last executing test programs: 1m42.469656379s ago: executing program 0 (id=1218): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12012000f1048108cd060202d492e4ff000109021b19f1000000d40904150001da40df000905", @ANYRES32], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 1m29.716165426s ago: executing program 1 (id=1220): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x94, 0x0, 0x1, 0x409, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0) 1m22.160120192s ago: executing program 1 (id=1221): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x9, &(0x7f0000000180)=0x1, 0x4) getsockopt$inet6_tcp_int(r0, 0x6, 0x9, 0x0, &(0x7f00000003c0)) 1m19.13915917s ago: executing program 0 (id=1222): r0 = socket$netlink(0x10, 0x3, 0x15) recvmmsg(r0, &(0x7f0000019740)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}, 0xe}], 0x2, 0x0, 0x0) writev(r0, &(0x7f0000019880)=[{&(0x7f0000000000)="3900000013000b4700bb65e1c3e4ffff0100000035000000560000022500000019000a00100000ad07fd17e5ffff080c38000000000000000a", 0x39}], 0x1) 1m6.931334559s ago: executing program 1 (id=1223): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000080)="0200000009800000", 0x8) 1m2.41138489s ago: executing program 0 (id=1224): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001140)=ANY=[@ANYBLOB="bf16000000000000b70700000100e0ff5070000028000000770000000000000095000200000000007ae9413df8ff0af5aa35339f4b382c4cad9db67dc983134d04ef2fd6fa7a9b857b72abaca100af1ba23d69883c073ec10500000000000000000000000000ac0e064c27bdfbd301150500000000000000bfdc995279d64072aacbb0595b950600009ad3bf16a461e48e955a772d4062093f4cb1c3d9532abad2085401f098eb039ae4f4103699b9e079229c1a72cb6d47cef1595e84d21951010f0274b1445a2ad6a7ad73827cccc21842599e0ae7b91f0b858b7b67aa0b28d69a74ffdea61be892f0f9ff9468e42aea53ee0cb83ff180aa18b625d1667459c7cba77cff9dc8c2772fe552fecfcd1778b08381000000c0b8e14631d521207e7423d86508416780983c2f380bc01cefe9773a9a5cd5b24aa24a561e72393c0ce2bf44825b05c1779fe74f884c2472ab45c2af60289cb199963312dd1929096c6f49d116f1612a7b97f77169fa5e8a66a372ef8e3ee7167f7d2a26fc6c3cfa4dc5860277223d6eb3460e3b10a0dc9400010000ca11d7beb5e700498b43bdadc916c01264d22d7969530633f94b257fbc5da7a96820e31044c0b0f62619c9e351996185e4015510875b774666ba5c0ba9845ad25b578d7d714ff3a85586b9b452301f5470d0e0ae5d7f82f178f0c7c9c8f44c390c8a2c5be9e24a125420912ec9a3149f87b35ef1169f05e49164a4944e7b4da2097f57020dd4f1f4f15edd7a0b1e24c6f79e1ea72a29c773f40f5bd9a6d7926c5c741f5aa85405273c7967d2c1a14efe0d5322cdcf2bc058ff9acb481926312f04008b1044e8c1c17d8c562edf69f4db96e059c49ec69a6086b5a3d24f4c7810ab5f6a9f9eb5c881883e5671bbca4614df48103ca6e408910000000000f784583b63fcd46293e1ea56bd87915783a144d41669cd2c52dbb03e2b7384f100000000000000000090bd4fa6a2d30dafd3a04d373eaf151dfbbb744f0f1ce962217b32ad159f41671f002c3a25b4efbc3b193e0954f71c7f240a7cdc5bf9be12ca0e82d2a408c8f882760331612a7c3d74386b3268e0c2a95396f6d16b8309cc192295fea2d0ce983baef6deecca6b6268b6cc965f2623bac861e31026a6aba7ebf78a614092257e3a4e52b7b1628dc33a425dce56fc939b96fbb66e131ba7651b542c86650336735d315c26bae977ff5a619b2534a5d1479e9090447aa860b81b905ded2f52ab9c741fc3a05030476b159690a811416d59f9d92c84fcbf0146be0330e1127cc4bb4e4c94d603f449279874e44113e9de94fbc14891af08e20a4701f0f8788b357815cf4ca3da2066ee6604ac6ab6ec54a111bd5b1887e74eb854010cc2dc95b06ceddfbc1b914be267fc29e6cf2301291ca8de0eed796d9e5e356861349b0fc217592e962360e714bb93a2e936f70873e773b9b6c056f28a36185bb8ecdcd3332528ab2d05be93bc69a373ac9d20fa087015481cfba74612d93104db153f89d03d6ce620f1f25be68b9cb2d225711c1b288ec6464111db1b40dbce06fd1bd887d7254476c9c70fe79be0fb7810e054b6e2205c2b4b27f13751639c581dac83889ed6eea54c798f2287c9d5345b0c49f78b9aa27a9c96ce5e43b6ca11bb6375ed390773315d19b596a60500330115bb100d0ea1511e29720d5f712eedd8e165af0c1d591fdbbd84e654b0e60c338c530a9e8ae1316a889134204f9db96e870bc1c5ffc1bdb2394d77e6c751f9d87ef42f6d53293f31ff4b60912fa0777c59db1ff74ba90026eed627e0f8ab250c8c6d51d86030e6be4a8982684c12c1c435d586ce106d0b4cd0f5fabcc5fbe30db5e715646867122ef50f767e215f92d407ad1c6575eccfe25f76aaf388008ec2217c9ba0f807edebe686b420287b6e0c6f14a48c82ec45f1aa7ac2508932d0e3a5834a1a4e20bc9bb2a802304900d6bef57bd9c081b45520e7bd491a0ef1bfec4721cc70962f4d55f01bae699cb3fe31c179f00dc79140333fa4e85ec393dd01bdc5bf79677453a30c63d1561a35c5e94e3cad80136e753052b08901965293bcf5f9de9c8019a1fdebddb255427326deea4506d2cc2949df6a5c13fbcc36cbcd0f0d35602668c3bc7c7264457f161a51"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r0, 0x0, 0xe40, 0x0, &(0x7f00000006c0)="ffffffff106c3ed990f77e9eb3cf", 0x0, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 50.879187558s ago: executing program 1 (id=1225): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x17, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000000000085000000a000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000017000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 40.993216982s ago: executing program 0 (id=1226): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000001c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00010b00000400bf00"}, 0x5, 0x1080000001}}}, 0x90) 28.511609421s ago: executing program 1 (id=1227): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x2, 0x11, 0x0, 0x0, 0x0, [@sadb_key={0x3, 0x8, 0x68, 0x0, "041f6255dd400d223296421054"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @dev}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0x88}, 0x1, 0x7}, 0x0) 6.593551691s ago: executing program 0 (id=1228): sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="d0000000", @ANYRES16=0x0, @ANYBLOB="010004000000fbdbdf250100000008000100010000000800020001000000ac000c8054000b800800090050ee645e08000a00a58d00000800090052391d0208000a00cafc000008000900816e4a6208000a007451000008000a00aaef000008000900c50f1f0308000a00cae1000008000900d0ce38130c000b80080009006c8315520c00f37923475ed36730a0255b68a865c4250b8008000a000f0500000c000b8008000a0062ea00001c000b8008000a0071"], 0xd0}, 0x1, 0x0, 0x0, 0x24048000}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e000000180002"], 0x50}}, 0x0) 6.98985ms ago: executing program 0 (id=1229): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000), 0x8) 0s ago: executing program 1 (id=1230): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_CONNECT(r0, &(0x7f0000000140)={0x6, 0x118, 0xfa00, {{0x0, 0x0, "be12c945519c8f1709445776e1f6859b0bbc345082cd40e1239e9de67e8a5fec0681f1a523e3b81a9ac4ac39580c18f2a6a2caa3eab63cfcee20f4b5537b128304a235cf7918abd6aaf297b695adee12800e7c30277de9c4570103ed3bbada94232d46f984b59260cccf81967870b2af7863b8d1c0584bf5a164f2f9dd3771b0f8ad6238ad113b01fcca86606c6f59b9d1f9c6efb4c17a8d9a58b1b2ef91a90761ad83975a88c4a2d59fcdb0c407e09b44cdbb9dbd7f5b359bbe00064bc82ef443a79f844f6175b1685ff7d54f684bf8fdf1d0b70067d1ec4f40c4e9486dad70e40f4372ba08473f68161d7ca57501f5ef21a15585200e98187f9fa56bcb4ecd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, r1}}, 0x120) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:54487' (ED25519) to the list of known hosts. syzkaller login: [ 309.714120][ T3176] cgroup: Unknown subsys name 'net' [ 310.256946][ T3176] cgroup: Unknown subsys name 'cpuset' [ 310.404430][ T3176] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 361.672513][ T3176] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 422.852941][ T3186] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 423.203178][ T3186] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 423.382427][ T3190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 423.677536][ T3190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 434.916671][ T3186] hsr_slave_0: entered promiscuous mode [ 434.957913][ T3186] hsr_slave_1: entered promiscuous mode [ 436.822784][ T3190] hsr_slave_0: entered promiscuous mode [ 436.911839][ T3190] hsr_slave_1: entered promiscuous mode [ 436.951679][ T3190] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 436.955269][ T3190] Cannot create hsr debugfs directory [ 444.454232][ T3186] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 444.598010][ T3186] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 444.710854][ T3186] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 444.860443][ T3186] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 446.241541][ T3190] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 446.422950][ T3190] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 446.522016][ T3190] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 446.646957][ T3190] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 457.984881][ T3186] 8021q: adding VLAN 0 to HW filter on device bond0 [ 460.681790][ T3190] 8021q: adding VLAN 0 to HW filter on device bond0 [ 490.331690][ T3186] veth0_vlan: entered promiscuous mode [ 490.753419][ T3186] veth1_vlan: entered promiscuous mode [ 493.915688][ T3186] veth0_macvtap: entered promiscuous mode [ 494.249398][ T3186] veth1_macvtap: entered promiscuous mode [ 497.092329][ T3186] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.096192][ T3186] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.101741][ T3186] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.103585][ T3186] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.477235][ T3190] veth0_vlan: entered promiscuous mode [ 498.893266][ T3190] veth1_vlan: entered promiscuous mode [ 501.100077][ T3190] veth0_macvtap: entered promiscuous mode [ 501.495900][ T3190] veth1_macvtap: entered promiscuous mode [ 501.715097][ T3186] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 503.978070][ T3190] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 503.984644][ T3190] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 503.986751][ T3190] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 504.031699][ T3190] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 550.253645][ T3932] capability: warning: `syz.0.27' uses 32-bit capabilities (legacy support in use) [ 580.528136][ T3983] lo speed is unknown, defaulting to 1000 [ 580.534597][ T3983] lo speed is unknown, defaulting to 1000 [ 580.562753][ T3983] lo speed is unknown, defaulting to 1000 [ 580.647878][ T3983] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 580.805495][ T3983] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 581.283530][ T3983] lo speed is unknown, defaulting to 1000 [ 581.313398][ T3983] lo speed is unknown, defaulting to 1000 [ 590.800550][ T4004] netlink: 8 bytes leftover after parsing attributes in process `syz.1.57'. [ 607.887922][ T4028] hugetlbfs: Bad value 'm' for mount option 'size' [ 607.887922][ T4028] [ 612.700324][ T4037] netlink: 8 bytes leftover after parsing attributes in process `syz.0.72'. [ 612.703333][ T4037] netlink: 4 bytes leftover after parsing attributes in process `syz.0.72'. [ 612.705536][ T4037] netlink: 'syz.0.72': attribute type 18 has an invalid length. [ 630.633161][ T4061] atomic_op ff60000019b2b198 conn xmit_atomic 0000000000000000 [ 632.371510][ T4063] x_tables: ip_tables: CONNSECMARK.0 target: invalid size 8 (kernel) != (user) 16 [ 635.874170][ T4068] ======================================================= [ 635.874170][ T4068] WARNING: The mand mount option has been deprecated and [ 635.874170][ T4068] and is ignored by this kernel. Remove the mand [ 635.874170][ T4068] option from the mount to silence this warning. [ 635.874170][ T4068] ======================================================= [ 668.547453][ T4121] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 677.695697][ T4136] Invalid logical block size (768) [ 682.974044][ T4144] can0: slcan on ttynull. [ 683.643155][ T4143] can0 (unregistered): slcan off ttynull. [ 695.626145][ T4170] capability: warning: `syz.1.129' uses deprecated v2 capabilities in a way that may be insecure [ 727.075716][ T34] audit: type=1326 audit(726.270:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4227 comm="syz.0.156" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x0 [ 771.154433][ T4294] binder: 4292:4294 unknown command 1702047345 [ 771.156112][ T4294] binder: 4292:4294 ioctl c0306201 20000080 returned -22 [ 776.172753][ T4303] netlink: 8 bytes leftover after parsing attributes in process `syz.0.188'. [ 776.173456][ T4303] netlink: 'syz.0.188': attribute type 3 has an invalid length. [ 776.423273][ T4303] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 776.425780][ T4303] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 776.427020][ T4303] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 776.428926][ T4303] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 786.910649][ T4323] Illegal XDP return value 65536 on prog (id 15) dev N/A, expect packet loss! [ 815.632173][ T4353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.208'. [ 815.634763][ T4353] netlink: 12 bytes leftover after parsing attributes in process `syz.1.208'. [ 819.684079][ T3782] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 820.022829][ T3782] usb 2-1: Using ep0 maxpacket: 16 [ 820.175621][ T3782] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 820.182915][ T3782] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 820.185617][ T3782] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 820.192298][ T3782] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 820.194713][ T3782] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 820.306481][ T3782] usb 2-1: config 0 descriptor?? [ 821.520475][ T3782] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 821.597999][ T3782] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0001/input/input1 [ 821.895625][ T3782] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 822.053889][ T3782] usb 2-1: USB disconnect, device number 2 [ 842.015002][ T4403] syz.0.217 uses obsolete (PF_INET,SOCK_PACKET) [ 864.272902][ T25] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 864.885744][ T25] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 864.894448][ T25] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 864.903289][ T25] usb 2-1: config 0 interface 0 has no altsetting 0 [ 864.906760][ T25] usb 2-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 864.927920][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 865.011412][ T3782] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 865.105920][ T25] usb 2-1: config 0 descriptor?? [ 865.291776][ T3782] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 865.293386][ T3782] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 865.380291][ T3782] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 865.381809][ T3782] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 865.383293][ T3782] usb 1-1: SerialNumber: syz [ 867.986210][ T3782] usb 1-1: 0:2 : does not exist [ 868.012152][ T3782] usb 1-1: unit 5: unexpected type 0x03 [ 868.524740][ T3782] usb 1-1: USB disconnect, device number 2 [ 869.205420][ T25] lenovo 0003:17EF:6009.0002: hidraw0: USB HID v0.00 Device [HID 17ef:6009] on usb-dummy_hcd.1-1/input0 [ 869.422967][ T25] usb 2-1: USB disconnect, device number 3 [ 893.209756][ T4511] lo speed is unknown, defaulting to 1000 [ 906.592790][ T4556] netlink: 12 bytes leftover after parsing attributes in process `syz.0.262'. [ 945.926568][ T4628] trusted_key: encrypted_key: master key parameter '' is invalid [ 948.774555][ T4065] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 949.295995][ T4065] usb 2-1: Using ep0 maxpacket: 16 [ 949.415517][ T4065] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 949.417723][ T4065] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 949.421536][ T4065] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 949.492580][ T4065] usb 2-1: config 0 descriptor?? [ 949.649397][ T4065] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input2 [ 956.074633][ T4634] bcm5974 2-1:0.0: could not read from device [ 956.214481][ T4065] usb 2-1: USB disconnect, device number 4 [ 980.276447][ T4698] netlink: 12 bytes leftover after parsing attributes in process `syz.1.319'. [ 982.221291][ T4704] netlink: 8 bytes leftover after parsing attributes in process `syz.1.321'. [ 982.222790][ T4704] netlink: 4 bytes leftover after parsing attributes in process `syz.1.321'. [ 982.224094][ T4704] netlink: 'syz.1.321': attribute type 11 has an invalid length. [ 988.840119][ T3782] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 989.234437][ T3782] usb 1-1: config 0 interface 0 has no altsetting 0 [ 989.261043][ T3782] usb 1-1: New USB device found, idVendor=046d, idProduct=c50c, bcdDevice= 0.00 [ 989.263365][ T3782] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 989.402814][ T3782] usb 1-1: config 0 descriptor?? [ 990.816643][ T3782] logitech 0003:046D:C50C.0003: collection stack underflow [ 990.821087][ T3782] logitech 0003:046D:C50C.0003: item 0 2 0 12 parsing failed [ 990.839984][ T3782] logitech 0003:046D:C50C.0003: parse failed [ 990.843634][ T3782] logitech 0003:046D:C50C.0003: probe with driver logitech failed with error -22 [ 991.308072][ T3782] usb 1-1: USB disconnect, device number 3 [ 992.261160][ T4722] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1005.630215][ T4754] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 1007.443966][ T4758] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«= [ 1007.446140][ T4758] [U] J"—e:ÀÆ" [ 1015.977949][ T4775] netlink: 8 bytes leftover after parsing attributes in process `syz.0.345'. [ 1016.033478][ T34] audit: type=1326 audit(1015.220:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4769 comm="syz.1.343" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x7fc00000 [ 1020.712372][ T9] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 1021.010213][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1021.011873][ T9] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1021.013762][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 1021.055797][ T9] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1021.057270][ T9] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1021.059538][ T9] usb 1-1: Manufacturer: syz [ 1021.133991][ T9] usb 1-1: config 0 descriptor?? [ 1021.755646][ T9] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 1021.883126][ T9] usb 1-1: USB disconnect, device number 4 [ 1036.661934][ T4814] nvme_fabrics: missing parameter 'transport=%s' [ 1036.663792][ T4814] nvme_fabrics: missing parameter 'nqn=%s' [ 1039.727566][ T4828] bond0: entered promiscuous mode [ 1039.742130][ T4828] bond_slave_0: entered promiscuous mode [ 1039.745702][ T4828] bond_slave_1: entered promiscuous mode [ 1039.844037][ T4826] bond0: left promiscuous mode [ 1039.845775][ T4826] bond_slave_0: left promiscuous mode [ 1039.853240][ T4826] bond_slave_1: left promiscuous mode [ 1043.291023][ T25] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 1043.533953][ T25] usb 1-1: Using ep0 maxpacket: 32 [ 1043.610312][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1043.612685][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1043.614866][ T25] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1043.620656][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1043.781735][ T25] usb 1-1: config 0 descriptor?? [ 1043.883348][ T25] hub 1-1:0.0: USB hub found [ 1044.117654][ T4841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.368'. [ 1045.761056][ T25] hub 1-1:0.0: 2 ports detected [ 1046.817162][ T4365] hub 1-1:0.0: hub_ext_port_status failed (err = -71) [ 1048.675597][ T4365] usb 1-1: Failed to suspend device, error -71 [ 1048.680802][ T25] usb 1-1: USB disconnect, device number 5 [ 1055.146958][ T4866] netlink: 20 bytes leftover after parsing attributes in process `syz.1.375'. [ 1072.152729][ T3818] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 1072.485929][ T3818] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1072.487830][ T3818] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1072.501880][ T3818] usb 2-1: New USB device found, idVendor=0b05, idProduct=18c6, bcdDevice= 0.00 [ 1072.503243][ T3818] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1072.553170][ T3818] usb 2-1: config 0 descriptor?? [ 1074.116643][ T3818] asus 0003:0B05:18C6.0004: unbalanced collection at end of report description [ 1074.131411][ T3818] asus 0003:0B05:18C6.0004: Asus hid parse failed: -22 [ 1074.135550][ T3818] asus 0003:0B05:18C6.0004: probe with driver asus failed with error -22 [ 1074.621644][ T3782] usb 2-1: USB disconnect, device number 5 [ 1077.386358][ T34] audit: type=1326 audit(1076.580:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4912 comm="syz.0.389" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x0 [ 1086.103243][ T4921] infiniband syz1: set active [ 1086.105066][ T4921] infiniband syz1: added bond_slave_1 [ 1088.424834][ T4921] RDS/IB: syz1: added [ 1088.477271][ T4921] smc: adding ib device syz1 with port count 1 [ 1088.509676][ T4921] smc: ib device syz1 port 1 has pnetid [ 1115.138967][ T4962] lo: entered allmulticast mode [ 1115.171638][ T4962] lo: left allmulticast mode [ 1146.996026][ T5020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.434'. [ 1158.812087][ T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 1159.230210][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 1159.402766][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1159.405063][ T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1159.406524][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1159.494887][ T9] usb 1-1: config 0 descriptor?? [ 1159.788062][ T9] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input4 [ 1165.995066][ T5038] bcm5974 1-1:0.0: could not read from device [ 1166.573146][ T3818] usb 1-1: USB disconnect, device number 6 [ 1175.511433][ T3186] block device autoloading is deprecated and will be removed. [ 1177.717477][ T5078] tmpfs: Bad value for 'mpol' [ 1186.025874][ T5099] netlink: 348 bytes leftover after parsing attributes in process `syz.0.456'. [ 1202.786495][ T5125] netlink: 256 bytes leftover after parsing attributes in process `syz.1.468'. [ 1202.793473][ T5125] netlink: 72 bytes leftover after parsing attributes in process `syz.1.468'. [ 1205.477721][ T5129] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 1211.815999][ T5139] netlink: 12 bytes leftover after parsing attributes in process `syz.0.475'. [ 1213.280686][ T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 1213.551199][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 1213.690215][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1213.691741][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1213.692956][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1213.694443][ T9] usb 2-1: New USB device found, idVendor=1b96, idProduct=0010, bcdDevice= 0.00 [ 1213.695674][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1213.764711][ T9] usb 2-1: config 0 descriptor?? [ 1215.184682][ T9] ntrig 0003:1B96:0010.0005: item fetching failed at offset 5/7 [ 1215.193978][ T9] ntrig 0003:1B96:0010.0005: parse failed [ 1215.195770][ T9] ntrig 0003:1B96:0010.0005: probe with driver ntrig failed with error -22 [ 1215.747290][ T25] usb 2-1: USB disconnect, device number 6 [ 1216.584853][ T5161] dvmrp1: entered allmulticast mode [ 1226.740045][ T3818] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 1226.992285][ T3818] usb 2-1: Using ep0 maxpacket: 32 [ 1227.117940][ T3818] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1227.120847][ T3818] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1227.122461][ T3818] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1227.123829][ T3818] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1227.163676][ T3818] usb 2-1: config 0 descriptor?? [ 1230.844803][ T3818] apple 0003:05AC:0244.0006: unknown main item tag 0x0 [ 1230.847153][ T3818] apple 0003:05AC:0244.0006: unknown main item tag 0x0 [ 1230.850854][ T3818] apple 0003:05AC:0244.0006: unknown main item tag 0x0 [ 1231.007096][ T3818] apple 0003:05AC:0244.0006: hidraw0: USB HID v0.00 Device [HID 05ac:0244] on usb-dummy_hcd.1-1/input0 [ 1232.952846][ T3818] usb 2-1: USB disconnect, device number 7 [ 1248.492037][ T5212] netlink: 8 bytes leftover after parsing attributes in process `syz.1.491'. [ 1248.495857][ T5212] lo speed is unknown, defaulting to 1000 [ 1248.571883][ T5212] netlink: 8 bytes leftover after parsing attributes in process `syz.1.491'. [ 1251.644012][ T5218] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 1267.610562][ T5245] netlink: 16 bytes leftover after parsing attributes in process `syz.0.507'. [ 1267.614248][ T5245] netlink: 8 bytes leftover after parsing attributes in process `syz.0.507'. [ 1267.716208][ T5245] IPv6: sit1: Disabled Multicast RS [ 1267.732024][ T5245] sit1: entered allmulticast mode [ 1271.035349][ T4979] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 1271.665788][ T4979] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1271.689945][ T4979] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1272.347909][ T4979] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1272.350177][ T4979] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1272.351803][ T4979] usb 2-1: Product: syz [ 1272.352914][ T4979] usb 2-1: Manufacturer: syz [ 1272.354057][ T4979] usb 2-1: SerialNumber: syz [ 1274.053050][ T4979] usb 2-1: 0:2 : does not exist [ 1274.322007][ T4979] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 1274.931632][ T4979] usb 2-1: USB disconnect, device number 8 [ 1301.412986][ T5302] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 1302.886888][ T34] audit: type=1326 audit(1302.090:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5307 comm="syz.0.527" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x0 [ 1323.976850][ T5333] netlink: 'syz.1.538': attribute type 16 has an invalid length. [ 1323.991045][ T5333] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.538'. [ 1342.194335][ T5360] netlink: 272 bytes leftover after parsing attributes in process `syz.1.551'. [ 1350.323987][ T25] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 1350.651620][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1350.654256][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1350.656749][ T25] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 1350.679650][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1350.881521][ T25] usb 2-1: config 0 descriptor?? [ 1354.234377][ T5380] Zero length message leads to an empty skb [ 1356.515295][ T25] hid-thrustmaster 0003:044F:B65D.0007: unexpected long global item [ 1356.545194][ T25] hid-thrustmaster 0003:044F:B65D.0007: parse failed with error -22 [ 1356.559973][ T25] hid-thrustmaster 0003:044F:B65D.0007: probe with driver hid-thrustmaster failed with error -22 [ 1360.097177][ T25] usb 2-1: USB disconnect, device number 9 [ 1367.460363][ T5405] nbd: must specify a size in bytes for the device [ 1407.940027][ T5461] netlink: 8 bytes leftover after parsing attributes in process `syz.0.587'. [ 1407.941674][ T5461] netlink: 12 bytes leftover after parsing attributes in process `syz.0.587'. [ 1465.390238][ T9] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 1465.861164][ T9] usb 1-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1465.864064][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1465.866611][ T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00 [ 1465.897066][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1466.066766][ T9] usb 1-1: config 0 descriptor?? [ 1468.445507][ T9] magicmouse 0003:05AC:0269.0008: unbalanced delimiter at end of report description [ 1468.514497][ T9] magicmouse 0003:05AC:0269.0008: magicmouse hid parse failed [ 1468.547923][ T9] magicmouse 0003:05AC:0269.0008: probe with driver magicmouse failed with error -22 [ 1468.884041][ T9] usb 1-1: USB disconnect, device number 7 [ 1481.297212][ T5555] process 'syz.1.623' launched './file2' with NULL argv: empty string added [ 1482.519142][ T34] audit: type=1800 audit(1481.690:6): pid=5558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.624" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0 [ 1513.383087][ T5589] netlink: 8 bytes leftover after parsing attributes in process `syz.0.638'. [ 1513.384703][ T5589] netlink: 4 bytes leftover after parsing attributes in process `syz.0.638'. [ 1513.385997][ T5589] netlink: 'syz.0.638': attribute type 14 has an invalid length. [ 1513.387130][ T5589] netlink: 'syz.0.638': attribute type 13 has an invalid length. [ 1516.033660][ T5591] netlink: 8 bytes leftover after parsing attributes in process `syz.1.639'. [ 1554.090919][ T5615] netlink: 4 bytes leftover after parsing attributes in process `syz.0.650'. [ 1554.100385][ T5615] netlink: 4 bytes leftover after parsing attributes in process `syz.0.650'. [ 1598.304546][ T5648] netlink: 8 bytes leftover after parsing attributes in process `syz.1.664'. [ 1598.307078][ T5648] netlink: 4 bytes leftover after parsing attributes in process `syz.1.664'. [ 1598.346855][ T5648] netlink: 'syz.1.664': attribute type 7 has an invalid length. [ 1612.611320][ T5655] netlink: 24 bytes leftover after parsing attributes in process `syz.0.667'. [ 1612.906779][ T5655] netlink: 8 bytes leftover after parsing attributes in process `syz.0.667'. [ 1612.922749][ T5655] netlink: 12 bytes leftover after parsing attributes in process `syz.0.667'. [ 1624.217823][ T5665] fuse: Invalid rootmode [ 1641.820212][ T5350] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 1642.514839][ T5350] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1642.521882][ T5350] usb 1-1: New USB device found, idVendor=0458, idProduct=5017, bcdDevice= 0.00 [ 1642.524514][ T5350] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1642.706056][ T5350] usb 1-1: config 0 descriptor?? [ 1645.193282][ T5350] kye 0003:0458:5017.0009: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 1645.404295][ T5350] kye 0003:0458:5017.0009: hidraw0: USB HID v0.00 Device [HID 0458:5017] on usb-dummy_hcd.0-1/input0 [ 1645.407518][ T5350] kye 0003:0458:5017.0009: tablet-enabling feature report not found [ 1645.445172][ T5350] kye 0003:0458:5017.0009: tablet enabling failed [ 1645.781853][ T5350] usb 1-1: USB disconnect, device number 8 [ 1678.333233][ T5713] netlink: 168 bytes leftover after parsing attributes in process `syz.0.683'. [ 1701.252973][ T5733] netlink: 'syz.0.691': attribute type 3 has an invalid length. [ 1701.255440][ T5733] netlink: 666 bytes leftover after parsing attributes in process `syz.0.691'. [ 1707.429950][ T5741] ksmbd: Unknown IPC event: 4, ignore. [ 1711.250236][ T5745] netlink: 128 bytes leftover after parsing attributes in process `syz.0.698'. [ 1717.086612][ T5756] pim6reg: entered allmulticast mode [ 1735.984093][ T5784] netlink: 'syz.0.715': attribute type 1 has an invalid length. [ 1735.986484][ T5784] netlink: 212 bytes leftover after parsing attributes in process `syz.0.715'. [ 1752.146432][ T3806] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 1752.521478][ T3806] usb 2-1: Using ep0 maxpacket: 16 [ 1752.681116][ T3806] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 1752.683994][ T3806] usb 2-1: config 0 has no interface number 0 [ 1752.686421][ T3806] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1752.716235][ T3806] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1752.844633][ T3806] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1752.847487][ T3806] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1752.880199][ T3806] usb 2-1: Product: syz [ 1752.882423][ T3806] usb 2-1: SerialNumber: syz [ 1753.549659][ T3806] usb 2-1: config 0 descriptor?? [ 1754.086106][ T3806] cm109 2-1:0.8: invalid payload size 0, expected 4 [ 1754.352049][ T3806] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input6 [ 1757.848270][ C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1757.865585][ C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1757.872243][ C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1757.877739][ T5350] usb 2-1: USB disconnect, device number 10 [ 1757.879999][ C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1757.880910][ C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 1757.955993][ T5350] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1783.575357][ T5849] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 1815.404967][ T5917] netlink: 8 bytes leftover after parsing attributes in process `syz.1.757'. [ 1850.035445][ T5958] syz.1.779: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 1850.068285][ T5958] CPU: 0 UID: 0 PID: 5958 Comm: syz.1.779 Not tainted 6.13.0-rc3-syzkaller-g6f6ecce59d99 #0 [ 1850.071137][ T5958] Hardware name: riscv-virtio,qemu (DT) [ 1850.072845][ T5958] Call Trace: [ 1850.074027][ T5958] [] dump_backtrace+0x2e/0x3c [ 1850.075828][ T5958] [] show_stack+0x30/0x3c [ 1850.077409][ T5958] [] dump_stack_lvl+0x12e/0x1a6 [ 1850.080114][ T5958] [] dump_stack+0x1c/0x24 [ 1850.081804][ T5958] [] warn_alloc+0x170/0x292 [ 1850.083251][ T5958] [] __vmalloc_node_range_noprof+0xf8e/0x120e [ 1850.084926][ T5958] [] vzalloc_noprof+0xf8/0x126 [ 1850.086589][ T5958] [] packet_set_ring+0xbba/0x19ee [ 1850.088105][ T5958] [] packet_setsockopt+0x177c/0x3544 [ 1850.089569][ T5958] [] do_sock_setsockopt+0x208/0x400 [ 1850.091038][ T5958] [] __sys_setsockopt+0x140/0x1cc [ 1850.092546][ T5958] [] __riscv_sys_setsockopt+0xa6/0x114 [ 1850.094097][ T5958] [] syscall_handler+0x94/0x118 [ 1850.095508][ T5958] [] do_trap_ecall_u+0x1aa/0x216 [ 1850.097303][ T5958] [] handle_exception+0x146/0x152 [ 1850.311335][ T5958] Mem-Info: [ 1850.333424][ T5958] active_anon:1904 inactive_anon:0 isolated_anon:0 [ 1850.333424][ T5958] active_file:12913 inactive_file:34677 isolated_file:0 [ 1850.333424][ T5958] unevictable:768 dirty:90 writeback:0 [ 1850.333424][ T5958] slab_reclaimable:2431 slab_unreclaimable:27299 [ 1850.333424][ T5958] mapped:12575 shmem:811 pagetables:371 [ 1850.333424][ T5958] sec_pagetables:0 bounce:0 [ 1850.333424][ T5958] kernel_misc_reclaimable:0 [ 1850.333424][ T5958] free:211909 free_pcp:953 free_cma:52608 [ 1850.373762][ T5958] Node 0 active_anon:7616kB inactive_anon:0kB active_file:51652kB inactive_file:138708kB unevictable:3072kB isolated(anon):0kB isolated(file):0kB mapped:50300kB dirty:360kB writeback:0kB shmem:3244kB writeback_tmp:0kB kernel_stack:5824kB pagetables:1484kB sec_pagetables:0kB all_unreclaimable? no [ 1850.533494][ T5958] Node 0 DMA32 free:847636kB boost:0kB min:4784kB low:6212kB high:7640kB reserved_highatomic:0KB active_anon:7616kB inactive_anon:0kB active_file:51652kB inactive_file:138708kB unevictable:3072kB writepending:360kB present:2097152kB managed:1434256kB mlocked:0kB bounce:0kB free_pcp:3848kB local_pcp:2736kB free_cma:210432kB [ 1850.599675][ T5958] lowmem_reserve[]: 0 0 0 [ 1850.603464][ T5958] Node 0 DMA32: 667*4kB (UME) 857*8kB (UME) 636*16kB (M) 509*32kB (M) 423*64kB (UME) 201*128kB (UME) 76*256kB (UME) 42*512kB (UMEC) 11*1024kB (MEC) 3*2048kB (UM) 171*4096kB (MC) = 847572kB [ 1850.763196][ T5958] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1850.764555][ T5958] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 1850.766088][ T5958] 48403 total pagecache pages [ 1850.767068][ T5958] 0 pages in swap cache [ 1850.767979][ T5958] Free swap = 124732kB [ 1850.811698][ T5958] Total swap = 124996kB [ 1850.813065][ T5958] 524288 pages RAM [ 1850.813921][ T5958] 0 pages HighMem/MovableOnly [ 1850.814784][ T5958] 165724 pages reserved [ 1850.815626][ T5958] 52736 pages cma reserved [ 1868.811668][ T5981] netlink: 40 bytes leftover after parsing attributes in process `syz.0.788'. [ 1881.844112][ T5999] netlink: 48 bytes leftover after parsing attributes in process `syz.1.796'. [ 1882.340714][ T6001] netlink: 252 bytes leftover after parsing attributes in process `syz.0.797'. [ 1890.692650][ T34] audit: type=1326 audit(1889.840:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6008 comm="syz.0.800" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x7fc00000 [ 1900.103157][ T3818] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 1900.920602][ T3818] usb 2-1: Using ep0 maxpacket: 16 [ 1900.982422][ T3818] usb 2-1: config 8 has an invalid interface number: 39 but max is 0 [ 1900.984402][ T3818] usb 2-1: config 8 has no interface number 0 [ 1900.985824][ T3818] usb 2-1: config 8 interface 39 altsetting 1 has an endpoint descriptor with address 0xDF, changing to 0x8F [ 1900.987238][ T3818] usb 2-1: config 8 interface 39 altsetting 1 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1900.993595][ T3818] usb 2-1: config 8 interface 39 altsetting 1 bulk endpoint 0x8F has invalid maxpacket 0 [ 1900.995137][ T3818] usb 2-1: config 8 interface 39 has no altsetting 0 [ 1901.230153][ T3818] usb 2-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77 [ 1901.258011][ T3818] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1901.260316][ T3818] usb 2-1: Product: syz [ 1901.261485][ T3818] usb 2-1: Manufacturer: syz [ 1901.262573][ T3818] usb 2-1: SerialNumber: syz [ 1905.140323][ T3818] ipheth 2-1:8.39: ipheth_enable_ncm: usb_control_msg: -71 [ 1905.222003][ T3818] ipheth 2-1:8.39: Apple iPhone USB Ethernet device attached [ 1905.381672][ T3818] usb 2-1: USB disconnect, device number 11 [ 1906.384690][ T3818] ipheth 2-1:8.39: Apple iPhone USB Ethernet now disconnected [ 1921.110087][ T3806] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 1921.396383][ T3806] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1921.400927][ T3806] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1921.506015][ T3806] usb 1-1: config 0 descriptor?? [ 1921.626929][ T3806] cp210x 1-1:0.0: cp210x converter detected [ 1922.993261][ T3806] cp210x 1-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 1922.995764][ T3806] cp210x 1-1:0.0: GPIO initialisation failed: -71 [ 1923.074492][ T3806] usb 1-1: cp210x converter now attached to ttyUSB0 [ 1923.681717][ T3806] usb 1-1: USB disconnect, device number 9 [ 1924.125215][ T3806] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1924.145139][ T3806] cp210x 1-1:0.0: device disconnected [ 1931.324146][ T6098] rdma_rxe: rxe_newlink: failed to add bond_slave_1 [ 1934.032252][ T3818] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 1934.495568][ T3818] usb 1-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00 [ 1934.502743][ T3818] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1934.652029][ T3818] usb 1-1: config 0 descriptor?? [ 1938.115465][ T25] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 1938.177828][ T3818] input: HID 054c:03d5 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:054C:03D5.000A/input/input7 [ 1938.402955][ T3818] sony 0003:054C:03D5.000A: input,hidraw0: USB HID v1.01 Joystick [HID 054c:03d5] on usb-dummy_hcd.0-1/input0 [ 1938.526566][ T3818] usb 1-1: USB disconnect, device number 10 [ 1939.032510][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1939.034767][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1939.037826][ T25] usb 2-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00 [ 1939.067276][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1939.456712][ T25] usb 2-1: config 0 descriptor?? [ 1941.586233][ T25] cougar 0003:060B:700A.000B: item fetching failed at offset 2/5 [ 1941.625066][ T25] cougar 0003:060B:700A.000B: parse failed [ 1941.641520][ T25] cougar 0003:060B:700A.000B: probe with driver cougar failed with error -22 [ 1941.821347][ T25] usb 2-1: USB disconnect, device number 12 [ 1966.436477][ T6174] mmap: syz.1.832 (6174) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 2014.161332][ T5649] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 2014.393946][ T5649] usb 2-1: Using ep0 maxpacket: 16 [ 2014.564801][ T5649] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2014.567890][ T5649] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2014.572641][ T5649] usb 2-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00 [ 2014.607201][ T5649] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2014.754607][ T5649] usb 2-1: config 0 descriptor?? [ 2019.096272][ T5649] bigben 0003:146B:0902.000C: unexpected rdesc, please submit for review [ 2019.136712][ T5649] bigben 0003:146B:0902.000C: item fetching failed at offset 1/5 [ 2019.183295][ T5649] bigben 0003:146B:0902.000C: parse failed [ 2019.187573][ T5649] bigben 0003:146B:0902.000C: probe with driver bigben failed with error -22 [ 2020.253143][ T5649] usb 2-1: USB disconnect, device number 13 [ 2063.231890][ T34] audit: type=1800 audit(2062.380:8): pid=6274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.0.870" name="/newroot/442/file0" dev="tmpfs" ino=2254 res=0 errno=0 [ 2064.970000][ T6282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.871'. [ 2065.010179][ T6282] netlink: 12 bytes leftover after parsing attributes in process `syz.1.871'. [ 2065.056098][ T6282] netlink: 'syz.1.871': attribute type 20 has an invalid length. [ 2122.934744][ T6338] netlink: 20 bytes leftover after parsing attributes in process `syz.0.896'. [ 2126.870890][ T6344] netlink: 16 bytes leftover after parsing attributes in process `syz.0.898'. [ 2131.890136][ T6350] netlink: 12 bytes leftover after parsing attributes in process `syz.1.901'. [ 2138.141894][ T6358] netlink: 4 bytes leftover after parsing attributes in process `syz.0.905'. [ 2178.620990][ T25] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 2178.953291][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2178.956293][ T25] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 2178.961071][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2179.179939][ T25] usb 2-1: config 0 descriptor?? [ 2180.236344][ T25] lg-g15 0003:046D:C222.000D: unknown main item tag 0x0 [ 2180.237920][ T25] lg-g15 0003:046D:C222.000D: unknown main item tag 0x0 [ 2180.240700][ T25] lg-g15 0003:046D:C222.000D: unknown main item tag 0x0 [ 2180.241818][ T25] lg-g15 0003:046D:C222.000D: unknown main item tag 0x0 [ 2180.242941][ T25] lg-g15 0003:046D:C222.000D: unknown main item tag 0x0 [ 2180.244091][ T25] lg-g15 0003:046D:C222.000D: unknown main item tag 0x0 [ 2180.245259][ T25] lg-g15 0003:046D:C222.000D: unknown main item tag 0x0 [ 2180.294236][ T25] lg-g15 0003:046D:C222.000D: hidraw0: USB HID v10.00 Device [HID 046d:c222] on usb-dummy_hcd.1-1/input0 [ 2181.537018][ T5350] usb 2-1: USB disconnect, device number 14 [ 2229.777780][ T6475] netlink: 8 bytes leftover after parsing attributes in process `syz.0.948'. [ 2229.787011][ T6475] netlink: 12 bytes leftover after parsing attributes in process `syz.0.948'. [ 2244.616049][ T6491] ubi0: attaching mtd0 [ 2244.854832][ T6491] ubi0: scanning is finished [ 2244.857422][ T6491] ubi0: empty MTD device detected [ 2245.706390][ T6491] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 2245.707875][ T6491] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 2245.714154][ T6491] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 2245.715567][ T6491] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 2245.743541][ T6491] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 2245.745143][ T6491] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 2245.746484][ T6491] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4191689376 [ 2245.747794][ T6491] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 2245.781555][ T6494] ubi0: background thread "ubi_bgt0d" started, PID 6494 [ 2262.225374][ T6512] netlink: 'syz.0.965': attribute type 1 has an invalid length. [ 2267.127193][ T6518] Invalid ELF header magic: != ELF [ 2275.563588][ T6525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.971'. [ 2275.564992][ T6525] netlink: 12 bytes leftover after parsing attributes in process `syz.0.971'. [ 2275.566153][ T6525] netlink: 'syz.0.971': attribute type 20 has an invalid length. [ 2324.607107][ T34] audit: type=1326 audit(2323.810:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.0.994" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x7ffc0000 [ 2324.640935][ T34] audit: type=1326 audit(2323.840:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.0.994" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x7ffc0000 [ 2325.137993][ T34] audit: type=1326 audit(2324.340:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.0.994" exe="/syz-executor" sig=0 arch=c00000f3 syscall=198 compat=0 ip=0xdb5be code=0x7ffc0000 [ 2325.159528][ T34] audit: type=1326 audit(2324.360:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.0.994" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x7ffc0000 [ 2325.199576][ T34] audit: type=1326 audit(2324.400:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.0.994" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x7ffc0000 [ 2325.319332][ T34] audit: type=1326 audit(2324.440:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.0.994" exe="/syz-executor" sig=0 arch=c00000f3 syscall=209 compat=0 ip=0xdb5be code=0x7ffc0000 [ 2325.336918][ T34] audit: type=1326 audit(2324.540:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.0.994" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x7ffc0000 [ 2325.370693][ T34] audit: type=1326 audit(2324.570:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.0.994" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x7ffc0000 [ 2330.120892][ T6422] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 2330.404356][ T6422] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2330.406828][ T6422] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2330.411704][ T6422] usb 1-1: New USB device found, idVendor=05ac, idProduct=0216, bcdDevice= 0.00 [ 2330.413066][ T6422] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2330.460675][ T6422] usb 1-1: config 0 descriptor?? [ 2331.596179][ T6422] apple 0003:05AC:0216.000E: unbalanced delimiter at end of report description [ 2331.605414][ T6422] apple 0003:05AC:0216.000E: parse failed [ 2331.607212][ T6422] apple 0003:05AC:0216.000E: probe with driver apple failed with error -22 [ 2332.091580][ T5709] usb 1-1: USB disconnect, device number 11 [ 2373.321748][ T5350] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 2373.939411][ T5350] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2373.942428][ T5350] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2373.945033][ T5350] usb 1-1: New USB device found, idVendor=044f, idProduct=b65a, bcdDevice= 0.00 [ 2373.949915][ T5350] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2374.135833][ T5350] usb 1-1: config 0 descriptor?? [ 2376.546715][ T5350] thrustmaster 0003:044F:B65A.000F: unknown main item tag 0x0 [ 2376.607520][ T5350] thrustmaster 0003:044F:B65A.000F: hidraw0: USB HID v0.00 Device [HID 044f:b65a] on usb-dummy_hcd.0-1/input0 [ 2376.620573][ T5350] thrustmaster 0003:044F:B65A.000F: no inputs found [ 2376.816282][ T5350] usb 1-1: USB disconnect, device number 12 [ 2388.195169][ T6672] pimreg4: entered allmulticast mode [ 2456.601613][ T5350] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 2456.839805][ T5350] usb 2-1: Using ep0 maxpacket: 16 [ 2456.987116][ T5350] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2457.003248][ T5350] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2457.004828][ T5350] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2457.006502][ T5350] usb 2-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 2457.007775][ T5350] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2457.186371][ T5350] usb 2-1: config 0 descriptor?? [ 2460.246663][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.266555][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.294634][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.296775][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.305659][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.308185][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.356746][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.363719][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.365537][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.367365][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.382638][ T5350] ryos 0003:1E7D:31CE.0010: unknown main item tag 0x0 [ 2460.873739][ T5350] ryos 0003:1E7D:31CE.0010: hidraw0: USB HID v0.00 Device [HID 1e7d:31ce] on usb-dummy_hcd.1-1/input0 [ 2461.331891][ T5350] usb 2-1: USB disconnect, device number 15 [ 2496.921238][ T6811] [U] : [ 2496.923019][ T6811] [U] [ 2496.924033][ T6811] [U] [ 2496.925424][ T6811] [U] [ 2496.926738][ T6811] [U] [ 2496.928158][ T6811] [U] [ 2496.929521][ T6811] [U] [ 2496.930315][ T6811] [U] [ 2496.941662][ T6811] [U] [ 2496.942776][ T6811] [U] [ 2496.943619][ T6811] [U] [ 2496.944432][ T6811] [U] [ 2496.945329][ T6811] [U] [ 2496.946132][ T6811] [U] [ 2496.947003][ T6811] [U] [ 2496.947838][ T6811] [U] [ 2496.983029][ T6811] [U] [ 2496.984241][ T6811] [U] [ 2496.985089][ T6811] [U] [ 2496.985885][ T6811] [U] [ 2496.986647][ T6811] [U] [ 2496.987404][ T6811] [U] [ 2496.988148][ T6811] [U] [ 2496.989030][ T6811] [U] [ 2497.020833][ T6811] [U] [ 2497.021923][ T6811] [U] [ 2497.022746][ T6811] [U] [ 2497.023543][ T6811] [U] [ 2497.024323][ T6811] [U] [ 2497.025170][ T6811] [U] [ 2497.025968][ T6811] [U] [ 2497.026906][ T6811] [U] [ 2497.059495][ T6811] [U] [ 2497.060641][ T6811] [U] [ 2497.061525][ T6811] [U] [ 2497.062438][ T6811] [U] [ 2497.063250][ T6811] [U] [ 2497.064016][ T6811] [U] [ 2497.064849][ T6811] [U] [ 2497.065640][ T6811] [U] [ 2497.091177][ T6811] [U] [ 2497.092330][ T6811] [U] [ 2497.093180][ T6811] [U] [ 2497.093940][ T6811] [U] [ 2497.094695][ T6811] [U] [ 2497.095535][ T6811] [U] [ 2497.096309][ T6811] [U] [ 2497.097119][ T6811] [U] [ 2497.112480][ T6811] [U] [ 2497.113640][ T6811] [U] [ 2497.114453][ T6811] [U] [ 2497.115246][ T6811] [U] [ 2497.116027][ T6811] [U] [ 2497.116913][ T6811] [U] [ 2497.117737][ T6811] [U] [ 2497.118600][ T6811] [U] [ 2497.130457][ T6811] [U] [ 2497.131560][ T6811] [U] [ 2497.132430][ T6811] [U] [ 2497.133313][ T6811] [U] [ 2497.134056][ T6811] [U] [ 2497.134811][ T6811] [U] [ 2497.135551][ T6811] [U] [ 2497.136330][ T6811] [U] [ 2497.150668][ T6811] [U] [ 2497.151839][ T6811] [U] [ 2497.152751][ T6811] [U] [ 2497.153578][ T6811] [U] [ 2497.154367][ T6811] [U] [ 2497.155156][ T6811] [U] [ 2497.155931][ T6811] [U] [ 2497.156769][ T6811] [U] [ 2497.170705][ T6811] [U] [ 2497.171817][ T6811] [U] [ 2497.172711][ T6811] [U] [ 2497.173504][ T6811] [U] [ 2497.174271][ T6811] [U] [ 2497.175087][ T6811] [U] [ 2497.175862][ T6811] [U] [ 2497.176692][ T6811] [U] [ 2497.182270][ T6811] [U] [ 2497.183293][ T6811] [U] [ 2497.184113][ T6811] [U] [ 2497.184955][ T6811] [U] [ 2497.185740][ T6811] [U] [ 2497.186505][ T6811] [U] [ 2497.187262][ T6811] [U] [ 2497.188071][ T6811] [U] [ 2497.195371][ T6811] [U] [ 2497.196449][ T6811] [U] [ 2497.197305][ T6811] [U] [ 2497.198255][ T6811] [U] [ 2497.199045][ T6811] [U] [ 2497.199848][ T6811] [U] [ 2497.200820][ T6811] [U] [ 2497.201762][ T6811] [U] [ 2497.211539][ T6811] [U] [ 2497.212711][ T6811] [U] [ 2497.213538][ T6811] [U] [ 2497.214320][ T6811] [U] [ 2497.215160][ T6811] [U] [ 2497.216170][ T6811] [U] [ 2497.217052][ T6811] [U] [ 2497.217907][ T6811] [U] [ 2497.226786][ T6811] [U] [ 2497.227959][ T6811] [U] [ 2497.230369][ T6811] [U] [ 2497.232047][ T6811] [U] [ 2497.233461][ T6811] [U] [ 2497.234840][ T6811] [U] [ 2497.236278][ T6811] [U] [ 2497.237776][ T6811] [U] [ 2497.285296][ T6811] [U] [ 2497.287308][ T6811] [U] [ 2497.288847][ T6811] [U] [ 2497.290337][ T6811] [U] [ 2497.291796][ T6811] [U] [ 2497.293241][ T6811] [U] [ 2497.294661][ T6811] [U] [ 2497.296097][ T6811] [U] [ 2497.357126][ T6811] [U] [ 2497.359692][ T6811] [U] [ 2497.361257][ T6811] [U] [ 2497.362719][ T6811] [U] [ 2497.364206][ T6811] [U] [ 2497.365680][ T6811] [U] [ 2497.367090][ T6811] [U] [ 2498.017687][ T6809] [U] [ 2510.786267][ T6829] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1079'. [ 2515.842980][ T6835] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1081'. [ 2533.612763][ T3818] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 2534.087664][ T3818] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2534.113614][ T3818] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 2534.389575][ T3818] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2534.392082][ T3818] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2534.394083][ T3818] usb 1-1: Product: syz [ 2534.395702][ T3818] usb 1-1: Manufacturer: syz [ 2534.397395][ T3818] usb 1-1: SerialNumber: syz [ 2537.896375][ T3818] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 2538.006519][ T3818] usb 1-1: USB disconnect, device number 13 [ 2539.731442][ T25] usb 1-1: new full-speed USB device number 14 using dummy_hcd [ 2540.235064][ T25] usb 1-1: config index 0 descriptor too short (expected 301, got 72) [ 2540.237598][ T25] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 2540.271072][ T25] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 2540.273600][ T25] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 1024, setting to 64 [ 2540.275871][ T25] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 2540.341590][ T25] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2540.363073][ T25] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 2540.365453][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2542.726032][ T25] usb 1-1: usb_control_msg returned -71 [ 2542.730927][ T25] usbtmc 1-1:16.0: can't read capabilities [ 2542.734252][ T25] usbtmc 1-1:16.0: Failed to submit iin_urb [ 2542.737825][ T25] usbtmc 1-1:16.0: probe with driver usbtmc failed with error -90 [ 2543.366698][ T25] usb 1-1: USB disconnect, device number 14 [ 2546.611506][ T5350] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 2547.434539][ T5350] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2547.437566][ T5350] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2547.460904][ T5350] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 2547.463422][ T5350] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2547.614163][ T5350] usb 2-1: config 0 descriptor?? [ 2549.212427][ T5350] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 2549.214860][ T5350] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 2549.216869][ T5350] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 2549.251845][ T5350] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0 [ 2549.254234][ T5350] cp2112 0003:10C4:EA90.0011: item fetching failed at offset 4/7 [ 2549.288152][ T5350] cp2112 0003:10C4:EA90.0011: parse failed [ 2549.304396][ T5350] cp2112 0003:10C4:EA90.0011: probe with driver cp2112 failed with error -22 [ 2549.641232][ T5350] usb 2-1: USB disconnect, device number 16 [ 2565.799224][ T34] audit: type=1326 audit(2564.996:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.0.1100" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5be code=0x0 [ 2576.147658][ T6924] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1105'. [ 2590.302734][ T6937] TCP: TCP_TX_DELAY enabled [ 2599.415504][ T6953] netlink: 'syz.1.1118': attribute type 2 has an invalid length. [ 2638.936297][ T7005] gtp0: entered promiscuous mode [ 2638.937877][ T7005] gtp0: entered allmulticast mode [ 2653.067223][ T7017] usb usb1: usbfs: process 7017 (syz.1.1141) did not claim interface 4 before use [ 2688.456782][ T7065] netlink: 165 bytes leftover after parsing attributes in process `syz.1.1160'. [ 2691.899936][ T7069] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1162'. [ 2711.576283][ T7093] trusted_key: encrypted_key: key user:syz not found [ 2728.785453][ T7114] netlink: 'syz.1.1179': attribute type 3 has an invalid length. [ 2753.845538][ T7140] tmpfs: Bad value for 'mpol' [ 2872.617925][ T7193] pim6reg: entered allmulticast mode [ 2878.217300][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1209'. [ 3018.393371][ T7249] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1228'. [ 3018.395461][ T7249] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1228'. [ 3582.072408][ C0] ksoftirqd/0: page allocation failure: order:0, mode:0x40820(GFP_ATOMIC|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0 [ 3582.076817][ C0] CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.13.0-rc3-syzkaller-g6f6ecce59d99 #0 [ 3582.078410][ C0] Hardware name: riscv-virtio,qemu (DT) [ 3582.079363][ C0] Call Trace: [ 3582.080237][ C0] [] dump_backtrace+0x2e/0x3c [ 3582.081673][ C0] [] show_stack+0x30/0x3c [ 3582.082956][ C0] [] dump_stack_lvl+0x12e/0x1a6 [ 3582.084264][ C0] [] dump_stack+0x1c/0x24 [ 3582.085674][ C0] [] warn_alloc+0x170/0x292 [ 3582.086918][ C0] [] __alloc_pages_noprof+0xdf0/0x1fc2 [ 3582.088347][ C0] [] alloc_pages_mpol_noprof+0xf8/0x488 [ 3582.089899][ C0] [] alloc_pages_noprof+0x174/0x2f0 [ 3582.091322][ C0] [] new_slab+0x2ca/0x40e [ 3582.092714][ C0] [] ___slab_alloc+0x9c8/0x10e6 [ 3582.094142][ C0] [] __slab_alloc.constprop.0+0x60/0xb0 [ 3582.095586][ C0] [] kmem_cache_alloc_node_noprof+0xd4/0x3e8 [ 3582.097021][ C0] [] __alloc_skb+0x32c/0x42a [ 3582.098340][ C0] [] synproxy_send_client_synack+0x1ae/0x8be [ 3582.100206][ C0] [] nft_synproxy_do_eval+0x8ac/0xa52 [ 3582.101866][ C0] [] nft_synproxy_eval+0x28/0x36 [ 3582.103265][ C0] [] nft_do_chain+0x328/0x1598 [ 3582.104270][ C0] [] nft_do_chain_inet+0x180/0x316 [ 3582.105712][ C0] [] nf_hook_slow+0xb8/0x1ec [ 3582.106779][ C0] [] ip_local_deliver+0x2ea/0x568 [ 3582.107827][ C0] [] ip_rcv_finish+0x1b0/0x2d2 [ 3582.108944][ C0] [] ip_rcv+0xd6/0x44e [ 3582.109914][ C0] [] __netif_receive_skb_one_core+0x106/0x16e [ 3582.111054][ C0] [] __netif_receive_skb+0x2c/0x144 [ 3582.112076][ C0] [] process_backlog+0x4f6/0x1cb0 [ 3582.113102][ C0] [] __napi_poll.constprop.0+0xaa/0x4b8 [ 3582.114112][ C0] [] net_rx_action+0xa12/0xf10 [ 3582.115056][ C0] [] handle_softirqs+0x4b2/0x132e [ 3582.116153][ C0] [] run_ksoftirqd+0xce/0x144 [ 3582.117306][ C0] [] smpboot_thread_fn+0x654/0xb96 [ 3582.118530][ C0] [] kthread+0x28c/0x3a4 [ 3582.119471][ C0] [] ret_from_fork+0xe/0x18 [ 3582.121545][ C0] Mem-Info: [ 3582.122417][ C0] active_anon:1928 inactive_anon:0 isolated_anon:0 [ 3582.122417][ C0] active_file:12899 inactive_file:35084 isolated_file:4 [ 3582.122417][ C0] unevictable:768 dirty:2 writeback:18 [ 3582.122417][ C0] slab_reclaimable:2451 slab_unreclaimable:189434 [ 3582.122417][ C0] mapped:12562 shmem:822 pagetables:376 [ 3582.122417][ C0] sec_pagetables:0 bounce:0 [ 3582.122417][ C0] kernel_misc_reclaimable:0 [ 3582.122417][ C0] free:52730 free_pcp:1869 free_cma:52480 [ 3582.125701][ C0] Node 0 active_anon:7712kB inactive_anon:0kB active_file:51596kB inactive_file:140336kB unevictable:3072kB isolated(anon):0kB isolated(file):16kB mapped:50248kB dirty:8kB writeback:72kB shmem:3288kB writeback_tmp:0kB kernel_stack:5760kB pagetables:1504kB sec_pagetables:0kB all_unreclaimable? no [ 3582.128977][ C0] Node 0 DMA32 free:210920kB boost:11460kB min:16244kB low:17672kB high:19100kB reserved_highatomic:0KB active_anon:7712kB inactive_anon:0kB active_file:51596kB inactive_file:140336kB unevictable:3072kB writepending:80kB present:2097152kB managed:1434256kB mlocked:0kB bounce:0kB free_pcp:7476kB local_pcp:4100kB free_cma:209920kB [ 3582.132052][ C0] lowmem_reserve[]: 0 0 0 [ 3582.134091][ C0] Node 0 DMA32: 250*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (C) 0*2048kB 51*4096kB (C) = 210920kB [ 3582.141007][ C0] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 3582.142210][ C0] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 3582.143434][ C0] 48837 total pagecache pages [ 3582.144338][ C0] 0 pages in swap cache [ 3582.145270][ C0] Free swap = 124740kB [ 3582.146101][ C0] Total swap = 124996kB [ 3582.147029][ C0] 524288 pages RAM [ 3582.147923][ C0] 0 pages HighMem/MovableOnly [ 3582.149453][ C0] 165724 pages reserved [ 3582.150293][ C0] 52736 pages cma reserved [ 3582.152597][ C0] SLUB: Unable to allocate memory on CPU 0 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC) [ 3582.154051][ C0] cache: skbuff_head_cache, object size: 240, buffer size: 320, default order: 0, min order: 0 [ 3582.155575][ C0] node 0: slabs: 21484, objs: 257808, free: 0 [ 3582.159329][ C0] SLUB: Unable to allocate memory on CPU 0 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC) [ 3582.160842][ C0] cache: skbuff_head_cache, object size: 240, buffer size: 320, default order: 0, min order: 0 [ 3582.162226][ C0] node 0: slabs: 21484, objs: 257808, free: 0 [ 3582.165003][ C0] SLUB: Unable to allocate memory on CPU 0 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC) [ 3582.166410][ C0] cache: skbuff_head_cache, object size: 240, buffer size: 320, default order: 0, min order: 0 [ 3582.167867][ C0] node 0: slabs: 21484, objs: 257808, free: 0 [ 3582.171783][ C0] SLUB: Unable to allocate memory on CPU 0 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC) [ 3582.173317][ C0] cache: skbuff_head_cache, object size: 240, buffer size: 320, default order: 0, min order: 0 [ 3582.174664][ C0] node 0: slabs: 21484, objs: 257808, free: 0 [ 3582.177322][ C0] SLUB: Unable to allocate memory on CPU 0 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC) [ 3582.179677][ C0] cache: skbuff_head_cache, object size: 240, buffer size: 320, default order: 0, min order: 0 [ 3582.181078][ C0] node 0: slabs: 21484, objs: 257808, free: 0 [ 3582.183694][ C0] SLUB: Unable to allocate memory on CPU 0 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC) [ 3582.185210][ C0] cache: skbuff_head_cache, object size: 240, buffer size: 320, default order: 0, min order: 0 [ 3582.186684][ C0] node 0: slabs: 21484, objs: 257808, free: 0 [ 3582.189843][ C0] SLUB: Unable to allocate memory on CPU 0 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC) [ 3582.191299][ C0] cache: skbuff_head_cache, object size: 240, buffer size: 320, default order: 0, min order: 0 [ 3582.192766][ C0] node 0: slabs: 21484, objs: 257808, free: 0 [ 3582.195276][ C0] SLUB: Unable to allocate memory on CPU 0 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC) [ 3582.196762][ C0] cache: skbuff_head_cache, object size: 240, buffer size: 320, default order: 0, min order: 0 [ 3582.198116][ C0] node 0: slabs: 21484, objs: 257808, free: 0 [ 3582.202304][ C0] SLUB: Unable to allocate memory on CPU 0 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC) [ 3582.203629][ C0] cache: skbuff_head_cache, object size: 240, buffer size: 320, default order: 0, min order: 0 [ 3582.204989][ C0] node 0: slabs: 21484, objs: 257808, free: 0 [ 3614.494708][ T37] INFO: task syz.0.1229:7251 blocked for more than 430 seconds. [ 3614.496013][ T37] Not tainted 6.13.0-rc3-syzkaller-g6f6ecce59d99 #0 [ 3614.660376][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3614.661940][ T37] task:syz.0.1229 state:D stack:0 pid:7251 tgid:7250 ppid:3186 flags:0x0000000c [ 3614.663711][ T37] Call Trace: [ 3614.664674][ T37] [] __schedule+0xdaa/0x393a [ 3614.665750][ T37] [] schedule+0xc4/0x324 [ 3614.666782][ T37] [] schedule_preempt_disabled+0x16/0x28 [ 3614.667868][ T37] [] rwsem_down_read_slowpath+0x56a/0x91e [ 3614.924445][ T37] [] down_read+0xe4/0x45e [ 3614.925809][ T37] [] do_exit+0x810/0x296e [ 3614.926899][ T37] [] do_group_exit+0xd4/0x26c [ 3614.928000][ T37] [] get_signal+0x1f4c/0x22de [ 3615.303885][ T37] [] arch_do_signal_or_restart+0xa3c/0x1d2c [ 3615.305380][ T37] [] syscall_exit_to_user_mode+0x29e/0x316 [ 3615.306616][ T37] [] do_trap_ecall_u+0x86/0x216 [ 3615.533120][ T37] [] handle_exception+0x146/0x152 [ 3615.572498][ T37] [ 3615.572498][ T37] Showing all locks held in the system: [ 3615.573982][ T37] 1 lock held by kthreadd/2: [ 3615.575053][ T37] 1 lock held by kworker/R-mm_pe/13: [ 3615.575933][ T37] 2 locks held by kworker/1:0/25: [ 3615.576947][ T37] 1 lock held by khungtaskd/37: [ 3615.577896][ T37] #0: ffffffff881d0d40 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x68/0x2e6 [ 3615.877015][ T37] 1 lock held by kcompactd0/40: [ 3615.877959][ T37] 1 lock held by kswapd0/78: [ 3616.166674][ T37] 1 lock held by klogd/2978: [ 3616.514353][ T37] 1 lock held by dhcpcd/3023: [ 3616.515537][ T37] 2 locks held by getty/3146: [ 3616.516408][ T37] #0: ff6000001cd530a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3a/0x46 [ 3616.803053][ T37] #1: ff2000000008b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xd7c/0x129a [ 3616.806270][ T37] 2 locks held by sshd/3174: [ 3616.807326][ T37] 3 locks held by syz-executor/3176: [ 3617.100746][ T37] #0: ff6000001d29b730 (&vma->vm_lock->lock){++++}-{4:4}, at: lock_vma_under_rcu+0x15a/0xa60 [ 3617.103867][ T37] #1: ff6000001d752518 (sb_pagefaults){.+.+}-{0:0}, at: ext4_page_mkwrite+0x1da/0x10cc [ 3617.106730][ T37] #2: ff6000001d754958 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xdac/0x122e [ 3617.377410][ T37] 2 locks held by syz-executor/3186: [ 3617.605235][ T37] 3 locks held by syz-executor/3190: [ 3617.606652][ T37] 3 locks held by kworker/u9:1/3421: [ 3617.607670][ T37] 2 locks held by kworker/0:1/6422: [ 3618.013016][ T37] #0: ff6000005cdd3a58 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x278/0x393a [ 3618.015894][ T37] #1: ff6000005cdbf688 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x22c/0x71a [ 3618.213648][ T37] 5 locks held by kworker/u10:1/6593: [ 3618.214878][ T37] 4 locks held by kworker/u8:0/7179: [ 3618.215784][ T37] 2 locks held by syz.0.1229/7250: [ 3618.216759][ T37] 1 lock held by syz.0.1229/7251: [ 3618.217650][ T37] #0: ff600000195ab650 (&mm->mmap_lock){++++}-{4:4}, at: do_exit+0x810/0x296e [ 3618.456034][ T37] [ 3618.456803][ T37] ============================================= [ 3618.456803][ T37] [ 3618.473060][ T37] NMI backtrace for cpu 0 [ 3618.474093][ T37] CPU: 0 UID: 0 PID: 37 Comm: khungtaskd Not tainted 6.13.0-rc3-syzkaller-g6f6ecce59d99 #0 [ 3618.475098][ T37] Hardware name: riscv-virtio,qemu (DT) [ 3618.475722][ T37] Call Trace: [ 3618.476284][ T37] [] dump_backtrace+0x2e/0x3c [ 3618.477191][ T37] [] show_stack+0x30/0x3c [ 3618.477974][ T37] [] dump_stack_lvl+0x12e/0x1a6 [ 3618.479073][ T37] [] dump_stack+0x1c/0x24 [ 3618.479946][ T37] [] nmi_cpu_backtrace+0x3b0/0x3b2 [ 3618.480901][ T37] [] nmi_trigger_cpumask_backtrace+0x2b6/0x458 [ 3618.481878][ T37] [] arch_trigger_cpumask_backtrace+0x2c/0x3e [ 3618.482819][ T37] [] watchdog+0xcee/0x1170 [ 3618.483649][ T37] [] kthread+0x28c/0x3a4 [ 3618.484674][ T37] [] ret_from_fork+0xe/0x18 [ 3618.501656][ T37] Sending NMI from CPU 0 to CPUs 1: [ 3618.503263][ C1] NMI backtrace for cpu 1 [ 3618.504298][ C1] CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.13.0-rc3-syzkaller-g6f6ecce59d99 #0 [ 3618.505344][ C1] Hardware name: riscv-virtio,qemu (DT) [ 3618.506048][ C1] epc : fq_pie_timer+0x1ce/0x5e0 [ 3618.506886][ C1] ra : fq_pie_timer+0x1c6/0x5e0 [ 3618.507714][ C1] epc : ffffffff852414ea ra : ffffffff852414e2 sp : ff200000001a7810 [ 3618.509031][ C1] gp : ffffffff899f64c0 tp : ff60000012ea0000 t0 : ff4f4e6900c9eac4 [ 3618.509900][ C1] t1 : ffe3ffff00034ee8 t2 : 0000000000000871 s0 : ff200000001a78b0 [ 3618.510741][ C1] s1 : 000000000000027d a0 : 0000000000000004 a1 : 0000000000000400 [ 3618.511598][ C1] a2 : 0000000000f00000 a3 : ffffffff852414e2 a4 : 0000000000000000 [ 3618.512439][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : 0000000000000003 [ 3618.513268][ C1] s2 : ff6000001c665b58 s3 : 000000000000027d s4 : 0000000000000400 [ 3618.514118][ C1] s5 : dfffffff00000000 s6 : ffebffff038ccb65 s7 : ffebffff038ccb5a [ 3618.514967][ C1] s8 : 0000000000000400 s9 : ff6000001c665b00 s10: 0000000000000004 [ 3618.515817][ C1] s11: ff6000001c665b24 t3 : ff60000012ea0b20 t4 : ffe3ffff00034ee8 [ 3618.516704][ C1] t5 : ffe3ffff00034ee9 t6 : 000000000000000a [ 3618.517449][ C1] status: 0000000200000120 badaddr: 0000000000000000 cause: 8000000000000001 [ 3618.518387][ C1] [] fq_pie_timer+0x1ce/0x5e0 [ 3618.519370][ C1] [] call_timer_fn+0x1fc/0xaae [ 3618.520291][ C1] [] __run_timers+0x6ea/0x8d8 [ 3618.521258][ C1] [] run_timer_base+0x136/0x1b6 [ 3618.522169][ C1] [] run_timer_softirq+0x1c/0x54 [ 3618.523199][ C1] [] handle_softirqs+0x4b2/0x132e [ 3618.524163][ C1] [] run_ksoftirqd+0xce/0x144 [ 3618.525133][ C1] [] smpboot_thread_fn+0x654/0xb96 [ 3618.526029][ C1] [] kthread+0x28c/0x3a4 [ 3618.526872][ C1] [] ret_from_fork+0xe/0x18 [ 3621.861639][ T37] Kernel panic - not syncing: hung_task: blocked tasks [ 3621.864485][ T37] CPU: 0 UID: 0 PID: 37 Comm: khungtaskd Not tainted 6.13.0-rc3-syzkaller-g6f6ecce59d99 #0 [ 3621.866398][ T37] Hardware name: riscv-virtio,qemu (DT) [ 3621.867521][ T37] Call Trace: [ 3621.868872][ T37] [] dump_backtrace+0x2e/0x3c [ 3621.870669][ T37] [] show_stack+0x30/0x3c [ 3621.872194][ T37] [] dump_stack_lvl+0x110/0x1a6 [ 3621.873874][ T37] [] dump_stack+0x1c/0x24 [ 3621.875445][ T37] [] panic+0x38c/0x870 [ 3621.876861][ T37] [] watchdog+0x772/0x1170 [ 3621.878279][ T37] [] kthread+0x28c/0x3a4 [ 3621.879750][ T37] [] ret_from_fork+0xe/0x18 [ 3621.881855][ T37] SMP: stopping secondary CPUs [ 3621.886086][ T37] Rebooting in 86400 seconds.. VM DIAGNOSIS: 06:37:05 Registers: info registers vcpu 0 CPU#0 V = 0 pc ffffffff85603498 mhartid 0000000000000000 mstatus 0000000a000000a0 hstatus 0000000200000000 vsstatus 0000000a00000000 mip 0000000000000000 mie 000000000000022a mideleg 0000000000001666 hideleg 0000000000000444 medeleg 0000000000f0b509 hedeleg 000000000000b109 mtvec 00000000800004f0 stvec ffffffff861e5138 vstvec 0000000000000000 mepc ffffffff80083676 sepc ffffffff85544ff4 vsepc 0000000000000000 mcause 0000000000000009 scause 8000000000000005 vscause 0000000000000000 mtval 0000000000000000 stval 0000000000000000 htval 0000000000000000 mtval2 0000000000000000 mscratch 000000008004a000 sscratch 0000000000000000 satp a0711000000b1850 x0/zero 0000000000000000 x1/ra ffffffff8556181e x2/sp ff20000000006740 x3/gp ffffffff899f64c0 x4/tp ff60000014ea3480 x5/t0 0e13231cd9e10305 x6/t1 fffffffef21bd6d9 x7/t2 0000000000000005 x8/s0 ff200000000067f0 x9/s1 ff6000003fbd2dc0 x10/a0 ffffffff90dead40 x11/a1 000000000202000a x12/a2 0000000000f00000 x13/a3 ffffffff855526e6 x14/a4 0000000000000000 x15/a5 ff60000014ea3480 x16/a6 0000000000f00000 x17/a7 ffffffff90deb6cf x18/s2 ff60000019712640 x19/s3 ff60000019712818 x20/s4 0006000100000000 x21/s5 ff60000039baa1d8 x22/s6 ff60000019712bb0 x23/s7 1fec0000032e2576 x24/s8 ffffffff90dead40 x25/s9 1fec000007f7a5c3 x26/s10 1fec000007f7a5d2 x27/s11 1fec00000737543b x28/t3 ff60000014ea3fa0 x29/t4 ffebffff032e2576 x30/t5 ffebffff032e2577 x31/t6 000000000000000b f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 CPU#1 V = 0 pc ffffffff8523ac08 mhartid 0000000000000001 mstatus 0000000a000000a2 hstatus 0000000200000000 vsstatus 0000000a00000000 mip 0000000000000000 mie 000000000000022a mideleg 0000000000001666 hideleg 0000000000000444 medeleg 0000000000f0b509 hedeleg 000000000000b109 mtvec 00000000800004f0 stvec ffffffff861e5138 vstvec 0000000000000000 mepc ffffffff80071542 sepc ffffffff804b6d0a vsepc 0000000000000000 mcause 8000000000000003 scause 8000000000000005 vscause 0000000000000000 mtval 0000000000000000 stval 0000000000000000 htval 0000000000000000 mtval2 0000000000000000 mscratch 0000000080048000 sscratch 0000000000000000 satp a00660000009e27b x0/zero 0000000000000000 x1/ra ffffffff804b6d0a x2/sp ff200000001a7770 x3/gp ffffffff899f64c0 x4/tp ff60000012ea0000 x5/t0 ff4f4e6900c9eac4 x6/t1 ffe3ffff00034ee8 x7/t2 0000000000000871 x8/s0 ff200000001a7810 x9/s1 ff6000003c747380 x10/a0 0000000000000001 x11/a1 000000000001c9c3 x12/a2 0000000000f00000 x13/a3 ffffffff8523afb6 x14/a4 0000000000000000 x15/a5 0000000000000001 x16/a6 0000000000f00000 x17/a7 0000000000000003 x18/s2 ff6000001c665b00 x19/s3 0000000000000000 x20/s4 0000000000000000 x21/s5 0000000000000000 x22/s6 00000000000f4240 x23/s7 0000000000000000 x24/s8 00051eb851eb851e x25/s9 0000000000000000 x26/s10 0000000000000000 x27/s11 ff6000003c7473f8 x28/t3 ff60000012ea0b20 x29/t4 ffe3ffff00034ee8 x30/t5 ffe3ffff00034ee9 x31/t6 000000000000000a f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000