 7-1: new full-speed USB device number 8 using dummy_hcd [ 869.019079][ T44] usb 7-1: config 0 has an invalid interface number: 9 but max is 0 [ 869.028341][ T44] usb 7-1: config 0 has no interface number 0 [ 869.066609][ T44] usb 7-1: New USB device found, idVendor=040a, idProduct=0002, bcdDevice=51.8f [ 869.087937][ T44] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 869.105441][ T44] usb 7-1: Product: syz [ 869.113864][ T44] usb 7-1: Manufacturer: syz [ 869.132159][ T44] usb 7-1: SerialNumber: syz [ 869.148097][ T44] usb 7-1: config 0 descriptor?? [ 869.401166][ T44] gspca_main: spca501-2.14.0 probing 040a:0002 [ 869.431773][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 870.368482][T22130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 870.450381][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 870.838527][ T44] gspca_spca501: reg write: error -71 [ 870.845951][ T44] spca501 7-1:0.9: Reg write failed for 0x00,0x00,0x05 [ 870.864226][ T44] spca501 7-1:0.9: probe with driver spca501 failed with error -22 [ 870.887203][ T44] usb 7-1: USB disconnect, device number 8 [ 871.315607][T28554] netlink: 100 bytes leftover after parsing attributes in process `syz.0.9970'. [ 871.500435][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 871.552357][T28564] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9975'. [ 871.561749][T28564] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9975'. [ 871.628525][ T44] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 871.721434][T28572] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9979'. [ 871.788625][ T44] usb 3-1: Using ep0 maxpacket: 8 [ 871.800471][ T44] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 871.809954][ T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 871.826161][ T44] usb 3-1: Product: syz [ 871.836164][ T44] usb 3-1: Manufacturer: syz [ 871.842776][ T44] usb 3-1: SerialNumber: syz [ 871.863629][ T44] usb 3-1: config 0 descriptor?? [ 871.943451][T28579] loop6: detected capacity change from 0 to 2560 [ 871.958263][ T6367] buffer_io_error: 10 callbacks suppressed [ 871.958280][ T6367] Buffer I/O error on dev loop6, logical block 0, async page read [ 871.993128][ T6367] Buffer I/O error on dev loop6, logical block 0, async page read [ 872.011708][ T6367] Buffer I/O error on dev loop6, logical block 0, async page read [ 872.026783][ T6367] Buffer I/O error on dev loop6, logical block 0, async page read [ 872.051112][ T6367] Buffer I/O error on dev loop6, logical block 0, async page read [ 872.069145][ T6367] Buffer I/O error on dev loop6, logical block 0, async page read [ 872.081620][ T6367] Buffer I/O error on dev loop6, logical block 0, async page read [ 872.089831][ T6367] Buffer I/O error on dev loop6, logical block 0, async page read [ 872.098669][ T44] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 872.098743][ T6367] ldm_validate_partition_table(): Disk read failed. [ 872.113909][ T6367] Buffer I/O error on dev loop6, logical block 0, async page read [ 872.127545][ T6367] Buffer I/O error on dev loop6, logical block 0, async page read [ 872.163112][ T6367] Dev loop6: unable to read RDB block 0 [ 872.179529][ T6367] loop6: unable to read partition table [ 872.187496][T28579] ldm_validate_partition_table(): Disk read failed. [ 872.195069][T28579] Dev loop6: unable to read RDB block 0 [ 872.211764][T28579] loop6: unable to read partition table [ 872.221127][T28579] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾‚³˜) failed (rc=-5) [ 872.258384][ T5199] ldm_validate_partition_table(): Disk read failed. [ 872.266406][ T5199] Dev loop6: unable to read RDB block 0 [ 872.273334][ T5199] loop6: unable to read partition table [ 872.526192][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 873.363249][ T44] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 873.386966][ T44] usb 3-1: USB disconnect, device number 32 [ 873.575639][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 874.606094][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 874.764045][T28667] fuse: Bad value for 'fd' [ 875.052817][T28680] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10025'. [ 875.494118][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.500630][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 875.657929][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 876.136663][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 876.692454][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 877.734326][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 878.642802][ T30] audit: type=1326 audit(1763130416.230:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28773 comm="syz.2.10066" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f148f58f6c9 code=0x0 [ 878.772252][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 879.822017][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 879.933356][T28807] netlink: 44 bytes leftover after parsing attributes in process `syz.3.10081'. [ 879.952526][T28807] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10081'. [ 879.972807][T28807] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10081'. [ 880.304426][T28818] binder: 28816:28818 ioctl c0306201 0 returned -14 [ 880.880545][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.252247][T22127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.861102][ T30] audit: type=1326 audit(1763130419.450:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28855 comm="syz.3.10103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1180f8f6c9 code=0x7ffc0000 [ 881.920441][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.982013][ T30] audit: type=1326 audit(1763130419.450:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28855 comm="syz.3.10103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1180f8f6c9 code=0x7ffc0000 [ 882.111400][ T30] audit: type=1326 audit(1763130419.490:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28855 comm="syz.3.10103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f1180f8f6c9 code=0x7ffc0000 [ 882.240787][ T30] audit: type=1326 audit(1763130419.490:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28855 comm="syz.3.10103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1180f8f6c9 code=0x7ffc0000 [ 882.316555][ T30] audit: type=1326 audit(1763130419.490:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28855 comm="syz.3.10103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1180f8f6c9 code=0x7ffc0000 [ 882.445920][ T30] audit: type=1326 audit(1763130419.490:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28855 comm="syz.3.10103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f1180f8f6c9 code=0x7ffc0000 [ 882.564824][ T30] audit: type=1326 audit(1763130419.490:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28855 comm="syz.3.10103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1180f8f6c9 code=0x7ffc0000 [ 882.643638][ T30] audit: type=1326 audit(1763130419.490:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28855 comm="syz.3.10103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1180f8f6c9 code=0x7ffc0000 [ 882.758888][ T30] audit: type=1326 audit(1763130419.500:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28855 comm="syz.3.10103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1180f8f6c9 code=0x7ffc0000 [ 882.932935][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 883.038695][T28888] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10117'. [ 883.222236][T28893] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10119'. [ 883.654697][T28888] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 883.699932][T28888] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 883.727247][T28888] bond0 (unregistering): Released all slaves [ 883.972194][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 884.263277][T28918] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10130'. [ 885.014210][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 885.717388][T28982] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10160'. [ 886.060890][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 886.923419][T29027] IPv6: NLM_F_CREATE should be specified when creating new route [ 887.007620][ T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 887.093842][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 887.390063][T29044] pim6reg: entered allmulticast mode [ 887.477543][T29044] netlink: 'syz.0.10189': attribute type 10 has an invalid length. [ 887.517777][T29044] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 887.543351][T29044] team0: Failed to send options change via netlink (err -105) [ 887.551404][T29044] team0: Port device netdevsim0 added [ 888.193999][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 889.250127][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 890.293650][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 890.992766][T29125] netlink: 116 bytes leftover after parsing attributes in process `syz.0.10223'. [ 891.066329][ T10] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 891.278130][ T10] usb 7-1: Using ep0 maxpacket: 16 [ 891.328981][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 891.332168][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 891.370220][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 891.419484][ T10] usb 7-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 891.444241][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 891.473419][ T10] usb 7-1: config 0 descriptor?? [ 891.924555][T29148] syzkaller0: entered promiscuous mode [ 891.936256][ T10] usbhid 7-1:0.0: can't add hid device: -71 [ 891.953420][T29148] syzkaller0: entered allmulticast mode [ 891.964001][ T10] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 891.995455][ T10] usb 7-1: USB disconnect, device number 9 [ 892.367311][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 892.776720][T22127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 893.423582][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 894.451947][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 895.492196][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 896.199798][T29296] netlink: 80 bytes leftover after parsing attributes in process `syz.3.10300'. [ 896.532992][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 897.276090][ T5906] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 897.475958][ T5906] usb 4-1: Using ep0 maxpacket: 16 [ 897.491690][ T5906] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 897.522364][ T5906] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 897.558381][ T5906] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 897.573643][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 897.602292][ T5906] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 897.619864][ T5906] usb 4-1: Product: syz [ 897.644452][ T5906] usb 4-1: Manufacturer: syz [ 897.655516][ T5906] usb 4-1: SerialNumber: syz [ 898.014832][ T5906] usb 4-1: 0:2 : does not exist [ 898.036085][ T5906] usb 4-1: unit 6 not found! [ 898.125236][ T5906] usb 4-1: USB disconnect, device number 27 [ 898.238872][ T5844] udevd[5844]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 898.536635][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 898.739790][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 899.782396][T29358] [ 899.784796][T29358] ===================================================== [ 899.791745][T29358] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 899.799217][T29358] syzkaller #0 Not tainted [ 899.803745][T29358] ----------------------------------------------------- [ 899.810868][T29358] syz.2.10293/29358 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 899.818686][T29358] ffff88805897ca98 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x199/0x4d0 [ 899.827418][T29358] [ 899.827418][T29358] and this task is already holding: [ 899.834808][T29358] ffff888068b2d468 (&tty->flow.lock){....}-{3:3}, at: start_tty+0x20/0x70 [ 899.843361][T29358] which would create a new lock dependency: [ 899.849259][T29358] (&tty->flow.lock){....}-{3:3} -> (&new->fa_lock){....}-{3:3} [ 899.856935][T29358] [ 899.856935][T29358] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 899.866382][T29358] (&dev->event_lock#2){..-.}-{3:3} [ 899.866418][T29358] [ 899.866418][T29358] ... which became SOFTIRQ-irq-safe at: [ 899.879313][T29358] lock_acquire+0x120/0x360 [ 899.883910][T29358] _raw_spin_lock_irqsave+0xa7/0xf0 [ 899.889205][T29358] input_inject_event+0xa5/0x340 [ 899.894245][T29358] led_trigger_event+0x138/0x210 [ 899.899274][T29358] kbd_bh+0x1c6/0x2e0 [ 899.903346][T29358] tasklet_action_common+0x36c/0x580 [ 899.908727][T29358] handle_softirqs+0x286/0x870 [ 899.913579][T29358] run_ksoftirqd+0x9b/0x100 [ 899.918193][T29358] smpboot_thread_fn+0x542/0xa60 [ 899.923223][T29358] kthread+0x711/0x8a0 [ 899.927409][T29358] ret_from_fork+0x4bc/0x870 [ 899.932094][T29358] ret_from_fork_asm+0x1a/0x30 [ 899.936946][T29358] [ 899.936946][T29358] to a SOFTIRQ-irq-unsafe lock: [ 899.943966][T29358] (tasklist_lock){.+.+}-{3:3} [ 899.943993][T29358] [ 899.943993][T29358] ... which became SOFTIRQ-irq-unsafe at: [ 899.956629][T29358] ... [ 899.956637][T29358] lock_acquire+0x120/0x360 [ 899.963812][T29358] _raw_read_lock+0x36/0x50 [ 899.968410][T29358] __do_wait+0xde/0x740 [ 899.972682][T29358] do_wait+0x1f8/0x510 [ 899.976851][T29358] kernel_wait+0xab/0x170 [ 899.981273][T29358] call_usermodehelper_exec_work+0xbe/0x230 [ 899.987263][T29358] process_scheduled_works+0xae1/0x17b0 [ 899.992901][T29358] worker_thread+0x8a0/0xda0 [ 899.997592][T29358] kthread+0x711/0x8a0 [ 900.001785][T29358] ret_from_fork+0x4bc/0x870 [ 900.006484][T29358] ret_from_fork_asm+0x1a/0x30 [ 900.011349][T29358] [ 900.011349][T29358] other info that might help us debug this: [ 900.011349][T29358] [ 900.021673][T29358] Chain exists of: [ 900.021673][T29358] &dev->event_lock#2 --> &tty->flow.lock --> tasklist_lock [ 900.021673][T29358] [ 900.034865][T29358] Possible interrupt unsafe locking scenario: [ 900.034865][T29358] [ 900.043188][T29358] CPU0 CPU1 [ 900.048559][T29358] ---- ---- [ 900.053928][T29358] lock(tasklist_lock); [ 900.058191][T29358] local_irq_disable(); [ 900.064944][T29358] lock(&dev->event_lock#2); [ 900.072183][T29358] lock(&tty->flow.lock); [ 900.079124][T29358] [ 900.082577][T29358] lock(&dev->event_lock#2); [ 900.087440][T29358] [ 900.087440][T29358] *** DEADLOCK *** [ 900.087440][T29358] [ 900.095586][T29358] 6 locks held by syz.2.10293/29358: [ 900.100869][T29358] #0: ffff888068b2d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 900.110635][T29358] #1: ffff888068b2d2e8 (&tty->termios_rwsem/1){++++}-{4:4}, at: tty_set_termios+0x138/0x17e0 [ 900.120932][T29358] #2: ffff888068b2d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x90 [ 900.130257][T29358] #3: ffff888068b2d468 (&tty->flow.lock){....}-{3:3}, at: start_tty+0x20/0x70 [ 900.139245][T29358] #4: ffff888068b2d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x90 [ 900.148586][T29358] #5: ffffffff8df3d6e0 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x53/0x4d0 [ 900.157845][T29358] [ 900.157845][T29358] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 900.168253][T29358] -> (&dev->event_lock#2){..-.}-{3:3} { [ 900.174004][T29358] IN-SOFTIRQ-W at: [ 900.178163][T29358] lock_acquire+0x120/0x360 [ 900.184673][T29358] _raw_spin_lock_irqsave+0xa7/0xf0 [ 900.191879][T29358] input_inject_event+0xa5/0x340 [ 900.198827][T29358] led_trigger_event+0x138/0x210 [ 900.205769][T29358] kbd_bh+0x1c6/0x2e0 [ 900.211757][T29358] tasklet_action_common+0x36c/0x580 [ 900.219135][T29358] handle_softirqs+0x286/0x870 [ 900.225902][T29358] run_ksoftirqd+0x9b/0x100 [ 900.232416][T29358] smpboot_thread_fn+0x542/0xa60 [ 900.239356][T29358] kthread+0x711/0x8a0 [ 900.245437][T29358] ret_from_fork+0x4bc/0x870 [ 900.252028][T29358] ret_from_fork_asm+0x1a/0x30 [ 900.258793][T29358] INITIAL USE at: [ 900.262863][T29358] lock_acquire+0x120/0x360 [ 900.269427][T29358] _raw_spin_lock_irqsave+0xa7/0xf0 [ 900.276545][T29358] input_inject_event+0xa5/0x340 [ 900.283407][T29358] kbd_led_trigger_activate+0xbc/0x100 [ 900.290782][T29358] led_trigger_set+0x52d/0x950 [ 900.297555][T29358] led_trigger_set_default+0x260/0x2a0 [ 900.304953][T29358] led_classdev_register_ext+0x73d/0x930 [ 900.312502][T29358] input_leds_connect+0x517/0x790 [ 900.319437][T29358] input_register_device+0xd00/0x1140 [ 900.326759][T29358] atkbd_connect+0x72e/0xa00 [ 900.333270][T29358] serio_driver_probe+0x82/0xd0 [ 900.340034][T29358] really_probe+0x26d/0x9e0 [ 900.346474][T29358] __driver_probe_device+0x18c/0x2f0 [ 900.353696][T29358] driver_probe_device+0x4f/0x430 [ 900.360648][T29358] __driver_attach+0x452/0x700 [ 900.367330][T29358] bus_for_each_dev+0x233/0x2b0 [ 900.374096][T29358] serio_handle_event+0x1f9/0x8d0 [ 900.381041][T29358] process_scheduled_works+0xae1/0x17b0 [ 900.388503][T29358] worker_thread+0x8a0/0xda0 [ 900.395026][T29358] kthread+0x711/0x8a0 [ 900.401009][T29358] ret_from_fork+0x4bc/0x870 [ 900.407510][T29358] ret_from_fork_asm+0x1a/0x30 [ 900.414276][T29358] } [ 900.416947][T29358] ... key at: [] input_allocate_device.__key.5+0x0/0x20 [ 900.426153][T29358] -> (kbd_event_lock){....}-{3:3} { [ 900.431462][T29358] INITIAL USE at: [ 900.435485][T29358] lock_acquire+0x120/0x360 [ 900.441736][T29358] _raw_spin_lock_irqsave+0xa7/0xf0 [ 900.448769][T29358] vt_reset_unicode+0x2b/0x160 [ 900.455287][T29358] reset_vc+0x68/0x1b0 [ 900.461100][T29358] vc_init+0x70/0x4a0 [ 900.466828][T29358] con_init+0x385/0x9c0 [ 900.472730][T29358] console_init+0x10e/0x430 [ 900.479006][T29358] start_kernel+0x254/0x410 [ 900.485252][T29358] x86_64_start_reservations+0x24/0x30 [ 900.492464][T29358] x86_64_start_kernel+0x143/0x1c0 [ 900.499323][T29358] common_startup_64+0x13e/0x147 [ 900.506006][T29358] } [ 900.508596][T29358] ... key at: [] kbd_event_lock+0x18/0xa0 [ 900.516502][T29358] ... acquired at: [ 900.520417][T29358] lock_acquire+0x120/0x360 [ 900.525096][T29358] _raw_spin_lock+0x2e/0x40 [ 900.529782][T29358] kbd_event+0xd2/0x3f70 [ 900.534209][T29358] input_handle_events_default+0xd4/0x1a0 [ 900.540129][T29358] input_pass_values+0x288/0x890 [ 900.545245][T29358] input_event_dispose+0x330/0x6b0 [ 900.550548][T29358] input_inject_event+0x1dd/0x340 [ 900.555761][T29358] evdev_write+0x2fc/0x480 [ 900.560363][T29358] vfs_write+0x27e/0xb30 [ 900.564790][T29358] ksys_write+0x145/0x250 [ 900.569301][T29358] do_syscall_64+0xfa/0xfa0 [ 900.574008][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 900.580077][T29358] [ 900.582405][T29358] -> (&tty->flow.lock){....}-{3:3} { [ 900.587727][T29358] INITIAL USE at: [ 900.591630][T29358] lock_acquire+0x120/0x360 [ 900.597702][T29358] _raw_spin_lock_irqsave+0xa7/0xf0 [ 900.604476][T29358] start_tty+0x20/0x70 [ 900.610117][T29358] n_tty_set_termios+0xa7c/0x1090 [ 900.616710][T29358] tty_set_termios+0xda4/0x17e0 [ 900.623142][T29358] set_termios+0x516/0x6c0 [ 900.629162][T29358] tty_mode_ioctl+0x47e/0x740 [ 900.635405][T29358] tty_ioctl+0x9c6/0xde0 [ 900.641220][T29358] __se_sys_ioctl+0xfc/0x170 [ 900.647382][T29358] do_syscall_64+0xfa/0xfa0 [ 900.653464][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 900.660923][T29358] } [ 900.663427][T29358] ... key at: [] alloc_tty_struct.__key.35+0x0/0x20 [ 900.672115][T29358] ... acquired at: [ 900.675920][T29358] lock_acquire+0x120/0x360 [ 900.680614][T29358] _raw_spin_lock_irqsave+0xa7/0xf0 [ 900.685998][T29358] stop_tty+0x2f/0x150 [ 900.690247][T29358] kbd_event+0x2b72/0x3f70 [ 900.694853][T29358] input_handle_events_default+0xd4/0x1a0 [ 900.700754][T29358] input_pass_values+0x288/0x890 [ 900.705877][T29358] input_event_dispose+0x330/0x6b0 [ 900.711185][T29358] input_inject_event+0x1dd/0x340 [ 900.716398][T29358] evdev_write+0x2fc/0x480 [ 900.720992][T29358] vfs_write+0x27e/0xb30 [ 900.725417][T29358] ksys_write+0x145/0x250 [ 900.729972][T29358] do_syscall_64+0xfa/0xfa0 [ 900.734688][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 900.740754][T29358] [ 900.743075][T29358] [ 900.743075][T29358] the dependencies between the lock to be acquired [ 900.743085][T29358] and SOFTIRQ-irq-unsafe lock: [ 900.756726][T29358] -> (tasklist_lock){.+.+}-{3:3} { [ 900.762043][T29358] HARDIRQ-ON-R at: [ 900.766211][T29358] lock_acquire+0x120/0x360 [ 900.772743][T29358] _raw_read_lock+0x36/0x50 [ 900.779304][T29358] __do_wait+0xde/0x740 [ 900.785501][T29358] do_wait+0x1f8/0x510 [ 900.791677][T29358] kernel_wait+0xab/0x170 [ 900.798015][T29358] call_usermodehelper_exec_work+0xbe/0x230 [ 900.805913][T29358] process_scheduled_works+0xae1/0x17b0 [ 900.813462][T29358] worker_thread+0x8a0/0xda0 [ 900.820059][T29358] kthread+0x711/0x8a0 [ 900.826134][T29358] ret_from_fork+0x4bc/0x870 [ 900.832752][T29358] ret_from_fork_asm+0x1a/0x30 [ 900.839538][T29358] SOFTIRQ-ON-R at: [ 900.843711][T29358] lock_acquire+0x120/0x360 [ 900.850221][T29358] _raw_read_lock+0x36/0x50 [ 900.856741][T29358] __do_wait+0xde/0x740 [ 900.862926][T29358] do_wait+0x1f8/0x510 [ 900.869008][T29358] kernel_wait+0xab/0x170 [ 900.875353][T29358] call_usermodehelper_exec_work+0xbe/0x230 [ 900.883249][T29358] process_scheduled_works+0xae1/0x17b0 [ 900.890829][T29358] worker_thread+0x8a0/0xda0 [ 900.897427][T29358] kthread+0x711/0x8a0 [ 900.903503][T29358] ret_from_fork+0x4bc/0x870 [ 900.910097][T29358] ret_from_fork_asm+0x1a/0x30 [ 900.916871][T29358] INITIAL USE at: [ 900.920959][T29358] lock_acquire+0x120/0x360 [ 900.927376][T29358] _raw_write_lock_irq+0xa2/0xf0 [ 900.934237][T29358] copy_process+0x224f/0x3c00 [ 900.940835][T29358] kernel_clone+0x21e/0x840 [ 900.947261][T29358] user_mode_thread+0xdd/0x140 [ 900.953952][T29358] rest_init+0x23/0x300 [ 900.960031][T29358] start_kernel+0x3ae/0x410 [ 900.966455][T29358] x86_64_start_reservations+0x24/0x30 [ 900.973847][T29358] x86_64_start_kernel+0x143/0x1c0 [ 900.980884][T29358] common_startup_64+0x13e/0x147 [ 900.987741][T29358] INITIAL READ USE at: [ 900.992265][T29358] lock_acquire+0x120/0x360 [ 900.999119][T29358] _raw_read_lock+0x36/0x50 [ 901.006074][T29358] __do_wait+0xde/0x740 [ 901.012603][T29358] do_wait+0x1f8/0x510 [ 901.019038][T29358] kernel_wait+0xab/0x170 [ 901.025740][T29358] call_usermodehelper_exec_work+0xbe/0x230 [ 901.033983][T29358] process_scheduled_works+0xae1/0x17b0 [ 901.041901][T29358] worker_thread+0x8a0/0xda0 [ 901.048932][T29358] kthread+0x711/0x8a0 [ 901.055464][T29358] ret_from_fork+0x4bc/0x870 [ 901.062407][T29358] ret_from_fork_asm+0x1a/0x30 [ 901.069524][T29358] } [ 901.072208][T29358] ... key at: [] tasklist_lock+0x18/0x40 [ 901.080116][T29358] ... acquired at: [ 901.084177][T29358] lock_acquire+0x120/0x360 [ 901.088882][T29358] _raw_read_lock+0x36/0x50 [ 901.093575][T29358] send_sigurg+0x12b/0x420 [ 901.098176][T29358] sk_send_sigurg+0x6c/0x2e0 [ 901.102949][T29358] tcp_check_urg+0x200/0x760 [ 901.107723][T29358] tcp_urg+0x164/0x3f0 [ 901.111977][T29358] tcp_rcv_established+0x132a/0x2670 [ 901.117539][T29358] tcp_v4_do_rcv+0xa90/0x1430 [ 901.122401][T29358] __release_sock+0x265/0x3a0 [ 901.127285][T29358] release_sock+0x5f/0x1f0 [ 901.131890][T29358] tcp_sendmsg+0x39/0x50 [ 901.136320][T29358] __sock_sendmsg+0xe5/0x270 [ 901.141095][T29358] ____sys_sendmsg+0x505/0x830 [ 901.146037][T29358] ___sys_sendmsg+0x21f/0x2a0 [ 901.150891][T29358] __x64_sys_sendmsg+0x19b/0x260 [ 901.156014][T29358] do_syscall_64+0xfa/0xfa0 [ 901.160716][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.166794][T29358] [ 901.169124][T29358] -> (&f_owner->lock){....}-{3:3} { [ 901.174441][T29358] INITIAL USE at: [ 901.178426][T29358] lock_acquire+0x120/0x360 [ 901.184676][T29358] _raw_write_lock_irq+0xa2/0xf0 [ 901.191364][T29358] __f_setown+0x67/0x370 [ 901.197365][T29358] generic_setlease+0xd60/0x1240 [ 901.204052][T29358] fcntl_setlease+0x3a2/0x4c0 [ 901.210479][T29358] do_fcntl+0x6a9/0x1910 [ 901.216466][T29358] __se_sys_fcntl+0xc8/0x150 [ 901.222800][T29358] do_syscall_64+0xfa/0xfa0 [ 901.229054][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.236691][T29358] INITIAL READ USE at: [ 901.241113][T29358] lock_acquire+0x120/0x360 [ 901.247795][T29358] _raw_read_lock_irqsave+0xaf/0x100 [ 901.255265][T29358] send_sigurg+0x55/0x420 [ 901.261776][T29358] sk_send_sigurg+0x6c/0x2e0 [ 901.268566][T29358] queue_oob+0x420/0x4f0 [ 901.274997][T29358] unix_stream_sendmsg+0xc3f/0xdf0 [ 901.282286][T29358] __sock_sendmsg+0x21c/0x270 [ 901.289146][T29358] ____sys_sendmsg+0x52d/0x830 [ 901.296088][T29358] ___sys_sendmsg+0x21f/0x2a0 [ 901.302938][T29358] __sys_sendmmsg+0x227/0x430 [ 901.309788][T29358] __x64_sys_sendmmsg+0xa0/0xc0 [ 901.316814][T29358] do_syscall_64+0xfa/0xfa0 [ 901.323501][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.331578][T29358] } [ 901.334162][T29358] ... key at: [] file_f_owner_allocate.__key+0x0/0x20 [ 901.343114][T29358] ... acquired at: [ 901.347009][T29358] lock_acquire+0x120/0x360 [ 901.351690][T29358] _raw_read_lock_irqsave+0xaf/0x100 [ 901.357161][T29358] send_sigio+0x38/0x370 [ 901.361587][T29358] kill_fasync+0x24d/0x4d0 [ 901.366188][T29358] sock_wake_async+0x137/0x160 [ 901.371146][T29358] sock_def_readable+0x3bb/0x550 [ 901.376269][T29358] tcp_urg+0x2e6/0x3f0 [ 901.380528][T29358] tcp_rcv_established+0x132a/0x2670 [ 901.386002][T29358] tcp_v4_do_rcv+0xa90/0x1430 [ 901.390863][T29358] __release_sock+0x265/0x3a0 [ 901.395724][T29358] release_sock+0x5f/0x1f0 [ 901.400324][T29358] tcp_sendmsg+0x39/0x50 [ 901.404758][T29358] __sock_sendmsg+0xe5/0x270 [ 901.409533][T29358] ____sys_sendmsg+0x505/0x830 [ 901.414479][T29358] ___sys_sendmsg+0x21f/0x2a0 [ 901.419332][T29358] __x64_sys_sendmsg+0x19b/0x260 [ 901.424449][T29358] do_syscall_64+0xfa/0xfa0 [ 901.429137][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.435209][T29358] [ 901.437558][T29358] -> (&new->fa_lock){....}-{3:3} { [ 901.442694][T29358] INITIAL USE at: [ 901.446595][T29358] lock_acquire+0x120/0x360 [ 901.452666][T29358] _raw_write_lock_irq+0xa2/0xf0 [ 901.459179][T29358] fasync_insert_entry+0xc3/0x270 [ 901.465782][T29358] lease_setup+0x86/0x110 [ 901.471691][T29358] generic_setlease+0xd60/0x1240 [ 901.478210][T29358] fcntl_setlease+0x3a2/0x4c0 [ 901.484465][T29358] do_fcntl+0x6a9/0x1910 [ 901.490288][T29358] __se_sys_fcntl+0xc8/0x150 [ 901.496456][T29358] do_syscall_64+0xfa/0xfa0 [ 901.502539][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.510000][T29358] INITIAL READ USE at: [ 901.514337][T29358] lock_acquire+0x120/0x360 [ 901.520844][T29358] _raw_read_lock_irqsave+0xaf/0x100 [ 901.528140][T29358] kill_fasync+0x199/0x4d0 [ 901.534571][T29358] sock_wake_async+0x137/0x160 [ 901.541346][T29358] sock_def_error_report+0x332/0x390 [ 901.548643][T29358] sk_error_report+0x48/0x290 [ 901.555331][T29358] tls_rx_msg_size+0x3f4/0x5c0 [ 901.562096][T29358] tls_strp_check_rcv+0x94b/0xe30 [ 901.569136][T29358] tls_rx_rec_wait+0x3fa/0xac0 [ 901.575917][T29358] tls_sw_recvmsg+0x717/0x18a0 [ 901.582791][T29358] inet6_recvmsg+0x237/0x6b0 [ 901.589411][T29358] sock_recvmsg+0x105/0x270 [ 901.595960][T29358] __sys_recvfrom+0x1f6/0x340 [ 901.602636][T29358] __x64_sys_recvfrom+0xde/0x100 [ 901.609573][T29358] do_syscall_64+0xfa/0xfa0 [ 901.616100][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.624017][T29358] } [ 901.626529][T29358] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 901.635217][T29358] ... acquired at: [ 901.639017][T29358] lock_acquire+0x120/0x360 [ 901.643697][T29358] _raw_read_lock_irqsave+0xaf/0x100 [ 901.649165][T29358] kill_fasync+0x199/0x4d0 [ 901.653770][T29358] __start_tty+0x18c/0x220 [ 901.658376][T29358] start_tty+0x2b/0x70 [ 901.662659][T29358] n_tty_set_termios+0xa7c/0x1090 [ 901.667867][T29358] tty_set_termios+0xda4/0x17e0 [ 901.672913][T29358] set_termios+0x516/0x6c0 [ 901.677513][T29358] tty_mode_ioctl+0x47e/0x740 [ 901.682464][T29358] tty_ioctl+0x9c6/0xde0 [ 901.686899][T29358] __se_sys_ioctl+0xfc/0x170 [ 901.691672][T29358] do_syscall_64+0xfa/0xfa0 [ 901.696362][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.702449][T29358] [ 901.704771][T29358] [ 901.704771][T29358] stack backtrace: [ 901.710678][T29358] CPU: 1 UID: 0 PID: 29358 Comm: syz.2.10293 Not tainted syzkaller #0 PREEMPT(full) [ 901.710700][T29358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 901.710715][T29358] Call Trace: [ 901.710724][T29358] [ 901.710733][T29358] dump_stack_lvl+0x189/0x250 [ 901.710760][T29358] ? __pfx_dump_stack_lvl+0x10/0x10 [ 901.710782][T29358] ? __pfx__printk+0x10/0x10 [ 901.710804][T29358] validate_chain+0x1f05/0x2140 [ 901.710834][T29358] __lock_acquire+0xab9/0xd20 [ 901.710853][T29358] ? kill_fasync+0x199/0x4d0 [ 901.710872][T29358] lock_acquire+0x120/0x360 [ 901.710887][T29358] ? kill_fasync+0x199/0x4d0 [ 901.710912][T29358] _raw_read_lock_irqsave+0xaf/0x100 [ 901.710935][T29358] ? kill_fasync+0x199/0x4d0 [ 901.710960][T29358] ? __pfx__raw_read_lock_irqsave+0x10/0x10 [ 901.710986][T29358] kill_fasync+0x199/0x4d0 [ 901.711005][T29358] ? kill_fasync+0x53/0x4d0 [ 901.711025][T29358] ? __pfx_n_tty_write_wakeup+0x10/0x10 [ 901.711044][T29358] __start_tty+0x18c/0x220 [ 901.711066][T29358] start_tty+0x2b/0x70 [ 901.711088][T29358] n_tty_set_termios+0xa7c/0x1090 [ 901.711108][T29358] ? __pfx_n_tty_set_termios+0x10/0x10 [ 901.711126][T29358] tty_set_termios+0xda4/0x17e0 [ 901.711148][T29358] ? __pfx_tty_set_termios+0x10/0x10 [ 901.711175][T29358] set_termios+0x516/0x6c0 [ 901.711201][T29358] ? __pfx_set_termios+0x10/0x10 [ 901.711223][T29358] ? tty_ldisc_ref_wait+0x25/0x70 [ 901.711247][T29358] ? get_signal+0x1150/0x1340 [ 901.711269][T29358] tty_mode_ioctl+0x47e/0x740 [ 901.711291][T29358] ? __pfx_tty_mode_ioctl+0x10/0x10 [ 901.711311][T29358] ? tty_ldisc_ref_wait+0x25/0x70 [ 901.711333][T29358] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 901.711358][T29358] ? n_tty_ioctl_helper+0x8e/0x340 [ 901.711380][T29358] ? __pfx_n_tty_ioctl+0x10/0x10 [ 901.711396][T29358] tty_ioctl+0x9c6/0xde0 [ 901.711419][T29358] ? __pfx_tty_ioctl+0x10/0x10 [ 901.711442][T29358] __se_sys_ioctl+0xfc/0x170 [ 901.711465][T29358] do_syscall_64+0xfa/0xfa0 [ 901.711489][T29358] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.711506][T29358] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 901.711529][T29358] ? clear_bhb_loop+0x60/0xb0 [ 901.711547][T29358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.711567][T29358] RIP: 0033:0x7f148f58f6c9 [ 901.711591][T29358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 901.711607][T29358] RSP: 002b:00007f14903fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 901.711625][T29358] RAX: ffffffffffffffda RBX: 00007f148f7e6090 RCX: 00007f148f58f6c9 [ 901.711638][T29358] RDX: 0000200000000140 RSI: 0000000000005402 RDI: 0000000000000004 [ 901.711650][T29358] RBP: 00007f148f611f91 R08: 0000000000000000 R09: 0000000000000000 [ 901.711660][T29358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 901.711670][T29358] R13: 00007f148f7e6128 R14: 00007f148f7e6090 R15: 00007f148f90fa28 [ 901.711689][T29358] [ 902.000713][ C1] vkms_vblank_simulate: vblank timer overrun [ 902.056467][ T30] kauditd_printk_skb: 18 callbacks suppressed [ 902.056486][ T30] audit: type=1326 audit(1763130439.650:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29353 comm="syz.3.10325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1180f8f6c9 code=0x7fc00000 [ 902.076280][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 903.098094][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 903.646256][T22130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 904.128993][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 905.170733][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 906.219344][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 907.251489][ T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 908.299263][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 909.328056][ T5906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 909.416232][T22130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog