last executing test programs: 8m26.072564595s ago: executing program 3 (id=208): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a78000000060a0b040000020000000000020100004c000480480001800a0001006d61746368000000380002800e000100636f6e6e62797465730000001c0003004cb4fc4ba7906e8f58c20508000000000000007521cf85ee08000240000000000900010073797a30000000000900020073797a32"], 0xa0}}, 0x0) 8m25.923750251s ago: executing program 3 (id=211): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79}) ioctl$UFFDIO_MOVE(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f0000ae4000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x3000, 0x1}) 8m25.921751253s ago: executing program 3 (id=213): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) write$tun(r0, &(0x7f00000018c0)=ANY=[@ANYBLOB="00000060ec97"], 0x76) 8m25.629333201s ago: executing program 3 (id=218): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x8) 8m25.627078036s ago: executing program 3 (id=220): r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0) ioctl$I2C_PEC(r0, 0x708, 0xffffffffffffffff) ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000140)={0x1, 0x4, 0x7, &(0x7f0000000040)={0x2, "6981adb34bedde0b92e6997876e929ac46e285d856ec7dea552bacd3685ddb34c0"}}) 8m25.006882669s ago: executing program 3 (id=237): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x81, 0x4, 0x8000, 0x16, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50) r0 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0xfb6e, 0x38c1, 0x4, 0xf0}) io_uring_register$IORING_REGISTER_FILES(r0, 0x20, &(0x7f0000000000)=[0xffffffffffffffff], 0x1) 8m24.978595248s ago: executing program 32 (id=237): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x81, 0x4, 0x8000, 0x16, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50) r0 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0xfb6e, 0x38c1, 0x4, 0xf0}) io_uring_register$IORING_REGISTER_FILES(r0, 0x20, &(0x7f0000000000)=[0xffffffffffffffff], 0x1) 7m11.776126229s ago: executing program 1 (id=2710): futex(&(0x7f000000cffc)=0x40000000, 0x6, 0x80, 0x0, 0x0, 0xffffffec) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) 7m11.715975267s ago: executing program 1 (id=2713): r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000380)=0x2, 0x4) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f00000007c0), 0x10) 7m11.70600378s ago: executing program 1 (id=2716): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_SPLIT(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x44, r1, 0x1, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x4d}}]}, 0x44}}, 0x0) 7m11.658886108s ago: executing program 1 (id=2718): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@ipv6_newroute={0x1c, 0x18, 0x1ef, 0x70bd2b, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd}}, 0x1c}, 0x1, 0x11}, 0x0) getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x9ff) 7m11.619621194s ago: executing program 1 (id=2721): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100) fcntl$notify(r0, 0x402, 0x8000000b) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20) 7m11.567482257s ago: executing program 1 (id=2724): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000c00)=@assoc_value={0x0}, &(0x7f0000000000)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000180)={r1, 0x9}, 0xc) 6m56.573877592s ago: executing program 33 (id=2724): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000c00)=@assoc_value={0x0}, &(0x7f0000000000)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000180)={r1, 0x9}, 0xc) 3m37.009926627s ago: executing program 0 (id=7573): r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000007794608cd0c39007b90000000010902120001fc0000000904"], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x2, 0x402) ioctl$I2C_RDWR(r1, 0x707, &(0x7f00000002c0)={&(0x7f0000000100)=[{0x8, 0x10, 0x0, 0x0}, {0x8, 0x0, 0x0, 0x0}], 0x2}) 3m33.920178295s ago: executing program 0 (id=7610): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'authenc(streebog256-generic,pcbc(fcrypt-generic))\x00'}, 0x58) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000880)="00773691", 0x7700) 3m33.915917009s ago: executing program 0 (id=7611): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x24, r1, 0x1, 0xfffbff80, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x24}}, 0x4080) 3m33.829221805s ago: executing program 0 (id=7612): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x51) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x81899, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount(0x0, &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x80000, 0x0) 3m33.827285012s ago: executing program 0 (id=7613): syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') io_setup(0x6, &(0x7f0000001380)=0x0) io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r0, 0x0}]) 3m33.257664442s ago: executing program 0 (id=7614): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x2210088, &(0x7f0000000580)=ANY=[@ANYBLOB="74f5026e733d76697274696f2c70726976706f72742c646972656374696f2c63616368653d6c6f6f73652c6d73697a653d307830303030303030303030303031303030"]) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') read$FUSE(r0, &(0x7f0000000cc0)={0x2020}, 0x2020) 3m33.186943463s ago: executing program 34 (id=7614): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x2210088, &(0x7f0000000580)=ANY=[@ANYBLOB="74f5026e733d76697274696f2c70726976706f72742c646972656374696f2c63616368653d6c6f6f73652c6d73697a653d307830303030303030303030303031303030"]) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') read$FUSE(r0, &(0x7f0000000cc0)={0x2020}, 0x2020) 2m33.437583108s ago: executing program 2 (id=8962): r0 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0) landlock_restrict_self(r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10) 2m33.345971677s ago: executing program 2 (id=8957): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x845c5000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) sync_file_range(0xffffffffffffffff, 0xc, 0x8, 0x2) 2m33.022024663s ago: executing program 2 (id=8961): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x4d, 0x800000, 0x8, 0x5, 0x80, 0x81}) write$bt_hci(r0, &(0x7f0000000080)=ANY=[], 0x6) 2m33.021743985s ago: executing program 2 (id=8964): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 2m32.576725074s ago: executing program 2 (id=8966): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000001c0)={{0x4, 0x0, 0x3, 0x8001}, 'syz1\x00', 0x1}) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) 2m32.402111271s ago: executing program 2 (id=8971): capset(&(0x7f00000000c0)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xc262, 0xfffffffb}) syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f) 2m32.356129029s ago: executing program 35 (id=8971): capset(&(0x7f00000000c0)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xc262, 0xfffffffb}) syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f) 1.519813615s ago: executing program 7 (id=10806): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) read$qrtrtun(r0, 0x0, 0x0) 1.429654272s ago: executing program 7 (id=10808): r0 = memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[5\xa9\x90\xffc\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\xffT\xbf\xd1\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9', 0x0) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x6000, 0x1) unlink(&(0x7f0000000040)='./file0\x00') mknod$loop(&(0x7f0000000200)='./file0\x00', 0x6000, 0x0) 917.792349ms ago: executing program 7 (id=10818): r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x20) symlinkat(&(0x7f0000000040)='./file0\x00', r1, &(0x7f0000000080)='./file0\x00') openat(r1, &(0x7f00000000c0)='./file0\x00', 0x10f602, 0x52abe154ad664fa4) 778.052885ms ago: executing program 7 (id=10821): r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 597.079465ms ago: executing program 7 (id=10826): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000340)="0a000300010000", 0x7) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000300)=0x205b, 0x4) recvmmsg(r0, &(0x7f0000001780)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/44, 0x2c}, 0x6}], 0x1, 0x10160, 0x0) 489.293843ms ago: executing program 7 (id=10828): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000080008d804dd0000000000000109022400010000a008090400fe01030001000921fffffd0122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000080)={0x18, &(0x7f00000012c0)=ANY=[@ANYBLOB="001105"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1) ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000140)={&(0x7f0000005340)=[{0xffff, 0x1810, 0x0, 0x0}, {0x6, 0x200, 0x0, 0x0}], 0x2}) 350.081301ms ago: executing program 6 (id=10834): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="8b3300000000000000000500000008000300", @ANYRES32=r2], 0x28}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) 349.884951ms ago: executing program 5 (id=10835): rt_sigprocmask(0x2, &(0x7f0000000200)={[0xfffffbfd]}, 0x0, 0x8) r0 = gettid() r1 = getpid() rt_tgsigqueueinfo(r1, r0, 0x1b, &(0x7f0000000280)={0xc, 0x0, 0x4}) syz_io_uring_setup(0x631c, 0x0, 0x0, 0x0, &(0x7f0000000000)) 299.824718ms ago: executing program 4 (id=10836): sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000000308010100000000000000000000000006000240000000002c541180"], 0x50}}, 0x0) syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0) 299.665492ms ago: executing program 5 (id=10837): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) unshare(0x2c020400) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000480)=ANY=[@ANYRESDEC], 0x2000, 0x0) msgrcv(r0, &(0x7f0000001080)={0x0, ""/1}, 0x5, 0x1, 0x3000) 207.687142ms ago: executing program 5 (id=10838): bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='I', 0x1, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000100), 0x6) 207.495482ms ago: executing program 6 (id=10839): r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0) r1 = epoll_create(0x5) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x3}) clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0xf6d, 0x3, 0xd, 0x7fffffff, 0x0, 0x4, 0x200000000000000, 0x0, 0x100, 0x0, 0x0, 0x9, 0x3, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x1000, 0x2000000000008, 0x9, 0x3, 0x8000000000005a, 0x3}) 207.328476ms ago: executing program 4 (id=10840): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x3, &(0x7f00000001c0), 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000180)=0x1, 0x4) sendmsg$can_raw(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x1d, r1}, 0x10, &(0x7f0000000000)={&(0x7f0000000100)=@canfd={{0x2, 0x0, 0x1, 0x1}, 0x3a, 0x2, 0x0, 0x0, "559c4157df5c5fc0a343bdfd992c89ec7c178d3d401a0657e948c1e50e9f29438946924347e8c9a7f1d228cf082056214904d6e39350c2d1bf5443d0ef0296b0"}, 0x48}, 0x1, 0x0, 0x0, 0x4000050}, 0x11) 207.197795ms ago: executing program 4 (id=10841): r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, r1, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, [0x0], [0xffffffff], [], [0xfffffffffffffffc]}) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)={r3}) 207.1163ms ago: executing program 5 (id=10842): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000180)={0xbe, 0x0, 0x1}) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x4b564d06}]}) 205.985275ms ago: executing program 6 (id=10843): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0}) setrlimit(0x7, &(0x7f0000000000)={0x0, 0x9}) ioctl$DMA_BUF_IOCTL_SYNC(r2, 0xc0086202, &(0x7f0000000540)=0x1) 137.782553ms ago: executing program 5 (id=10844): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="24000000700039022abd7000fbdbdf2507060000", @ANYRES32=r1, @ANYBLOB="0c000180080001"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) 137.533601ms ago: executing program 6 (id=10845): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 137.381588ms ago: executing program 4 (id=10846): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1}) r1 = dup(r0) mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r1, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}) 137.242801ms ago: executing program 5 (id=10847): syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newlink={0x44, 0x10, 0x401, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x22214, 0x8900}, [@IFLA_MASTER={0x8, 0x3, r2}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x4}]}}}]}, 0x44}, 0x1, 0xd, 0x0, 0x480c5}, 0x20000000) 137.112511ms ago: executing program 6 (id=10848): mkdir(&(0x7f0000000600)='./file0\x00', 0x9b) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000800), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000400)={0x50, 0x0, r1, {0x7, 0x2b, 0x10, 0x48e24078, 0x0, 0x0, 0xc0000000, 0xfffffffe, 0xc00, 0x0, 0x100}}, 0x50) 69.381899ms ago: executing program 6 (id=10849): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10) listen(r0, 0x0) accept4$inet(r0, &(0x7f0000000000)={0x2, 0x0, @broadcast}, &(0x7f0000000200)=0x10, 0x80000) mount$9p_tcp(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f0000000180)={'trans=tcp,', {'port', 0x3d, 0x4e22}}) 69.173972ms ago: executing program 4 (id=10850): syz_open_dev$sndmidi(0x0, 0x2, 0x141102) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, 0x0) iopl(0x3) setreuid(0xee01, 0x0) 0s ago: executing program 4 (id=10851): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x1}) ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000240)={0x81, 0x0, 0x1}) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000300)={0x1, 0x0, [{0x4, 0x2, 0x1, 0x0, @irqchip={0x1, 0x3}}]}) kernel console output (not intermixed with test programs): 85122][ T1341] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 414.892042][ T1341] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 414.898910][ T1341] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 414.904848][ T1341] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 414.908940][ T1341] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 414.911758][ T1341] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.914723][T26004] netlink: 236 bytes leftover after parsing attributes in process `syz.2.8950'. [ 414.917700][T26004] netlink: 236 bytes leftover after parsing attributes in process `syz.2.8950'. [ 415.132269][ T1341] usb 11-1: GET_CAPABILITIES returned 0 [ 415.134049][ T1341] usbtmc 11-1:16.0: can't read capabilities [ 415.172551][T26021] kvm: apic: phys broadcast and lowest prio [ 415.262378][ T5752] Bluetooth: hci1: command 0x0405 tx timeout [ 415.326675][T26026] program syz.5.8959 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 415.339562][ C2] usbtmc 11-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 415.344332][ C2] usbtmc 11-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 415.354120][T25981] usbtmc 11-1:16.0: Unable to send data, error -71 [ 415.361478][ T5831] usb 11-1: USB disconnect, device number 7 [ 415.592054][ T5752] Bluetooth: hci2: command tx timeout [ 415.662714][ T843] usb 10-1: new high-speed USB device number 20 using dummy_hcd [ 415.812398][ T843] usb 10-1: Using ep0 maxpacket: 8 [ 415.816259][ T843] usb 10-1: config index 0 descriptor too short (expected 301, got 45) [ 415.819697][ T843] usb 10-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 415.824244][ T843] usb 10-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 415.829887][ T843] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 415.833715][ T843] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.839901][ T843] usbtmc 10-1:16.0: bulk endpoints not found [ 416.047363][ T843] usb 10-1: USB disconnect, device number 20 [ 416.160374][T26052] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8974'. [ 416.175266][ T5746] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 416.188515][ T5746] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 416.193195][ T5746] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 416.201629][ T5746] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 416.204548][T26056] netlink: 24 bytes leftover after parsing attributes in process `syz.6.8975'. [ 416.208327][ T5746] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 416.216591][T26056] netlink: 24 bytes leftover after parsing attributes in process `syz.6.8975'. [ 416.222316][T26056] netlink: 'syz.6.8975': attribute type 3 has an invalid length. [ 416.413557][T26053] wlan0 speed is unknown, defaulting to 1000 [ 416.752619][T26053] bridge0: port 1(bridge_slave_0) entered blocking state [ 416.760881][T26053] bridge0: port 1(bridge_slave_0) entered disabled state [ 416.763550][T26053] bridge_slave_0: entered allmulticast mode [ 416.766295][T26053] bridge_slave_0: entered promiscuous mode [ 416.770527][T26053] bridge0: port 2(bridge_slave_1) entered blocking state [ 416.776656][T26053] bridge0: port 2(bridge_slave_1) entered disabled state [ 416.779546][T26053] bridge_slave_1: entered allmulticast mode [ 416.795334][T26053] bridge_slave_1: entered promiscuous mode [ 416.813902][T26053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 416.827846][T26053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 416.856587][T26053] team0: Port device team_slave_0 added [ 416.859760][T26053] team0: Port device team_slave_1 added [ 416.876469][T26053] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 416.878549][T26053] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 416.886589][T26053] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 416.890841][T26053] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 416.892918][T26053] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 416.900648][T26053] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 416.927088][T26053] hsr_slave_0: entered promiscuous mode [ 416.929370][T26053] hsr_slave_1: entered promiscuous mode [ 416.931556][T26053] debugfs: 'hsr0' already exists in 'hsr' [ 416.933713][T26053] Cannot create hsr debugfs directory [ 417.130577][T26115] can0: slcan on ttynull. [ 417.160220][T26053] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 417.205084][T26053] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 417.210682][T26053] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 417.255830][T26053] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 417.261756][T26053] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 417.305179][T26053] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 417.309192][T26053] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 417.348973][T26053] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 417.374624][T26053] bridge0: port 2(bridge_slave_1) entered blocking state [ 417.377690][T26053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 417.380972][T26053] bridge0: port 1(bridge_slave_0) entered blocking state [ 417.384045][T26053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 417.392392][T25890] usb 10-1: new high-speed USB device number 21 using dummy_hcd [ 417.443050][T26053] 8021q: adding VLAN 0 to HW filter on device bond0 [ 417.483464][ T214] bridge0: port 1(bridge_slave_0) entered disabled state [ 417.532344][ T214] bridge0: port 2(bridge_slave_1) entered disabled state [ 417.553494][T25890] usb 10-1: config 0 has no interfaces? [ 417.555362][T25890] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 417.558608][T25890] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 417.562874][T25890] usb 10-1: config 0 descriptor?? [ 417.672415][ T5752] Bluetooth: hci2: command tx timeout [ 417.769843][T25890] usb 10-1: USB disconnect, device number 21 [ 418.302147][ T5752] Bluetooth: hci0: command tx timeout [ 418.415180][T26053] 8021q: adding VLAN 0 to HW filter on device team0 [ 418.561722][ T214] bridge0: port 1(bridge_slave_0) entered blocking state [ 418.564787][ T214] bridge0: port 1(bridge_slave_0) entered forwarding state [ 418.584169][ T7370] bridge0: port 2(bridge_slave_1) entered blocking state [ 418.587182][ T7370] bridge0: port 2(bridge_slave_1) entered forwarding state [ 418.606989][T26114] can0 (unregistered): slcan off ttynull. [ 418.912826][T26053] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 419.091159][T26053] veth0_vlan: entered promiscuous mode [ 419.098174][T26053] veth1_vlan: entered promiscuous mode [ 419.117775][T26053] veth0_macvtap: entered promiscuous mode [ 419.122614][T26053] veth1_macvtap: entered promiscuous mode [ 419.138742][T26053] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 419.150343][T26053] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 419.164199][ T5752] Bluetooth: unknown link type 128 [ 419.172104][ T7370] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.177713][ T7370] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.182686][ T163] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.195940][ T163] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.271836][T26173] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 419.275238][T26173] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 419.278972][T26173] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 419.281312][T26173] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 419.317211][T26182] wlan0 speed is unknown, defaulting to 1000 [ 419.362873][T26173] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 419.502854][T26173] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 419.505456][T26173] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 419.593947][T26173] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 419.706855][ T6236] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 419.710511][ T6236] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 419.741609][ T1210] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 419.745080][ T1210] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 419.909919][T26193] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8972'. [ 419.932110][ T5884] usb 10-1: new full-speed USB device number 22 using dummy_hcd [ 419.992512][T26199] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 419.995641][T26199] overlayfs: NFS export requires an index dir, falling back to nfs_export=off. [ 420.028587][T26203] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9016'. [ 420.093432][ T5884] usb 10-1: config 0 has no interfaces? [ 420.099134][ T5884] usb 10-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=fb.9d [ 420.103970][ T5884] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 420.110211][ T5884] usb 10-1: Product: syz [ 420.111605][ T5884] usb 10-1: Manufacturer: syz [ 420.114802][ T5884] usb 10-1: SerialNumber: syz [ 420.118777][ T5884] usb 10-1: config 0 descriptor?? [ 420.429569][ T6036] usb 10-1: USB disconnect, device number 22 [ 420.524745][T26239] usb 1-1: USB disconnect, device number 3 [ 420.716354][T26249] hub 1-0:1.0: USB hub found [ 420.724740][T26249] hub 1-0:1.0: 6 ports detected [ 420.902038][ T6036] usb 1-1: new high-speed USB device number 4 using ehci-pci [ 421.086507][ T6036] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 421.089875][ T6036] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 421.093265][ T6036] usb 1-1: Product: QEMU USB Tablet [ 421.095121][ T6036] usb 1-1: Manufacturer: QEMU [ 421.097673][ T6036] usb 1-1: SerialNumber: 28754-0000:00:1d.7-1 [ 421.102319][ T843] usb 9-1: new high-speed USB device number 23 using dummy_hcd [ 421.131399][ T6036] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb1/1-1/1-1:1.0/0003:0627:0001.000E/input/input35 [ 421.208709][ T6036] hid-generic 0003:0627:0001.000E: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 421.262353][ T5752] Bluetooth: hci4: command 0x0c1a tx timeout [ 421.275334][ T843] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 421.280156][ T843] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 421.287560][ T843] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 421.291460][ T843] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.321379][T26256] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 421.342171][ T5752] Bluetooth: hci2: command 0x0c1a tx timeout [ 421.342797][ T5746] Bluetooth: hci1: command 0x0405 tx timeout [ 421.351408][ T843] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 421.582140][ T5746] Bluetooth: hci0: command 0x040f tx timeout [ 421.607821][ T843] usb 9-1: USB disconnect, device number 23 [ 421.891345][T26282] usb 1-1: USB disconnect, device number 4 [ 421.905449][ T5746] Bluetooth: unknown link type 128 [ 422.029628][T26283] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 422.039032][T26283] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 422.050420][T26283] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 422.055925][T26283] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 422.069439][T26291] hub 1-0:1.0: USB hub found [ 422.071124][T26291] hub 1-0:1.0: 6 ports detected [ 422.208843][T26299] macvtap0: entered promiscuous mode [ 422.213949][T26299] macvtap0: left promiscuous mode [ 422.252086][ T1341] usb 1-1: new high-speed USB device number 5 using ehci-pci [ 422.355391][T26307] wlan0 speed is unknown, defaulting to 1000 [ 422.456746][ T1341] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 422.459433][ T1341] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 422.462480][ T1341] usb 1-1: Product: QEMU USB Tablet [ 422.464264][ T1341] usb 1-1: Manufacturer: QEMU [ 422.465745][ T1341] usb 1-1: SerialNumber: 28754-0000:00:1d.7-1 [ 422.494427][ T1341] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb1/1-1/1-1:1.0/0003:0627:0001.000F/input/input36 [ 422.579593][ T1341] hid-generic 0003:0627:0001.000F: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 423.903975][ T843] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 424.062218][ T5746] Bluetooth: hci2: command 0x0c1a tx timeout [ 424.062261][ T5752] Bluetooth: hci1: command 0x0405 tx timeout [ 424.062409][ T5753] Bluetooth: hci4: command 0x0c1a tx timeout [ 424.072397][ T5752] Bluetooth: hci0: command 0x040f tx timeout [ 426.143487][ T5752] Bluetooth: hci2: command 0x0c1a tx timeout [ 426.152376][ T5746] Bluetooth: hci0: command 0x040f tx timeout [ 428.222471][ T5746] Bluetooth: hci0: command 0x040f tx timeout [ 430.312270][ T5746] Bluetooth: hci0: command 0x040f tx timeout [ 432.394169][ T5746] Bluetooth: hci0: command 0x040f tx timeout [ 432.504023][T26348] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9067'. [ 432.897176][T26371] hugetlbfs: syz.6.9077 (26371): Using mlock ulimits for SHM_HUGETLB is obsolete [ 433.066410][T26379] netlink: 140 bytes leftover after parsing attributes in process `syz.6.9081'. [ 433.590146][T26394] netlink: 'syz.5.9087': attribute type 8 has an invalid length. [ 434.402235][ T6036] usb 11-1: new high-speed USB device number 8 using dummy_hcd [ 434.412176][T26451] loop5: detected capacity change from 0 to 7 [ 434.531149][T26451] Dev loop5: unable to read RDB block 7 [ 434.533016][T26451] loop5: unable to read partition table [ 434.534801][T26451] loop5: partition table beyond EOD, truncated [ 434.536665][T26451] loop_reread_partitions: partition scan of loop5 (Wý* %4FLQk݊5) failed (rc=-5) [ 434.569676][ T6036] usb 11-1: unable to get BOS descriptor or descriptor too short [ 434.574652][ T6036] usb 11-1: unable to read config index 0 descriptor/start: -71 [ 434.577051][ T6036] usb 11-1: can't read configurations, error -71 [ 434.583213][T26456] loop6: detected capacity change from 0 to 8 [ 434.745457][T26456] loop6: detected capacity change from 8 to 7 [ 434.752940][ C2] blk_print_req_error: 11 callbacks suppressed [ 434.752951][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 434.757685][ C2] buffer_io_error: 11 callbacks suppressed [ 434.757694][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 434.766179][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 434.769073][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 434.772089][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 434.775254][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 434.778242][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 434.781744][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 434.788830][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 434.791686][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 434.796516][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 434.800570][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 434.804797][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 434.808936][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 434.812632][T26456] ldm_validate_partition_table(): Disk read failed. [ 434.819035][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 434.823209][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 434.826965][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 434.831119][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 434.834751][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 434.837734][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 434.841081][T26456] Dev loop6: unable to read RDB block 0 [ 434.844381][T26456] loop6: unable to read partition table [ 434.846382][T26456] loop6: partition table beyond EOD, truncated [ 434.848669][T26456] loop_reread_partitions: partition scan of loop6 ([{BѷMܾ`*Z5]z(Ť4+hGpXgm [ 434.848669][T26456] .BL_se) failed (rc=-5) [ 435.872207][ T6036] usb 9-1: new full-speed USB device number 24 using dummy_hcd [ 436.023966][ T6036] usb 9-1: config 0 has an invalid interface number: 8 but max is 0 [ 436.027390][ T6036] usb 9-1: config 0 has no interface number 0 [ 436.029956][ T6036] usb 9-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F [ 436.036625][ T6036] usb 9-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 436.041135][ T6036] usb 9-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 436.048331][ T6036] usb 9-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 436.051661][ T6036] usb 9-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 436.054536][ T6036] usb 9-1: Product: syz [ 436.055913][ T6036] usb 9-1: SerialNumber: syz [ 436.059511][ T6036] usb 9-1: config 0 descriptor?? [ 436.065098][ T6036] cm109 9-1:0.8: invalid payload size 0, expected 4 [ 436.068558][ T6036] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.8/input/input38 [ 436.296690][ T843] usb 9-1: USB disconnect, device number 24 [ 436.296697][ C0] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 436.296817][ C0] cm109 9-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 436.335580][ T843] cm109 9-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 436.344298][T26560] nbd: socks must be embedded in a SOCK_ITEM attr [ 436.347030][T26560] block nbd6: shutting down sockets [ 436.389711][T26566] kvm: kvm [26565]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0xcd [ 436.421482][T26568] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9167'. [ 436.424689][T26568] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9167'. [ 436.427500][T26568] netlink: 'syz.6.9167': attribute type 13 has an invalid length. [ 436.430049][T26568] netlink: 'syz.6.9167': attribute type 11 has an invalid length. [ 436.878035][T26592] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9177'. [ 437.086005][T26605] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 437.099256][T26604] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 437.217335][ T6036] kernel write not supported for file /ppp (pid: 6036 comm: kworker/0:5) [ 437.325031][T26626] veth0_vlan: left promiscuous mode [ 437.599239][ T843] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 437.626898][ T843] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 437.632859][ T843] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 437.637215][ T843] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 437.640373][ T843] rtc rtc0: __rtc_set_alarm: err=-22 [ 438.031124][T26689] Bluetooth: MGMT ver 1.23 [ 438.247498][T26699] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 438.422041][ T6036] usb 11-1: new high-speed USB device number 10 using dummy_hcd [ 438.573471][ T6036] usb 11-1: Using ep0 maxpacket: 16 [ 438.579793][ T6036] usb 11-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22 [ 438.583966][ T6036] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 438.586894][ T6036] usb 11-1: Product: syz [ 438.588907][ T6036] usb 11-1: Manufacturer: syz [ 438.590840][ T6036] usb 11-1: SerialNumber: syz [ 438.623824][T26723] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 438.812036][ T6036] usb 11-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state [ 438.817774][ T6036] usb 11-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 438.822352][ T6036] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0) [ 438.825760][ T6036] usb 11-1: media controller created [ 438.836416][ T6036] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 438.901039][T26739] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 438.903464][T26739] IPv6: NLM_F_CREATE should be set when creating new route [ 439.067512][ T6036] zl10353_read_register: readreg error (reg=127, ret==-110) [ 439.082088][ T5822] kernel read not supported for file /dsp1 (pid: 5822 comm: kworker/0:3) [ 439.102482][ T6036] dvb_usb_gl861 11-1:157.0: probe with driver dvb_usb_gl861 failed with error -5 [ 439.109536][ T6036] usb 11-1: USB disconnect, device number 10 [ 439.578373][T26762] bridge0: port 3(vlan2) entered blocking state [ 439.580554][T26762] bridge0: port 3(vlan2) entered disabled state [ 439.583330][T26762] vlan2: entered allmulticast mode [ 439.585227][T26762] bridge0: entered allmulticast mode [ 439.613127][T26762] vlan2: left allmulticast mode [ 439.615299][T26762] bridge0: left allmulticast mode [ 439.649964][T26766] kvm: user requested TSC rate below hardware speed [ 439.912073][ T5831] usb 12-1: new high-speed USB device number 2 using dummy_hcd [ 440.062050][ T5831] usb 12-1: Using ep0 maxpacket: 16 [ 440.067608][ T5831] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 440.074090][ T5831] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 440.078534][ T5831] usb 12-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 440.081338][ T5831] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.086273][ T5831] usb 12-1: config 0 descriptor?? [ 440.418427][T26808] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9277'. [ 441.258197][T26860] netlink: 52 bytes leftover after parsing attributes in process `syz.4.9299'. [ 441.302584][T26866] input: syz0 as /devices/virtual/input/input39 [ 441.562206][ T5822] usb 10-1: new high-speed USB device number 23 using dummy_hcd [ 441.707710][T26885] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9310'. [ 441.717817][T26885] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9310'. [ 441.723579][ T5822] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD4, changing to 0x84 [ 441.731954][ T5822] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 51544, setting to 1024 [ 441.735966][ T5822] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024 [ 441.742484][ T5822] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 441.746352][ T5822] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 441.749218][ T5822] usb 10-1: Product: syz [ 441.750585][ T5822] usb 10-1: Manufacturer: syz [ 441.752216][ T5822] usb 10-1: SerialNumber: syz [ 441.755417][ T5822] usb 10-1: config 0 descriptor?? [ 441.758057][T26868] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 441.967483][T26868] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 442.111995][ T29] usb 9-1: new high-speed USB device number 25 using dummy_hcd [ 442.179825][ T34] usb 10-1: USB disconnect, device number 23 [ 442.262030][ T29] usb 9-1: Using ep0 maxpacket: 32 [ 442.264963][ T29] usb 9-1: config 0 has no interfaces? [ 442.268273][ T29] usb 9-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 442.271120][ T29] usb 9-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 442.273881][ T29] usb 9-1: Product: syz [ 442.275189][ T29] usb 9-1: Manufacturer: syz [ 442.276674][ T29] usb 9-1: SerialNumber: syz [ 442.279500][ T29] usb 9-1: config 0 descriptor?? [ 442.447103][T26905] netlink: 4100 bytes leftover after parsing attributes in process `syz.6.9314'. [ 442.488337][ T34] usb 9-1: USB disconnect, device number 25 [ 442.564511][T26912] misc userio: Can't change port type on an already running userio instance [ 442.706698][ T5831] usbhid 12-1:0.0: can't add hid device: -71 [ 442.708680][ T5831] usbhid 12-1:0.0: probe with driver usbhid failed with error -71 [ 442.729444][ T5831] usb 12-1: USB disconnect, device number 2 [ 443.071711][T26966] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9331'. [ 443.222110][ T5831] usb 11-1: new high-speed USB device number 11 using dummy_hcd [ 443.392125][ T5831] usb 11-1: Using ep0 maxpacket: 8 [ 443.395131][ T5831] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 443.398272][ T5831] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 443.401290][ T5831] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 443.404553][ T5831] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 443.408864][ T5831] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 443.411691][ T5831] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.644266][ T5831] usb 11-1: GET_CAPABILITIES returned 0 [ 443.646257][ T5831] usbtmc 11-1:16.0: can't read capabilities [ 443.781402][T27004] vlan2: entered promiscuous mode [ 443.785036][T27004] bond0: entered promiscuous mode [ 443.786659][T27004] bond_slave_0: entered promiscuous mode [ 443.791506][T27004] bond_slave_1: entered promiscuous mode [ 443.849839][ T5831] usb 11-1: USB disconnect, device number 11 [ 443.917578][T27019] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9357'. [ 443.968680][T27024] IPv6: addrconf: prefix option has invalid lifetime [ 444.403521][T27054] dummy0: entered promiscuous mode [ 444.407526][T27054] dummy0: left promiscuous mode [ 444.570800][T27071] netem: change failed [ 444.668484][T27077] kvm: kvm [27076]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0 [ 444.706753][ T1433] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.803173][T27091] input: syz1 as /devices/virtual/input/input41 [ 445.942040][ T1341] usb 9-1: new high-speed USB device number 26 using dummy_hcd [ 446.066986][T27129] loop5: detected capacity change from 0 to 2640 [ 446.074140][T27129] buffer_io_error: 10 callbacks suppressed [ 446.074173][T27129] Buffer I/O error on dev loop5, logical block 0, async page read [ 446.078659][T26744] Buffer I/O error on dev loop5, logical block 0, async page read [ 446.087024][T27129] Buffer I/O error on dev loop5, logical block 0, async page read [ 446.090835][T26744] Buffer I/O error on dev loop5, logical block 0, async page read [ 446.093224][ T1341] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 446.094788][T26744] Buffer I/O error on dev loop5, logical block 0, async page read [ 446.097224][ T1341] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 446.100740][T26744] Buffer I/O error on dev loop5, logical block 0, async page read [ 446.103571][ T1341] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 446.107552][T27129] Buffer I/O error on dev loop5, logical block 0, async page read [ 446.112465][ T1341] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 446.114945][T26744] Buffer I/O error on dev loop5, logical block 0, async page read [ 446.116861][ T1341] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 446.120344][T27129] Buffer I/O error on dev loop5, logical block 0, async page read [ 446.123375][ T1341] usb 9-1: Product: syz [ 446.125232][T27129] Buffer I/O error on dev loop5, logical block 0, async page read [ 446.126694][ T1341] usb 9-1: Manufacturer: syz [ 446.130553][ T1341] usb 9-1: SerialNumber: syz [ 446.138488][T27129] loop5: unable to read partition table [ 446.154305][T27129] loop_reread_partitions: partition scan of loop5 (3 ) failed (rc=-5) [ 446.173209][ T5147] ldm_validate_partition_table(): Disk read failed. [ 446.175710][ T5147] Dev loop5: unable to read RDB block 0 [ 446.177790][ T5147] loop5: unable to read partition table [ 446.349692][ T1341] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 26 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 446.548523][ T5528] usb 9-1: USB disconnect, device number 26 [ 446.553730][ T5528] usblp0: removed [ 446.702375][ T1039] usb 12-1: new high-speed USB device number 3 using dummy_hcd [ 446.832093][ T34] usb 10-1: new high-speed USB device number 24 using dummy_hcd [ 446.852002][ T1039] usb 12-1: Using ep0 maxpacket: 8 [ 446.859800][ T1039] usb 12-1: unable to get BOS descriptor or descriptor too short [ 446.863205][ T1039] usb 12-1: unable to read config index 0 descriptor/start: -71 [ 446.865695][ T1039] usb 12-1: can't read configurations, error -71 [ 446.991956][ T34] usb 10-1: Using ep0 maxpacket: 8 [ 446.995281][ T34] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 446.998995][ T34] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 447.002154][ T34] usb 10-1: config 0 interface 0 has no altsetting 0 [ 447.004280][ T34] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 447.007079][ T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.011108][ T34] usb 10-1: config 0 descriptor?? [ 447.202680][T26034] e1000 0000:00:06.0 eth0: Reset adapter [ 447.322497][T26034] e1000 0000:00:06.0 eth0: Reset adapter [ 447.335388][T27154] 9pnet_virtio: no channels available for device syz [ 447.421256][ T34] mcp2221 0003:04D8:00DD.0010: unknown main item tag 0x0 [ 447.425807][ T34] mcp2221 0003:04D8:00DD.0010: unknown main item tag 0x0 [ 447.428154][ T34] mcp2221 0003:04D8:00DD.0010: unknown main item tag 0x0 [ 447.430381][ T34] mcp2221 0003:04D8:00DD.0010: unknown main item tag 0x0 [ 447.432889][ T34] mcp2221 0003:04D8:00DD.0010: unknown main item tag 0x0 [ 447.435629][ T34] mcp2221 0003:04D8:00DD.0010: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 447.625849][ T29] usb 10-1: USB disconnect, device number 24 [ 449.503151][T26034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 457.866369][T27207] netlink: 24 bytes leftover after parsing attributes in process `syz.6.9428'. [ 458.261998][T26034] usb 12-1: new high-speed USB device number 5 using dummy_hcd [ 458.418583][T26034] usb 12-1: unable to get BOS descriptor or descriptor too short [ 458.422763][T26034] usb 12-1: unable to read config index 0 descriptor/start: -71 [ 458.425188][T26034] usb 12-1: can't read configurations, error -71 [ 458.814634][T27220] loop5: detected capacity change from 0 to 2640 [ 458.819774][T27220] buffer_io_error: 347 callbacks suppressed [ 458.819788][T27220] Buffer I/O error on dev loop5, logical block 0, async page read [ 458.824706][T27220] Buffer I/O error on dev loop5, logical block 0, async page read [ 458.827184][T27220] Buffer I/O error on dev loop5, logical block 0, async page read [ 458.834112][T27220] Buffer I/O error on dev loop5, logical block 0, async page read [ 458.836640][T27220] Buffer I/O error on dev loop5, logical block 0, async page read [ 458.839303][T27220] Buffer I/O error on dev loop5, logical block 0, async page read [ 458.841802][T27220] Buffer I/O error on dev loop5, logical block 0, async page read [ 458.844576][T27220] Buffer I/O error on dev loop5, logical block 0, async page read [ 458.847049][T27220] ldm_validate_partition_table(): Disk read failed. [ 458.849090][T27220] Buffer I/O error on dev loop5, logical block 0, async page read [ 458.851520][T27220] Buffer I/O error on dev loop5, logical block 0, async page read [ 458.854095][T27220] Dev loop5: unable to read RDB block 0 [ 458.857303][T27220] loop5: unable to read partition table [ 458.860668][T27220] loop_reread_partitions: partition scan of loop5 (3 ) failed (rc=-5) [ 458.868372][T27222] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9434'. [ 458.874480][T27222] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9434'. [ 458.910302][ T5147] ldm_validate_partition_table(): Disk read failed. [ 458.913695][ T5147] Dev loop5: unable to read RDB block 0 [ 458.918462][ T5147] loop5: unable to read partition table [ 459.409966][T27256] netlink: 'syz.7.9448': attribute type 1 has an invalid length. [ 459.412975][T27256] netlink: 88 bytes leftover after parsing attributes in process `syz.7.9448'. [ 459.415894][T27256] netlink: 1 bytes leftover after parsing attributes in process `syz.7.9448'. [ 459.418783][T27256] netlink: 'syz.7.9448': attribute type 1 has an invalid length. [ 459.422092][T27256] netlink: 634 bytes leftover after parsing attributes in process `syz.7.9448'. [ 459.481548][T27262] hsr0: entered allmulticast mode [ 459.484343][T27262] hsr_slave_0: entered allmulticast mode [ 459.486869][T27262] hsr_slave_1: entered allmulticast mode [ 459.491317][T27262] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9452'. [ 459.532294][T27262] hsr_slave_0: left promiscuous mode [ 459.592070][T27262] hsr_slave_1: left promiscuous mode [ 459.646639][T27262] hsr0 (unregistering): left allmulticast mode [ 459.667562][T27267] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 459.874196][ T34] usb 10-1: new high-speed USB device number 25 using dummy_hcd [ 460.060382][ T34] usb 10-1: unable to get BOS descriptor or descriptor too short [ 460.064529][ T34] usb 10-1: unable to read config index 0 descriptor/start: -71 [ 460.075518][ T34] usb 10-1: can't read configurations, error -71 [ 460.542406][ T5822] usb 12-1: new high-speed USB device number 7 using dummy_hcd [ 460.702183][ T5822] usb 12-1: Using ep0 maxpacket: 32 [ 460.709050][ T5822] usb 12-1: config 0 has no interfaces? [ 460.713510][ T5822] usb 12-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 460.716559][ T5822] usb 12-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 460.719145][ T5822] usb 12-1: Product: syz [ 460.720472][ T5822] usb 12-1: Manufacturer: syz [ 460.722450][ T5822] usb 12-1: SerialNumber: syz [ 460.727259][ T5822] usb 12-1: config 0 descriptor?? [ 460.742089][ T40] usb 11-1: new high-speed USB device number 12 using dummy_hcd [ 460.902095][ T40] usb 11-1: Using ep0 maxpacket: 32 [ 460.905355][ T40] usb 11-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 460.910070][ T40] usb 11-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 460.913079][ T40] usb 11-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 460.915777][ T40] usb 11-1: Product: syz [ 460.917110][ T40] usb 11-1: Manufacturer: syz [ 460.918613][ T40] usb 11-1: SerialNumber: syz [ 460.921684][ T40] usb 11-1: config 0 descriptor?? [ 460.923960][T27292] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 460.949225][ T5822] usb 12-1: USB disconnect, device number 7 [ 461.148301][ T1039] usb 11-1: USB disconnect, device number 12 [ 461.714306][ T41] kauditd_printk_skb: 959 callbacks suppressed [ 461.714344][ T41] audit: type=1326 audit(2000001163.983:4977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27341 comm="syz.7.9479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef7c code=0x7ffc0000 [ 461.728173][T27344] hsr0: entered allmulticast mode [ 461.730379][T27344] hsr_slave_0: entered allmulticast mode [ 461.730681][ T41] audit: type=1326 audit(2000001163.983:4978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27341 comm="syz.7.9479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef7c code=0x7ffc0000 [ 461.733206][T27344] hsr_slave_1: entered allmulticast mode [ 461.742253][ T41] audit: type=1326 audit(2000001163.993:4979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27341 comm="syz.7.9479" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf704ef7c code=0x7ffc0000 [ 461.752665][ T41] audit: type=1326 audit(2000001163.993:4980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27341 comm="syz.7.9479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef7c code=0x7ffc0000 [ 461.761236][T27344] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9473'. [ 461.761442][ T41] audit: type=1326 audit(2000001163.993:4981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27341 comm="syz.7.9479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef7c code=0x7ffc0000 [ 461.775330][ T41] audit: type=1326 audit(2000001163.993:4982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27341 comm="syz.7.9479" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf704ef7c code=0x7ffc0000 [ 461.784236][ T41] audit: type=1326 audit(2000001163.993:4983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27341 comm="syz.7.9479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704ef98 code=0x7ffc0000 [ 461.792414][ T41] audit: type=1326 audit(2000001163.993:4984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27341 comm="syz.7.9479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704ef98 code=0x7ffc0000 [ 461.800142][ T41] audit: type=1326 audit(2000001164.003:4985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27341 comm="syz.7.9479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704ef98 code=0x7ffc0000 [ 461.807187][ T41] audit: type=1326 audit(2000001164.003:4986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27341 comm="syz.7.9479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704ef98 code=0x7ffc0000 [ 461.807551][T27344] hsr_slave_0: left promiscuous mode [ 461.842092][T27344] hsr_slave_1: left promiscuous mode [ 461.883035][T27344] hsr0 (unregistering): left allmulticast mode [ 461.892035][ T5884] usb 10-1: new high-speed USB device number 27 using dummy_hcd [ 462.045236][ T5884] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 462.048834][ T5884] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 462.052470][ T5884] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 462.055383][ T5884] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 462.064010][T27338] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 462.068517][ T5884] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 462.203923][T27357] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 462.280232][ T5884] usb 10-1: USB disconnect, device number 27 [ 462.510953][T27377] tun0: tun_chr_ioctl cmd 1074025675 [ 462.512745][T27377] tun0: persist enabled [ 462.514557][T27377] tun0: tun_chr_ioctl cmd 1074025675 [ 462.516340][T27377] tun0: persist disabled [ 462.874727][T27382] wlan0 speed is unknown, defaulting to 1000 [ 463.075280][T27398] siw: device registration error -23 [ 463.077691][T27398] netlink: 14 bytes leftover after parsing attributes in process `syz.6.9498'. [ 463.143650][T27408] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9500'. [ 463.172598][T27398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 463.252495][T27398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 463.305777][T27398] bond0 (unregistering): Released all slaves [ 463.726470][T27434] 9pnet: p9_errstr2errno: server reported unknown error [ 463.889005][ T5746] Bluetooth: hci4: unexpected event for opcode 0x2024 [ 464.180848][ T5746] Bluetooth: hci1: unexpected event for opcode 0x202d [ 464.191996][ T1039] usb 9-1: new high-speed USB device number 27 using dummy_hcd [ 464.250760][T27461] netlink: 24 bytes leftover after parsing attributes in process `syz.7.9522'. [ 464.352013][ T1039] usb 9-1: Using ep0 maxpacket: 32 [ 464.356016][ T1039] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 464.365487][ T1039] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 464.370793][ T1039] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 464.376060][ T1039] usb 9-1: Product: syz [ 464.377767][ T1039] usb 9-1: Manufacturer: syz [ 464.381689][ T1039] usb 9-1: SerialNumber: syz [ 464.386864][ T1039] usb 9-1: config 0 descriptor?? [ 464.390163][T27450] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 464.604191][ T843] usb 9-1: USB disconnect, device number 27 [ 464.682099][ T5822] usb 11-1: new high-speed USB device number 13 using dummy_hcd [ 464.827957][T27475] siw: device registration error -23 [ 464.830202][T27475] netlink: 14 bytes leftover after parsing attributes in process `syz.5.9528'. [ 464.853405][ T5822] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 464.856923][ T5822] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 464.860043][ T5822] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 464.864456][ T5822] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 464.867395][ T5822] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.871305][ T5822] usb 11-1: config 0 descriptor?? [ 464.983245][T27475] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 465.072649][T27475] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 465.163993][T27475] bond0 (unregistering): Released all slaves [ 465.299371][ T5822] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 465.331518][T27490] hsr0: entered allmulticast mode [ 465.339531][T27490] hsr_slave_0: entered allmulticast mode [ 465.345330][T27490] hsr_slave_1: entered allmulticast mode [ 465.348917][T27490] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9535'. [ 465.382228][T27490] hsr_slave_0: left promiscuous mode [ 465.422104][T27490] hsr_slave_1: left promiscuous mode [ 465.474222][T27490] hsr0 (unregistering): left allmulticast mode [ 465.541148][T27503] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9540'. [ 465.833175][T27511] bridge0: port 3(syz_tun) entered disabled state [ 465.876014][T27511] bridge0: port 1(bridge_slave_0) entered disabled state [ 465.912095][ T9] usb 12-1: new high-speed USB device number 8 using dummy_hcd [ 465.922775][ T29] usb 9-1: new high-speed USB device number 28 using dummy_hcd [ 466.072008][ T9] usb 12-1: Using ep0 maxpacket: 32 [ 466.072163][ T29] usb 9-1: Using ep0 maxpacket: 8 [ 466.077526][ T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 466.082092][ T9] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 466.082658][ T29] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 466.087310][ T9] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 466.088958][ T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 466.092068][ T9] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 466.096868][ T29] usb 9-1: config 0 descriptor?? [ 466.097274][ T9] usb 12-1: Product: syz [ 466.100655][ T9] usb 12-1: Manufacturer: syz [ 466.102622][ T9] usb 12-1: SerialNumber: syz [ 466.106103][ T9] usb 12-1: config 0 descriptor?? [ 466.108602][T27509] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 466.307917][ T29] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior2 [ 466.381692][ T843] usb 12-1: USB disconnect, device number 8 [ 466.675573][ T1039] usb 9-1: USB disconnect, device number 28 [ 467.219374][T27519] siw: device registration error -23 [ 467.222459][T27519] netlink: 14 bytes leftover after parsing attributes in process `syz.7.9545'. [ 467.410727][ T5822] usb 11-1: USB disconnect, device number 13 [ 467.453099][ T6235] netdevsim netdevsim5 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 467.457940][ T6235] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.461318][ T6235] netdevsim netdevsim5 eth0: unset [1, 1] type 2 family 0 port 48328 - 0 [ 467.465257][ T6235] netdevsim netdevsim5 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 467.468558][ T6235] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.471723][ T6235] netdevsim netdevsim5 eth1: unset [1, 1] type 2 family 0 port 48328 - 0 [ 467.592781][T27519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 467.663106][T27519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 467.704223][T27519] bond0 (unregistering): Released all slaves [ 467.744914][ T6235] netdevsim netdevsim5 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 467.752034][ T6235] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.757309][ T6235] netdevsim netdevsim5 eth2: unset [1, 1] type 2 family 0 port 48328 - 0 [ 467.761465][ T6235] netdevsim netdevsim5 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 467.764508][ T6235] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.767802][ T6235] netdevsim netdevsim5 eth3: unset [1, 1] type 2 family 0 port 48328 - 0 [ 467.903611][ T5746] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 467.907719][ T5746] Bluetooth: hci4: Injecting HCI hardware error event [ 467.912752][ T5752] Bluetooth: hci4: hardware error 0x00 [ 468.083701][T27553] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9560'. [ 468.430458][T27586] sit0: entered promiscuous mode [ 468.434992][T27586] netlink: 'syz.4.9575': attribute type 1 has an invalid length. [ 468.437798][T27586] netlink: 1 bytes leftover after parsing attributes in process `syz.4.9575'. [ 468.534280][T27598] input: syz1 as /devices/virtual/input/input42 [ 468.655740][T27607] 8021q: adding VLAN 0 to HW filter on device bond0 [ 468.755110][T27614] loop8: detected capacity change from 0 to 7 [ 468.758035][T27614] Dev loop8: unable to read RDB block 7 [ 468.759857][T27614] loop8: unable to read partition table [ 468.761821][T27614] loop8: partition table beyond EOD, truncated [ 468.767577][T27614] loop_reread_partitions: partition scan of loop8 (被x ) failed (rc=-5) [ 468.903889][ T5746] block nbd7: Receive control failed (result -107) [ 468.982280][T27626] block nbd7: shutting down sockets [ 469.032043][ T5823] usb 10-1: new high-speed USB device number 28 using dummy_hcd [ 469.108413][T27629] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9595'. [ 469.142580][T27629] veth1_macvtap: left promiscuous mode [ 469.203974][ T5823] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 469.204298][ T843] usb 9-1: new high-speed USB device number 29 using dummy_hcd [ 469.208203][ T5823] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 469.215079][ T5823] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 469.220411][ T5823] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 469.223585][ T5823] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 469.227985][ T5823] usb 10-1: config 0 descriptor?? [ 469.372016][ T843] usb 9-1: Using ep0 maxpacket: 8 [ 469.375681][ T843] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 469.380131][ T843] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 469.384375][ T843] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 469.388622][ T843] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 469.393863][ T843] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 469.397511][ T843] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 469.612931][ T843] usb 9-1: GET_CAPABILITIES returned 0 [ 469.615137][ T843] usbtmc 9-1:16.0: can't read capabilities [ 469.657194][ T5823] plantronics 0003:047F:FFFF.0012: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 469.819002][ T5823] usb 9-1: USB disconnect, device number 29 [ 469.842898][ T5822] usb 10-1: USB disconnect, device number 28 [ 469.982057][ T5752] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 470.357731][T27636] siw: device registration error -23 [ 470.362028][T27636] netlink: 14 bytes leftover after parsing attributes in process `syz.4.9596'. [ 470.386775][T27640] serio: Serial port ttyprintk [ 470.542018][ T5752] Bluetooth: hci0: command 0x040f tx timeout [ 470.593334][T27636] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 470.612405][T27636] bond_slave_0: left promiscuous mode [ 470.652845][T27636] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 470.682563][T27636] bond_slave_1: left promiscuous mode [ 470.685287][T27636] bond0 (unregistering): Released all slaves [ 471.332462][T27656] erspan0: entered promiscuous mode [ 471.336806][T27656] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9606'. [ 471.478493][T27669] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 471.961751][T27687] bridge_slave_0: Caught tx_queue_len zero misconfig [ 472.182088][ T5823] usb 12-1: new high-speed USB device number 9 using dummy_hcd [ 472.332001][ T5823] usb 12-1: Using ep0 maxpacket: 8 [ 472.335069][ T5823] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 472.338547][ T5823] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 472.341409][ T5823] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.346797][ T5823] usb 12-1: config 0 descriptor?? [ 472.555283][ T5823] iowarrior 12-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 472.702051][ T5884] usb 11-1: new high-speed USB device number 14 using dummy_hcd [ 472.731981][ T1039] usb 10-1: new high-speed USB device number 29 using dummy_hcd [ 472.761953][ T34] usb 12-1: USB disconnect, device number 9 [ 472.852013][ T5884] usb 11-1: Using ep0 maxpacket: 8 [ 472.855834][ T5884] usb 11-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 472.860341][ T5884] usb 11-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 472.866572][ T5746] Bluetooth: hci3: command 0x1003 tx timeout [ 472.872180][ T5752] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 472.872271][ T5884] usb 11-1: config 0 interface 0 has no altsetting 0 [ 472.877224][ T5884] usb 11-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 472.880902][ T5884] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.888416][ T5884] usb 11-1: config 0 descriptor?? [ 472.889599][ T1039] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 472.894190][ T1039] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 472.897682][ T1039] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 472.900929][ T1039] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 472.905367][ T1039] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 472.910105][ T1039] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 472.913212][ T1039] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 472.915769][ T1039] usb 10-1: Product: syz [ 472.917148][ T1039] usb 10-1: Manufacturer: syz [ 472.922490][ T1039] cdc_wdm 10-1:1.0: skipping garbage [ 472.924190][ T1039] cdc_wdm 10-1:1.0: skipping garbage [ 472.926762][ T1039] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 472.928767][ T1039] cdc_wdm 10-1:1.0: Unknown control protocol [ 472.993040][T27702] netlink: 14 bytes leftover after parsing attributes in process `syz.4.9628'. [ 473.298423][ T5884] mcp2221 0003:04D8:00DD.0013: unknown main item tag 0x0 [ 473.301605][ T5884] mcp2221 0003:04D8:00DD.0013: unknown main item tag 0x0 [ 473.310898][ T5884] mcp2221 0003:04D8:00DD.0013: unknown main item tag 0x0 [ 473.313348][ T5884] mcp2221 0003:04D8:00DD.0013: unknown main item tag 0x0 [ 473.315643][ T5884] mcp2221 0003:04D8:00DD.0013: unknown main item tag 0x0 [ 473.318362][ T5884] mcp2221 0003:04D8:00DD.0013: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0 [ 473.436120][T27720] ip6erspan0: entered allmulticast mode [ 473.471197][T27722] macvtap1: entered promiscuous mode [ 473.482973][T27722] dummy0: entered promiscuous mode [ 473.493085][T27722] team0: Device macvtap1 failed to register rx_handler [ 473.504496][ T5823] usb 11-1: USB disconnect, device number 14 [ 473.584402][ T5884] usb 10-1: USB disconnect, device number 29 [ 473.742239][ T9] dummy0: left promiscuous mode [ 473.803540][T27726] af_packet: tpacket_rcv: packet too big, clamped from 65007 to 3952. macoff=96 [ 474.310158][T26034] Process accounting resumed [ 474.324550][T27751] Process accounting resumed [ 474.852151][ T5823] usb 9-1: new high-speed USB device number 30 using dummy_hcd [ 475.002590][ T5823] usb 9-1: Using ep0 maxpacket: 8 [ 475.005936][ T5823] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 15 [ 475.008771][ T5823] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 475.013398][ T5823] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 475.016806][ T5823] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 475.021847][ T5823] usb 9-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8 [ 475.024705][ T5823] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 475.027159][ T5823] usb 9-1: Product: syz [ 475.028443][ T5823] usb 9-1: Manufacturer: syz [ 475.029875][ T5823] usb 9-1: SerialNumber: syz [ 475.036967][ T5823] usb 9-1: config 0 descriptor?? [ 475.039242][T27777] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 475.259250][ T5823] powermate: Expected payload of 3--6 bytes, found 1024 bytes! [ 475.265067][ T5823] input: Griffin SoundKnob as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input43 [ 475.481990][ T1039] usb 11-1: new high-speed USB device number 15 using dummy_hcd [ 475.512451][ C0] powermate: config urb returned -71 [ 475.512735][ T34] usb 9-1: USB disconnect, device number 30 [ 475.514158][ C0] powermate: usb_submit_urb(config) failed [ 475.516076][ C0] powermate 9-1:0.0: powermate_irq - usb_submit_urb failed with result: -19 [ 475.602230][T26034] usb 10-1: new high-speed USB device number 30 using dummy_hcd [ 475.642229][ T1039] usb 11-1: Using ep0 maxpacket: 16 [ 475.645752][ T1039] usb 11-1: config 0 has no interfaces? [ 475.648987][ T1039] usb 11-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 475.651730][ T1039] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 475.654201][ T1039] usb 11-1: Product: syz [ 475.655487][ T1039] usb 11-1: Manufacturer: syz [ 475.657027][ T1039] usb 11-1: SerialNumber: syz [ 475.660053][ T1039] usb 11-1: config 0 descriptor?? [ 475.752012][T26034] usb 10-1: Using ep0 maxpacket: 8 [ 475.755085][T26034] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 475.758546][T26034] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 475.761651][T26034] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 475.764813][T26034] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 475.768726][T26034] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 475.771579][T26034] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.865987][ T34] usb 11-1: USB disconnect, device number 15 [ 475.984685][T26034] usb 10-1: GET_CAPABILITIES returned 0 [ 475.986581][T26034] usbtmc 10-1:16.0: can't read capabilities [ 476.185930][ T1039] usb 10-1: USB disconnect, device number 30 [ 476.235729][ T41] kauditd_printk_skb: 799 callbacks suppressed [ 476.235742][ T41] audit: type=1326 audit(2000001178.503:5786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27822 comm="syz.4.9677" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f45f7c code=0x0 [ 476.378356][ T9] kernel write not supported for file /ppp (pid: 9 comm: kworker/0:0) [ 476.572051][ T5823] usb 12-1: new high-speed USB device number 10 using dummy_hcd [ 476.753825][ T5823] usb 12-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 476.758242][ T5823] usb 12-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 476.761329][ T5823] usb 12-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 476.764321][ T5823] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 476.771417][T27830] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 476.777949][ T5823] usb 12-1: Quirk or no altset; falling back to MIDI 1.0 [ 476.979156][ T1039] usb 12-1: USB disconnect, device number 10 [ 477.088602][T27868] wlan0 speed is unknown, defaulting to 1000 [ 477.272540][ T5884] usb 11-1: new high-speed USB device number 16 using dummy_hcd [ 477.442074][ T5884] usb 11-1: Using ep0 maxpacket: 32 [ 477.449448][ T5884] usb 11-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 477.454706][ T5884] usb 11-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 477.457631][ T5884] usb 11-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 477.460340][ T5884] usb 11-1: Product: syz [ 477.461686][ T5884] usb 11-1: Manufacturer: syz [ 477.462811][T27880] loop8: detected capacity change from 0 to 8 [ 477.466258][ T5884] usb 11-1: SerialNumber: syz [ 477.467608][T27880] Dev loop8: unable to read RDB block 8 [ 477.469859][T27880] loop8: unable to read partition table [ 477.472402][T27880] loop8: partition table beyond EOD, truncated [ 477.479973][ T5884] usb 11-1: config 0 descriptor?? [ 477.480267][T27880] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 477.485418][T27864] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 477.488396][ T5884] hub 11-1:0.0: bad descriptor, ignoring hub [ 477.490575][ T5884] hub 11-1:0.0: probe with driver hub failed with error -5 [ 477.542209][ T34] usb 10-1: new high-speed USB device number 31 using dummy_hcd [ 477.692120][ T34] usb 10-1: Using ep0 maxpacket: 8 [ 477.695030][ T34] usb 10-1: config index 0 descriptor too short (expected 301, got 45) [ 477.697947][ T34] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 477.701002][ T34] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 477.704303][ T34] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 477.707577][ T34] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 477.711651][ T34] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 477.715131][ T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 477.880726][T27889] wlan0 speed is unknown, defaulting to 1000 [ 478.117426][T27864] usb 11-1: reset high-speed USB device number 16 using dummy_hcd [ 478.274764][T27864] usb 11-1: device firmware changed [ 478.283073][ T1039] usb 11-1: USB disconnect, device number 16 [ 478.422002][ T1039] usb 11-1: new high-speed USB device number 17 using dummy_hcd [ 478.572283][ T1039] usb 11-1: Using ep0 maxpacket: 32 [ 478.580465][ T1039] usb 11-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 478.588683][ T1039] usb 11-1: string descriptor 0 read error: -22 [ 478.590805][ T1039] usb 11-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 478.602007][ T1039] usb 11-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 478.608413][ T1039] usb 11-1: config 0 descriptor?? [ 478.614544][T27887] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 478.618226][ T1039] hub 11-1:0.0: bad descriptor, ignoring hub [ 478.622041][ T1039] hub 11-1:0.0: probe with driver hub failed with error -5 [ 478.932159][ T5823] usb 11-1: USB disconnect, device number 17 [ 479.354075][T27919] vxcan1: tx drop: invalid sa for name 0x0000000000000002 [ 479.484459][T27931] netlink: 766 bytes leftover after parsing attributes in process `syz.4.9722'. [ 479.629733][T27941] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.9725'. [ 480.337375][T26034] usb 10-1: USB disconnect, device number 31 [ 480.622577][T28003] syzkaller1: entered promiscuous mode [ 480.624331][T28003] syzkaller1: entered allmulticast mode [ 481.015678][T28026] could not open pipe file descriptor [ 481.302034][ T5884] usb 12-1: new high-speed USB device number 11 using dummy_hcd [ 481.466518][ T5884] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 481.470500][ T5884] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 481.473866][ T5884] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 481.477960][ T5884] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 481.480803][ T5884] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.484874][ T5884] usb 12-1: config 0 descriptor?? [ 481.552035][ T5528] usb 10-1: new high-speed USB device number 32 using dummy_hcd [ 481.703520][ T5528] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 481.707056][ T5528] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 481.710107][ T5528] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 481.713031][ T5528] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.717389][T28035] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 481.722533][ T5528] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 481.898519][ T5884] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 481.900883][ T5884] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 481.903350][ T5884] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 481.905772][ T5884] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 481.908162][ T5884] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 481.910507][ T5884] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 481.912976][ T5884] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 481.915489][ T5884] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 481.917807][ T5884] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 481.920169][ T5884] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 481.932459][ T1341] usb 10-1: USB disconnect, device number 32 [ 481.942684][ T5884] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0xdf000) [ 482.092649][ T1129] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 482.096101][ T1129] ata1: failed to read log page 10h (errno=-5) [ 482.098129][ T1129] ata1.00: NCQ disabled due to excessive errors [ 482.100067][ T1129] ata1.00: exception Emask 0x1 SAct 0x4000 SErr 0x0 action 0x0 [ 482.102833][ T1129] ata1.00: irq_stat 0x41000000 [ 482.104547][ T1129] ata1.00: failed command: READ FPDMA QUEUED [ 482.106725][ T1129] ata1.00: cmd 60/f8:70:a6:9a:03/06:00:00:00:00/40 tag 14 ncq dma 913408 in [ 482.106725][ T1129] res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 482.112956][ T1129] ata1.00: status: { DRDY } [ 482.114409][ T1129] ata1.00: error: { ABRT } [ 482.116449][ T1129] ata1.00: configured for UDMA/100 [ 482.118418][ T1129] sd 0:0:0:0: [sda] tag#14 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 482.121433][ T1129] sd 0:0:0:0: [sda] tag#14 Sense Key : Aborted Command [current] [ 482.124225][ T1129] sd 0:0:0:0: [sda] tag#14 Add. Sense: No additional sense information [ 482.126789][ T1129] sd 0:0:0:0: [sda] tag#14 CDB: Read(10) 28 00 00 03 9a a6 00 06 f8 00 [ 482.129194][ T1129] blk_print_req_error: 10 callbacks suppressed [ 482.129224][ T1129] I/O error, dev sda, sector 236198 op 0x0:(READ) flags 0x80700 phys_seg 15 prio class 2 [ 482.134527][ T1129] ata1: EH complete [ 482.156391][ T1341] usb 12-1: USB disconnect, device number 11 [ 482.224771][T28041] fido_id[28041]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb12/report_descriptor': No such file or directory [ 482.469404][T28047] Invalid source name [ 482.470781][T28047] UBIFS error (pid: 28047): cannot open "./file0", error -22 [ 482.922085][T26034] usb 12-1: new high-speed USB device number 12 using dummy_hcd [ 483.022005][ T5752] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 483.022703][ T5746] Bluetooth: hci3: command 0x1003 tx timeout [ 483.085932][T26034] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 483.097532][T26034] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 483.101225][T26034] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 483.105886][T26034] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 483.109670][T26034] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.113661][T26034] usb 12-1: config 0 descriptor?? [ 483.404158][ T5823] kernel write not supported for file /ppp (pid: 5823 comm: kworker/0:4) [ 483.543801][T26034] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 484.757007][T28113] block nbd5: Cannot use ioctl interface on a netlink controlled device. [ 484.764503][T28113] block nbd5: Cannot use ioctl interface on a netlink controlled device. [ 484.768065][T28113] block nbd5: shutting down sockets [ 485.012102][ T58] bridge_slave_1: left promiscuous mode [ 485.014045][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.114768][ T58] bridge_slave_0: left allmulticast mode [ 485.118731][ T58] bridge_slave_0: left promiscuous mode [ 485.120516][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 485.533202][ T5528] Process accounting resumed [ 485.552767][T28128] Process accounting resumed [ 485.643103][ T5884] usb 12-1: USB disconnect, device number 12 [ 485.893032][ T58] batman_adv: batadv0: Removing interface: gretap1 [ 486.472421][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 486.522973][ T58] bond0 (unregistering): Released all slaves [ 487.002159][ T58] tipc: Disabling bearer [ 487.064426][ T58] tipc: Left network mode [ 487.562390][ T58] IPVS: stopping backup sync thread 13714 ... [ 487.574006][T28171] netlink: 'syz.5.9823': attribute type 30 has an invalid length. [ 487.576937][T28171] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9823'. [ 487.642015][ T5528] usb 9-1: new high-speed USB device number 31 using dummy_hcd [ 487.767408][ T58] batman_adv: batadv0: Removing interface: macvtap1 [ 487.793412][ T5528] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 487.797118][ T5528] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 487.800207][ T5528] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 487.804482][ T5528] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 487.807516][ T5528] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 487.811420][ T5528] usb 9-1: config 0 descriptor?? [ 488.147576][T28192] loop5: detected capacity change from 0 to 7 [ 488.151702][T28192] Dev loop5: unable to read RDB block 7 [ 488.154764][T28192] loop5: AHDI p1 [ 488.156400][T28192] loop5: partition table partially beyond EOD, truncated [ 488.250497][ T5528] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 488.458248][T28215] overlayfs: statfs failed on './file0' [ 488.854281][ T58] hsr_slave_0: left promiscuous mode [ 488.859889][ T1341] kernel read not supported for file /input/event0 (pid: 1341 comm: kworker/1:2) [ 488.872150][ T58] hsr_slave_1: left promiscuous mode [ 488.874914][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 488.914746][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 488.980387][T28228] netlink: 16 bytes leftover after parsing attributes in process `syz.7.9848'. [ 489.677963][ T7370] smc: removing ib device syz1 [ 489.717701][ T58] team_slave_1 (unregistering): left allmulticast mode [ 489.752381][ T58] team0 (unregistering): Port device team_slave_1 removed [ 489.765097][ T58] team_slave_0 (unregistering): left allmulticast mode [ 489.792474][ T58] team0 (unregistering): Port device team_slave_0 removed [ 490.032379][ T58] smc: removing net device vcan0 with user defined pnetid SYZ1 [ 490.241793][ T7370] smbdirect: ib_dev[syz1] removed [ 490.342905][ T34] usb 9-1: USB disconnect, device number 31 [ 491.021344][T28301] netlink: 68 bytes leftover after parsing attributes in process `syz.5.9867'. [ 491.125234][ T58] IPVS: stop unused estimator thread 0... [ 491.205434][ T6236] Bluetooth: hci3: Frame reassembly failed (-84) [ 491.207512][ T6236] Bluetooth: hci3: Frame reassembly failed (-84) [ 491.400437][T28328] trusted_key: syz.5.9879 sent an empty control message without MSG_MORE. [ 491.668657][T28341] netlink: 'syz.4.9885': attribute type 1 has an invalid length. [ 491.972162][T26034] usb 12-1: new high-speed USB device number 13 using dummy_hcd [ 492.124044][T26034] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 492.127663][T26034] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 492.131386][T26034] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 492.137851][T26034] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 492.140760][T26034] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.145030][T26034] usb 12-1: config 0 descriptor?? [ 492.555900][T26034] hid_parser_main: 5 callbacks suppressed [ 492.555921][T26034] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 492.560093][T26034] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 492.562922][T26034] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 492.565373][T26034] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 492.567729][T26034] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 492.570841][T26034] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 492.573649][T26034] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 492.576174][T26034] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 492.578432][T26034] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 492.583134][T26034] plantronics 0003:047F:FFFF.0017: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 492.813878][ T5884] usb 12-1: USB disconnect, device number 13 [ 493.232649][T28395] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 493.262007][ T5752] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 493.262102][ T5746] Bluetooth: hci3: command 0x1003 tx timeout [ 493.275072][T28395] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 493.673647][T28425] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 493.949543][T28441] loop8: detected capacity change from 0 to 8 [ 493.959688][T28441] Dev loop8: unable to read RDB block 8 [ 493.961567][T28441] loop8: unable to read partition table [ 493.963800][T28441] loop8: partition table beyond EOD, truncated [ 493.966056][T28441] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 494.272059][T26034] usb 10-1: new high-speed USB device number 33 using dummy_hcd [ 494.423918][T26034] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 494.428519][T26034] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 494.432198][T26034] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 494.435642][T26034] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 494.439694][T26034] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 494.442601][T26034] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.446788][T26034] usb 10-1: config 0 descriptor?? [ 494.448876][T28448] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 494.672179][ T9] usb 11-1: new high-speed USB device number 18 using dummy_hcd [ 494.823730][ T9] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 494.827077][ T9] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 494.829988][ T9] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 494.834474][ T9] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 494.837306][ T9] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.842390][ T9] usb 11-1: config 0 descriptor?? [ 494.865291][T26034] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 494.875403][T26034] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 494.943798][ T34] usb 12-1: new high-speed USB device number 14 using dummy_hcd [ 495.018063][T28487] netlink: 32 bytes leftover after parsing attributes in process `syz.4.9950'. [ 495.091992][ T34] usb 12-1: Using ep0 maxpacket: 8 [ 495.095287][ T34] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 495.098820][ T34] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 495.102388][ T34] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 495.105539][ T34] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 495.109950][ T34] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 495.113087][ T34] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.145963][ T5528] usb 10-1: USB disconnect, device number 33 [ 495.261020][ T9] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 495.329038][ T34] usb 12-1: GET_CAPABILITIES returned 0 [ 495.330963][ T34] usbtmc 12-1:16.0: can't read capabilities [ 495.572004][ T34] usb 9-1: new high-speed USB device number 32 using dummy_hcd [ 495.682195][T28504] Invalid argument reading file caps for ./file0 [ 495.722888][ T34] usb 9-1: Using ep0 maxpacket: 8 [ 495.726572][ T34] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 495.730843][ T34] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 495.734885][ T34] usb 9-1: config 0 interface 0 has no altsetting 0 [ 495.737451][ T34] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 495.740887][ T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.746764][ T34] usb 9-1: config 0 descriptor?? [ 496.064791][T28516] team_slave_1: Caught tx_queue_len zero misconfig [ 496.158164][ T34] mcp2221 0003:04D8:00DD.001A: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0 [ 496.357481][ T34] usb 9-1: USB disconnect, device number 32 [ 496.562966][ C1] plantronics 0003:047F:FFFF.0019: usb_submit_urb(ctrl) failed: -1 [ 496.571346][ T843] usb 12-1: USB disconnect, device number 14 [ 497.276431][T28552] netlink: 'syz.5.9979': attribute type 1 has an invalid length. [ 497.279192][T28552] netlink: 'syz.5.9979': attribute type 2 has an invalid length. [ 497.341170][ T9] usb 11-1: USB disconnect, device number 18 [ 498.423291][T28603] netlink: 'syz.5.10002': attribute type 12 has an invalid length. [ 498.425906][T28603] netlink: 'syz.5.10002': attribute type 29 has an invalid length. [ 498.428370][T28603] netlink: 148 bytes leftover after parsing attributes in process `syz.5.10002'. [ 498.431554][T28603] netlink: 'syz.5.10002': attribute type 1 has an invalid length. [ 498.434146][T28603] netlink: 'syz.5.10002': attribute type 2 has an invalid length. [ 498.436632][T28603] netlink: 15 bytes leftover after parsing attributes in process `syz.5.10002'. [ 498.765763][T28617] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.10005'. [ 499.157282][T28635] tipc: Started in network mode [ 499.159058][T28635] tipc: Node identity ac14140f, cluster identity 4711 [ 499.163901][T28635] tipc: Enabled bearer , priority 5 [ 499.281183][T28645] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10021'. [ 499.284660][T28650] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10023'. [ 499.623288][T28668] KVM: debugfs: duplicate directory 28668-4 [ 499.691534][T28672] netlink: 52 bytes leftover after parsing attributes in process `syz.6.10034'. [ 499.864288][T28689] loop7: detected capacity change from 0 to 7 [ 499.948938][ C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 499.952187][ C0] buffer_io_error: 357 callbacks suppressed [ 499.952197][ C0] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 500.151246][T28706] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10046'. [ 500.243947][ T9] tipc: Node number set to 2886997007 [ 500.623132][T28716] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10051'. [ 500.862750][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 500.935595][T28702] Process accounting resumed [ 501.023102][ T1039] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 501.591562][T28769] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10073'. [ 501.907359][T28790] loop8: detected capacity change from 0 to 8 [ 501.909824][T28790] Dev loop8: unable to read RDB block 8 [ 501.909831][T28788] wlan0 speed is unknown, defaulting to 1000 [ 501.911885][T28790] loop8: unable to read partition table [ 501.914171][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 501.921603][T28790] loop8: partition table beyond EOD, truncated [ 501.929969][T28790] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 502.831188][ T41] audit: type=1326 audit(2000001205.093:5787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28827 comm="syz.4.10098" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f7c code=0x7ffc0000 [ 502.846288][ T41] audit: type=1326 audit(2000001205.093:5788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28827 comm="syz.4.10098" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f7c code=0x7ffc0000 [ 502.863577][ T41] audit: type=1326 audit(2000001205.103:5789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28827 comm="syz.4.10098" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f7c code=0x7ffc0000 [ 502.875529][ T41] audit: type=1326 audit(2000001205.103:5790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28827 comm="syz.4.10098" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f7c code=0x7ffc0000 [ 502.882342][ T41] audit: type=1326 audit(2000001205.113:5791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28827 comm="syz.4.10098" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f7c code=0x7ffc0000 [ 502.889119][ T41] audit: type=1326 audit(2000001205.113:5792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28827 comm="syz.4.10098" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f7c code=0x7ffc0000 [ 502.895965][ T41] audit: type=1326 audit(2000001205.113:5793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28827 comm="syz.4.10098" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f7c code=0x7ffc0000 [ 502.902874][ T41] audit: type=1326 audit(2000001205.113:5794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28827 comm="syz.4.10098" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f45f7c code=0x7ffc0000 [ 502.909494][ T41] audit: type=1326 audit(2000001205.113:5795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28827 comm="syz.4.10098" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f7c code=0x7ffc0000 [ 502.917243][ T41] audit: type=1326 audit(2000001205.113:5796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28827 comm="syz.4.10098" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f7c code=0x7ffc0000 [ 502.942327][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 502.945714][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 503.052761][T28841] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10101'. [ 503.225382][T28845] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10110'. [ 503.274522][T28845] team_slave_0 (unregistering): left allmulticast mode [ 503.306215][T28845] team0: Port device team_slave_0 removed [ 503.409312][T28854] netlink: 8 bytes leftover after parsing attributes in process `syz.7.10106'. [ 503.575668][ T29] IPVS: starting estimator thread 0... [ 503.662236][T28863] IPVS: using max 43 ests per chain, 103200 per kthread [ 503.672621][T28862] tipc: Started in network mode [ 503.677307][T28862] tipc: Node identity ac14140f, cluster identity 4711 [ 503.687660][T28862] tipc: Enabled bearer , priority 5 [ 503.722859][T28866] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.10111'. [ 503.776285][T28871] loop7: detected capacity change from 0 to 7 [ 503.824328][ C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 503.827349][ C0] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 503.984932][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 504.003011][T28882] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10117'. [ 504.068340][T28886] Mount JFS Failure: -22 [ 504.069734][T28888] netlink: 68 bytes leftover after parsing attributes in process `syz.4.10128'. [ 504.231638][ T5528] IPVS: starting estimator thread 0... [ 504.233446][T28899] tipc: Started in network mode [ 504.235016][T28899] tipc: Node identity ac14140f, cluster identity 4711 [ 504.239935][T28899] tipc: Enabled bearer , priority 5 [ 504.322011][T28900] IPVS: using max 43 ests per chain, 103200 per kthread [ 504.345596][T28911] loop7: detected capacity change from 0 to 7 [ 504.428835][ C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 504.432861][ C0] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 504.688654][T28917] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10132'. [ 504.739832][T28922] syzkaller1: entered promiscuous mode [ 504.742092][T28922] syzkaller1: entered allmulticast mode [ 505.003185][ T5884] tipc: Node number set to 2886997007 [ 505.022219][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 505.354155][ T843] tipc: Node number set to 2886997007 [ 505.985636][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 506.064491][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 506.142231][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 506.144053][ T1433] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.162840][ T843] usb 12-1: new high-speed USB device number 15 using dummy_hcd [ 506.311999][ T843] usb 12-1: Using ep0 maxpacket: 8 [ 506.315512][ T843] usb 12-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 506.318776][ T843] usb 12-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 506.321828][ T843] usb 12-1: config 0 interface 0 has no altsetting 0 [ 506.324121][ T843] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 506.326835][ T843] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 506.331099][ T843] usb 12-1: config 0 descriptor?? [ 506.744926][ T843] hid_parser_main: 19 callbacks suppressed [ 506.744940][ T843] mcp2221 0003:04D8:00DD.001B: unknown main item tag 0x0 [ 506.749242][ T843] mcp2221 0003:04D8:00DD.001B: unknown main item tag 0x0 [ 506.751404][ T843] mcp2221 0003:04D8:00DD.001B: unknown main item tag 0x0 [ 506.753708][ T843] mcp2221 0003:04D8:00DD.001B: unknown main item tag 0x0 [ 506.756600][ T843] mcp2221 0003:04D8:00DD.001B: unknown main item tag 0x0 [ 506.760124][ T843] mcp2221 0003:04D8:00DD.001B: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0 [ 506.959874][ T29] usb 12-1: USB disconnect, device number 15 [ 507.102316][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 507.802389][T29026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 507.808935][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 507.904848][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 508.095706][T29040] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10187'. [ 508.098698][T29040] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10187'. [ 508.102034][T26034] usb 11-1: new high-speed USB device number 19 using dummy_hcd [ 508.102485][T29040] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10187'. [ 508.142604][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 508.252069][T26034] usb 11-1: Using ep0 maxpacket: 8 [ 508.269782][T26034] usb 11-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 508.273675][T26034] usb 11-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 508.289143][T26034] usb 11-1: config 0 interface 0 has no altsetting 0 [ 508.292606][T26034] usb 11-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 508.296421][T26034] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 508.303746][T26034] usb 11-1: config 0 descriptor?? [ 508.731398][T26034] mcp2221 0003:04D8:00DD.001C: unknown main item tag 0x0 [ 508.742887][T26034] mcp2221 0003:04D8:00DD.001C: unknown main item tag 0x0 [ 508.752485][T26034] mcp2221 0003:04D8:00DD.001C: unknown main item tag 0x0 [ 508.754669][T26034] mcp2221 0003:04D8:00DD.001C: unknown main item tag 0x0 [ 508.760038][T26034] mcp2221 0003:04D8:00DD.001C: unknown main item tag 0x0 [ 508.765202][T26034] mcp2221 0003:04D8:00DD.001C: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0 [ 508.811068][T29085] netlink: 'syz.7.10213': attribute type 12 has an invalid length. [ 508.813734][T29085] netlink: 'syz.7.10213': attribute type 29 has an invalid length. [ 508.816277][T29085] netlink: 148 bytes leftover after parsing attributes in process `syz.7.10213'. [ 508.819109][T29085] netlink: 'syz.7.10213': attribute type 1 has an invalid length. [ 508.821488][T29085] netlink: 'syz.7.10213': attribute type 2 has an invalid length. [ 508.824633][T29085] netlink: 15 bytes leftover after parsing attributes in process `syz.7.10213'. [ 508.852429][T29087] wlan0 speed is unknown, defaulting to 1000 [ 508.932984][T26034] usb 11-1: USB disconnect, device number 19 [ 508.952410][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 509.025346][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 509.128011][T29106] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.10216'. [ 509.183389][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 509.191167][T29110] netlink: 'syz.4.10218': attribute type 12 has an invalid length. [ 509.196247][T29110] netlink: 'syz.4.10218': attribute type 29 has an invalid length. [ 509.199080][T29110] netlink: 148 bytes leftover after parsing attributes in process `syz.4.10218'. [ 509.202557][T29110] netlink: 'syz.4.10218': attribute type 1 has an invalid length. [ 509.205198][T29110] netlink: 'syz.4.10218': attribute type 2 has an invalid length. [ 509.207729][T29110] netlink: 15 bytes leftover after parsing attributes in process `syz.4.10218'. [ 509.264776][T29114] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 509.960073][T29136] dummy0: entered promiscuous mode [ 509.964485][T29136] macvlan2: entered promiscuous mode [ 509.967498][T29136] dummy0: left promiscuous mode [ 510.167873][T29144] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10235'. [ 510.324528][T29157] netlink: 92 bytes leftover after parsing attributes in process `syz.4.10240'. [ 510.435090][ T163] Bluetooth: hci3: received HCILL_GO_TO_SLEEP_ACK in state 1 [ 510.454632][T29164] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 510.465430][ T69] Bluetooth: hci3: Frame reassembly failed (-84) [ 510.502279][ T5831] e1000 0000:00:06.0 eth0: Reset adapter [ 510.613930][ T5831] e1000 0000:00:06.0 eth0: Reset adapter [ 510.736791][T29174] netlink: 'syz.5.10247': attribute type 15 has an invalid length. [ 511.262487][ T5823] net_ratelimit: 5 callbacks suppressed [ 511.262503][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 511.342199][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 512.062656][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 512.315234][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 512.382210][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 512.467167][ T5746] Bluetooth: hci3: command 0x1003 tx timeout [ 512.468420][ T5752] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 512.783018][ T5831] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 513.342324][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 513.422366][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 514.385113][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 515.102869][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 515.423763][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 516.473314][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 517.502154][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 518.153343][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 518.543364][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 519.582382][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 520.222971][ T5528] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 520.622361][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 521.182798][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 521.672635][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 522.702410][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 523.742837][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 524.223476][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 524.782606][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 525.824338][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 526.862167][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 527.274001][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 527.902304][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 528.943899][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 528.945608][T29235] sctp: [Deprecated]: syz.7.10262 (pid 29235) Use of struct sctp_assoc_value in delayed_ack socket option. [ 528.945608][T29235] Use struct sctp_sack_info instead [ 529.551110][T29257] netlink: 'syz.6.10270': attribute type 6 has an invalid length. [ 529.554964][T29257] __nla_validate_parse: 2 callbacks suppressed [ 529.554979][T29257] netlink: 232 bytes leftover after parsing attributes in process `syz.6.10270'. [ 529.607107][T29257] netlink: 5252 bytes leftover after parsing attributes in process `syz.6.10270'. [ 529.822250][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 529.982243][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 530.172049][T29282] 6: renamed from wg2 [ 530.311969][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 530.357806][T29290] sctp: [Deprecated]: syz.7.10284 (pid 29290) Use of struct sctp_assoc_value in delayed_ack socket option. [ 530.357806][T29290] Use struct sctp_sack_info instead [ 530.363922][T29290] sctp: [Deprecated]: syz.7.10284 (pid 29290) Use of struct sctp_assoc_value in delayed_ack socket option. [ 530.363922][T29290] Use struct sctp_sack_info instead [ 530.819773][ C3] vcan0: j1939_tp_rxtimer: 0xffff888013204800: rx timeout, send abort [ 530.829255][ C3] vcan0: j1939_xtp_rx_abort_one: 0xffff888013204800: 0x3f000: (3) A timeout occurred and this is the connection abort to close the session. [ 531.022462][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 531.433233][T29328] wlan0 speed is unknown, defaulting to 1000 [ 531.759706][T29347] netlink: 124 bytes leftover after parsing attributes in process `syz.5.10309'. [ 532.063611][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 532.997505][T29398] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 533.051038][T29400] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 533.057371][T29400] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 533.060270][T29400] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 533.102320][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 533.135802][T29401] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 533.138718][T29401] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 533.142680][T29401] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 533.148577][T29399] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 533.773287][T29447] overlay: filesystem on ./bus not supported as upperdir [ 534.155068][T29473] netlink: 16 bytes leftover after parsing attributes in process `syz.5.10368'. [ 534.180797][T29473] ip6erspan0: entered allmulticast mode [ 534.705917][T29486] wlan0 speed is unknown, defaulting to 1000 [ 535.062434][ T29] usb 9-1: new high-speed USB device number 33 using dummy_hcd [ 535.217411][ T29] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 535.222458][ T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 535.226151][ T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 535.229981][ T29] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 535.237909][ T29] usb 9-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 535.240966][ T29] usb 9-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 535.244618][ T29] usb 9-1: Manufacturer: syz [ 535.258741][ T29] usb 9-1: config 0 descriptor?? [ 535.348392][T29511] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10383'. [ 535.363332][T29515] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.10384'. [ 535.699610][ T29] appleir 0003:05AC:8243.001D: unknown main item tag 0x0 [ 535.727407][ T29] appleir 0003:05AC:8243.001D: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 535.935262][ T5823] usb 9-1: USB disconnect, device number 33 [ 536.256262][T29538] syzkaller0 speed is unknown, defaulting to 1000 [ 536.258588][T29538] syzkaller0 speed is unknown, defaulting to 1000 [ 536.261071][T29538] syzkaller0 speed is unknown, defaulting to 1000 [ 536.267626][T29538] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 536.272495][T29538] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 536.277854][T29538] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 536.292821][T29538] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 536.313105][T29538] syzkaller0 speed is unknown, defaulting to 1000 [ 536.315992][T29538] syzkaller0 speed is unknown, defaulting to 1000 [ 536.319770][T29538] syzkaller0 speed is unknown, defaulting to 1000 [ 536.323680][T29538] syzkaller0 speed is unknown, defaulting to 1000 [ 536.326466][T29538] syzkaller0 speed is unknown, defaulting to 1000 [ 536.330062][T29538] syzkaller0 speed is unknown, defaulting to 1000 [ 536.469314][T29548] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 536.694583][T29557] netlink: 72 bytes leftover after parsing attributes in process `syz.7.10402'. [ 536.795713][T29565] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10404'. [ 536.975770][T29576] netlink: 'syz.6.10409': attribute type 13 has an invalid length. [ 537.189399][T29583] block nbd4: Cannot use ioctl interface on a netlink controlled device. [ 537.195062][T29583] block nbd4: Cannot use ioctl interface on a netlink controlled device. [ 537.199322][T29583] block nbd4: Cannot use ioctl interface on a netlink controlled device. [ 537.262768][ T5823] net_ratelimit: 7 callbacks suppressed [ 537.262780][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 537.493716][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 537.501179][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 537.538864][T29589] syzkaller1: entered promiscuous mode [ 537.540690][T29589] syzkaller1: entered allmulticast mode [ 537.702340][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 538.313208][ T69] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 538.326496][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 538.331581][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 538.462311][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 538.770277][T29640] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10434'. [ 538.991872][T29649] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.10438'. [ 539.246096][ T5823] libceph: connect (1)[c::]:6789 error -99 [ 539.252587][ T5823] libceph: mon0 (1)[c::]:6789 connect error [ 539.278843][ T5823] libceph: connect (1)[c::]:6789 error -99 [ 539.281326][ T5823] libceph: mon0 (1)[c::]:6789 connect error [ 539.352164][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 539.354356][T29663] ceph: No mds server is up or the cluster is laggy [ 539.422661][ T69] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 539.662088][T29603] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 539.672011][ T5752] Bluetooth: hci1: command 0x0405 tx timeout [ 540.523315][T29603] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 540.527447][T29603] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 540.772486][ T5528] usb 9-1: new high-speed USB device number 34 using dummy_hcd [ 540.932993][ T5528] usb 9-1: too many configurations: 9, using maximum allowed: 8 [ 540.936738][ T5528] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 540.939877][ T5528] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 540.943597][ T5528] usb 9-1: config 0 interface 0 has no altsetting 0 [ 540.947152][ T5528] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 540.952113][ T5528] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 540.957309][ T5528] usb 9-1: config 0 interface 0 has no altsetting 0 [ 540.963381][ T5528] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 540.966798][ T5528] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 540.970303][ T5528] usb 9-1: config 0 interface 0 has no altsetting 0 [ 540.974525][ T5528] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 540.977184][ T5528] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 540.980524][ T5528] usb 9-1: config 0 interface 0 has no altsetting 0 [ 540.984910][ T5528] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 540.987735][ T5528] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 540.991043][ T5528] usb 9-1: config 0 interface 0 has no altsetting 0 [ 540.994213][ T5528] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 540.996988][ T5528] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 541.000211][ T5528] usb 9-1: config 0 interface 0 has no altsetting 0 [ 541.003144][ T5528] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 541.005904][ T5528] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 541.009247][ T5528] usb 9-1: config 0 interface 0 has no altsetting 0 [ 541.013836][ T5528] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 541.016703][ T5528] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 541.020002][ T5528] usb 9-1: config 0 interface 0 has no altsetting 0 [ 541.027748][ T5528] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 541.032632][ T34] usb 12-1: new high-speed USB device number 16 using dummy_hcd [ 541.035075][ T5528] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 541.037736][ T5528] usb 9-1: Product: syz [ 541.039102][ T5528] usb 9-1: Manufacturer: syz [ 541.040718][ T5528] usb 9-1: SerialNumber: syz [ 541.049639][ T5528] usb 9-1: config 0 descriptor?? [ 541.054559][ T5528] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0 [ 541.192090][ T34] usb 12-1: Using ep0 maxpacket: 8 [ 541.197896][ T34] usb 12-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 541.201431][ T34] usb 12-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 541.205805][ T34] usb 12-1: config 0 interface 0 has no altsetting 0 [ 541.207880][ T34] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 541.210636][ T34] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 541.215130][ T34] usb 12-1: config 0 descriptor?? [ 541.258995][ T5823] usb 9-1: USB disconnect, device number 34 [ 541.263678][ T5823] yurex 9-1:0.0: USB YUREX #0 now disconnected [ 541.659638][ T34] mcp2221 0003:04D8:00DD.001E: unknown main item tag 0x0 [ 541.662012][ T34] mcp2221 0003:04D8:00DD.001E: unknown main item tag 0x0 [ 541.664082][ T34] mcp2221 0003:04D8:00DD.001E: unknown main item tag 0x0 [ 541.666262][ T34] mcp2221 0003:04D8:00DD.001E: unknown main item tag 0x0 [ 541.668380][ T34] mcp2221 0003:04D8:00DD.001E: unknown main item tag 0x0 [ 541.670774][ T34] mcp2221 0003:04D8:00DD.001E: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0 [ 541.752073][ T5752] Bluetooth: hci2: command 0x0c1a tx timeout [ 541.852799][ T5823] usb 12-1: USB disconnect, device number 16 [ 541.921137][ T5752] Bluetooth: hci1: unexpected event for opcode 0x0c13 [ 542.462812][ T5823] net_ratelimit: 8 callbacks suppressed [ 542.462826][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 542.552011][ T5752] Bluetooth: hci0: command 0x040f tx timeout [ 542.553180][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 542.612039][ T843] usb 9-1: new high-speed USB device number 35 using dummy_hcd [ 542.762077][ T843] usb 9-1: Using ep0 maxpacket: 8 [ 542.765529][ T843] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 542.770478][ T843] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 542.774529][ T843] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 542.780911][ T843] usb 9-1: config 0 descriptor?? [ 543.199657][ T843] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 543.415045][ T5884] usb 9-1: USB disconnect, device number 35 [ 543.502457][ T69] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 543.509700][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 543.516116][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 544.556396][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 545.102281][T29733] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 545.102323][T29737] Bluetooth: hci1: command 0x0405 tx timeout [ 545.582197][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 545.585527][ T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 545.595800][T26034] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 545.601691][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 545.939752][T29733] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 545.941791][T29733] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 546.182128][T26034] usb 12-1: new high-speed USB device number 17 using dummy_hcd [ 546.332034][T26034] usb 12-1: Using ep0 maxpacket: 8 [ 546.336166][T26034] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 546.339845][T26034] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 546.344232][T26034] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 546.354383][T26034] usb 12-1: config 0 descriptor?? [ 546.773055][T26034] iowarrior 12-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 546.960569][T29810] overlayfs: failed to clone lowerpath [ 546.976978][ T843] usb 12-1: USB disconnect, device number 17 [ 547.182279][T29737] Bluetooth: hci2: command 0x0c1a tx timeout [ 547.663959][ T5823] net_ratelimit: 1 callbacks suppressed [ 547.663974][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 547.982615][T29737] Bluetooth: hci0: command 0x040f tx timeout [ 548.297297][T29861] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 548.462057][ T34] usb 11-1: new high-speed USB device number 20 using dummy_hcd [ 548.527636][T29867] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10524'. [ 548.529977][T29869] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 548.622184][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 548.622613][ T34] usb 11-1: Using ep0 maxpacket: 8 [ 548.635395][ T34] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 548.641168][ T34] usb 11-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 548.644592][ T34] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 548.649540][ T34] usb 11-1: config 0 descriptor?? [ 548.704338][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 548.728940][T29881] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10540'. [ 549.025815][ T163] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 549.028853][ T1039] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 549.034437][ T1039] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 549.077053][ T34] iowarrior 11-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 549.287567][ T1341] usb 11-1: USB disconnect, device number 20 [ 549.742276][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 550.148123][T29910] lo: Caught tx_queue_len zero misconfig [ 550.269241][T26034] kernel write not supported for file /vcsu (pid: 26034 comm: kworker/2:1) [ 550.472174][ T5823] usb 11-1: new high-speed USB device number 21 using dummy_hcd [ 550.545267][ T41] kauditd_printk_skb: 13 callbacks suppressed [ 550.545366][ T41] audit: type=1800 audit(2000001252.813:5810): pid=29928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.10552" name="bus" dev="9p" ino=72876323 res=0 errno=0 [ 550.592038][ T34] usb 9-1: new high-speed USB device number 36 using dummy_hcd [ 550.632035][ T5823] usb 11-1: Using ep0 maxpacket: 8 [ 550.636509][ T5823] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 550.641161][ T5823] usb 11-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 550.644546][ T5823] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 550.648370][ T5823] usb 11-1: config 0 descriptor?? [ 550.723571][T29930] overlayfs: failed to clone lowerpath [ 550.742175][ T34] usb 9-1: Using ep0 maxpacket: 32 [ 550.747745][ T34] usb 9-1: config index 0 descriptor too short (expected 156, got 27) [ 550.750528][ T34] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 550.754551][ T34] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 550.758186][ T34] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 550.762913][ T34] usb 9-1: config 0 interface 0 has no altsetting 0 [ 550.766841][ T34] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 550.770042][ T34] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 550.773766][ T34] usb 9-1: Product: syz [ 550.775112][ T34] usb 9-1: Manufacturer: syz [ 550.776632][ T34] usb 9-1: SerialNumber: syz [ 550.779668][ T34] usb 9-1: config 0 descriptor?? [ 550.784757][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 550.785356][ T34] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 550.794065][ T34] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 550.996637][ T9] usb 9-1: USB disconnect, device number 36 [ 550.998564][ C0] ldusb 9-1:0.0: usb_submit_urb failed (-19) [ 551.005785][ T9] ldusb 9-1:0.0: LD USB Device #0 now disconnected [ 551.066644][ T5823] iowarrior 11-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 551.270624][ T9] usb 11-1: USB disconnect, device number 21 [ 551.371120][T29938] fuse: Bad value for 'fd' [ 551.472376][T29946] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3) [ 551.475107][T29946] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 551.478876][T29946] vhci_hcd vhci_hcd.0: Device attached [ 551.494811][T29946] vhci_hcd vhci_hcd.0: pdev(7) rhport(1) sockfd(5) [ 551.496884][T29946] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 551.499446][T29946] vhci_hcd vhci_hcd.0: Device attached [ 551.513266][T29946] vhci_hcd vhci_hcd.0: pdev(7) rhport(2) sockfd(7) [ 551.515673][T29946] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 551.518155][T29946] vhci_hcd vhci_hcd.0: Device attached [ 551.521671][T29946] vhci_hcd vhci_hcd.0: pdev(7) rhport(3) sockfd(9) [ 551.523493][T29946] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 551.527597][T29946] vhci_hcd vhci_hcd.0: Device attached [ 551.530030][T29946] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 551.535631][T29955] vhci_hcd: connection closed [ 551.537518][T29953] vhci_hcd: connection closed [ 551.537853][T29949] vhci_hcd: connection closed [ 551.539284][T29947] vhci_hcd: connection closed [ 551.544495][ T58] vhci_hcd vhci_hcd.7: stop threads [ 551.547644][ T58] vhci_hcd vhci_hcd.7: release socket [ 551.549312][ T58] vhci_hcd vhci_hcd.7: disconnect device [ 551.551629][ T58] vhci_hcd vhci_hcd.7: stop threads [ 551.553800][ T58] vhci_hcd vhci_hcd.7: release socket [ 551.555916][ T58] vhci_hcd vhci_hcd.7: disconnect device [ 551.559963][ T58] vhci_hcd vhci_hcd.7: stop threads [ 551.563028][ T58] vhci_hcd vhci_hcd.7: release socket [ 551.565454][ T58] vhci_hcd vhci_hcd.7: disconnect device [ 551.567668][ T58] vhci_hcd vhci_hcd.7: stop threads [ 551.569643][ T58] vhci_hcd vhci_hcd.7: release socket [ 551.573416][ T58] vhci_hcd vhci_hcd.7: disconnect device [ 551.736400][T29962] overlayfs: failed to clone lowerpath [ 552.044547][ T41] audit: type=1326 audit(2000001254.313:5811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29978 comm="syz.6.10573" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700ef7c code=0x0 [ 552.863070][ T5823] net_ratelimit: 2 callbacks suppressed [ 552.863083][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.535249][T30039] overlayfs: failed to clone upperpath [ 553.770566][T30056] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.777032][T30056] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.779785][T30056] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.786882][T30056] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.790127][T30056] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.794033][T30056] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.796567][T30056] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.798978][T30056] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 553.801570][T30056] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 554.064881][T26034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 554.115319][ T41] audit: type=1800 audit(2000001256.383:5812): pid=30080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.10618" name="nullb0" dev="tmpfs" ino=9590 res=0 errno=0 [ 555.329580][T30113] netlink: 148 bytes leftover after parsing attributes in process `syz.7.10632'. [ 555.335898][T30116] input: syz0 as /devices/virtual/input/input44 [ 555.397761][T30119] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10636'. [ 555.552234][T30129] geneve3: entered promiscuous mode [ 555.813248][T30144] input: syz1 as /devices/virtual/input/input45 [ 556.372226][ T34] usb 12-1: new high-speed USB device number 18 using dummy_hcd [ 556.523301][ T34] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 556.526645][ T34] usb 12-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 556.529958][ T34] usb 12-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 556.535601][ T34] usb 12-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 556.538356][ T34] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 556.540943][ T34] usb 12-1: Product: syz [ 556.542646][ T34] usb 12-1: Manufacturer: syz [ 556.544163][ T34] usb 12-1: SerialNumber: syz [ 556.759545][ T34] usblp 12-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 556.960998][ T34] usb 12-1: USB disconnect, device number 18 [ 556.964600][ T34] usblp0: removed [ 557.312396][T26034] usb 11-1: new high-speed USB device number 22 using dummy_hcd [ 557.472029][T26034] usb 11-1: Using ep0 maxpacket: 16 [ 557.474931][T26034] usb 11-1: config 0 has no interfaces? [ 557.476629][T26034] usb 11-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00 [ 557.479922][T26034] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 557.483777][T26034] usb 11-1: config 0 descriptor?? [ 557.688071][T26034] usb 11-1: USB disconnect, device number 22 [ 557.939523][T30215] wlan0 speed is unknown, defaulting to 1000 [ 557.942984][T30215] syzkaller0 speed is unknown, defaulting to 1000 [ 558.075042][ T5823] net_ratelimit: 80 callbacks suppressed [ 558.075055][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 558.122076][ T34] usb 9-1: new high-speed USB device number 37 using dummy_hcd [ 558.272132][ T34] usb 9-1: Using ep0 maxpacket: 8 [ 558.277710][ T34] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 558.283275][ T34] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 558.288418][ T34] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 558.296301][ T34] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 558.300206][ T34] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 558.305590][ T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 558.455445][T30240] wlan0 speed is unknown, defaulting to 1000 [ 558.458086][T30240] syzkaller0 speed is unknown, defaulting to 1000 [ 558.513920][ T34] usb 9-1: GET_CAPABILITIES returned 0 [ 558.515677][ T34] usbtmc 9-1:16.0: can't read capabilities [ 558.625198][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 558.717410][ C2] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 558.721858][T26034] usb 9-1: USB disconnect, device number 37 [ 559.102217][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 559.465565][T30307] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 559.763197][T30332] wlan0 speed is unknown, defaulting to 1000 [ 559.765841][T30332] syzkaller0 speed is unknown, defaulting to 1000 [ 559.833346][T30337] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10727'. [ 560.145659][ T6236] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 560.150700][ T1039] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 560.159021][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 560.783491][ T6236] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 560.791354][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 560.798104][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 561.742090][T29737] Bluetooth: hci1: command 0x0405 tx timeout [ 561.742182][T30317] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 562.414477][T30380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10744'. [ 562.535630][T30317] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 563.192383][T30411] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.10756'. [ 563.265161][ T5823] net_ratelimit: 3 callbacks suppressed [ 563.265179][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 563.708357][ T41] audit: type=1326 audit(2000001265.973:5813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30421 comm="syz.6.10759" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf700ef7c code=0x0 [ 563.824102][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 563.825242][T30423] wlan0 speed is unknown, defaulting to 1000 [ 563.832618][T29737] Bluetooth: hci2: command 0x0c1a tx timeout [ 563.835320][T30423] syzkaller0 speed is unknown, defaulting to 1000 [ 564.312549][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 564.739862][T30459] syzkaller1: entered promiscuous mode [ 564.741847][T30459] syzkaller1: entered allmulticast mode [ 565.122396][T30463] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10778'. [ 565.343062][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 565.772307][ T5884] usb 12-1: new high-speed USB device number 19 using dummy_hcd [ 565.926993][ T5884] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 565.931231][ T5884] usb 12-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 565.935355][ T5884] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 565.938599][ T5884] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 565.942990][ T5884] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 565.955233][ T5884] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 565.962346][ T5884] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 565.965476][ T5884] usb 12-1: Product: syz [ 565.967135][ T5884] usb 12-1: Manufacturer: syz [ 566.014325][ T5884] cdc_wdm 12-1:1.0: skipping garbage [ 566.016465][ T5884] cdc_wdm 12-1:1.0: skipping garbage [ 566.025975][ T5884] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device [ 566.029326][ T5884] cdc_wdm 12-1:1.0: Unknown control protocol [ 566.383230][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 566.406571][T30480] raw-gadget.0 gadget.7: fail, usb_ep_set_wedge returned -11 [ 566.415140][ T1039] usb 12-1: USB disconnect, device number 19 [ 566.868094][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 566.993390][T30529] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10807'. [ 567.423184][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 567.487803][T30554] ubi: mtd0 is already attached to ubi0 [ 567.583854][ T1433] ieee802154 phy0 wpan0: encryption failed: -22 [ 567.909492][T30573] bridge_slave_0: Caught tx_queue_len zero misconfig [ 567.913570][T30573] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10827'. [ 568.147415][T30601] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10834'. [ 568.167882][T30602] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.10836'. [ 568.192027][ T34] usb 12-1: new high-speed USB device number 20 using dummy_hcd [ 568.237393][ T69] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.259097][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.264383][ T1039] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.353685][ T34] usb 12-1: Using ep0 maxpacket: 8 [ 568.356647][ T34] usb 12-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 568.360251][ T34] usb 12-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 568.365647][ T34] usb 12-1: config 0 interface 0 has no altsetting 0 [ 568.369348][ T34] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 568.372461][ T34] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 568.376279][ T34] usb 12-1: config 0 descriptor?? [ 568.462212][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.503995][T30633] [ 568.504829][T30633] ====================================================== [ 568.507020][T30633] WARNING: possible circular locking dependency detected [ 568.509161][T30633] syzkaller #0 Tainted: G L [ 568.511228][T30633] ------------------------------------------------------ [ 568.513622][T30633] syz.6.10849/30633 is trying to acquire lock: [ 568.515543][T30633] ffffffff8e9b0a80 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc_node_noprof+0x53/0x6f0 [ 568.518758][T30633] [ 568.518758][T30633] but task is already holding lock: [ 568.521041][T30633] ffff888057760f60 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: inet_stream_connect+0x43/0xa0 [ 568.524308][T30633] [ 568.524308][T30633] which lock already depends on the new lock. [ 568.524308][T30633] [ 568.527443][T30633] [ 568.527443][T30633] the existing dependency chain (in reverse order) is: [ 568.530165][T30633] [ 568.530165][T30633] -> #7 (k-sk_lock-AF_INET){+.+.}-{0:0}: [ 568.532660][T30633] lock_sock_nested+0x41/0xf0 [ 568.534320][T30633] mptcp_connect+0x660/0xaf0 [ 568.535935][T30633] __inet_stream_connect+0x208/0xfa0 [ 568.537738][T30633] inet_stream_connect+0x57/0xa0 [ 568.539437][T30633] __sys_connect_file+0x141/0x1a0 SYZFAIL: failed to recv rpc [ 568.541313][T30633] __sys_connect+0x141/0x170 [ 568.543068][T30633] __ia32_sys_connect+0x71/0xb0 [ 568.544771][T30633] __do_fast_syscall_32+0xe7/0x950 fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 568.546553][T30633] do_fast_syscall_32+0x32/0x70 [ 568.548300][T30633] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 568.550481][T30633] [ 568.550481][T30633] -> #6 (sk_lock-AF_INET){+.+.}-{0:0}: [ 568.552858][T30633] lock_sock_nested+0x41/0xf0 [ 568.554513][T30633] inet_shutdown+0x67/0x410 [ 568.556084][T30633] nbd_mark_nsock_dead+0xae/0x5c0 [ 568.557977][T30633] recv_work+0x5fb/0x8c0 [ 568.559491][T30633] process_one_work+0xa0e/0x1980 [ 568.561268][T30633] worker_thread+0x5ef/0xe50 [ 568.562875][T30633] kthread+0x370/0x450 [ 568.564369][T30633] ret_from_fork+0x72b/0xd50 [ 568.566031][T30633] ret_from_fork_asm+0x1a/0x30 [ 568.567761][T30633] [ 568.567761][T30633] -> #5 (&nsock->tx_lock){+.+.}-{4:4}: [ 568.570136][T30633] __mutex_lock+0x1a4/0x1b10 [ 568.571786][T30633] nbd_queue_rq+0x428/0x1080 [ 568.573408][T30633] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 568.575408][T30633] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 568.577539][T30633] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 568.579552][T30633] blk_mq_run_hw_queue+0x23c/0x670 [ 568.581312][T30633] blk_mq_dispatch_list+0x51d/0x1360 [ 568.583136][T30633] blk_mq_flush_plug_list+0x130/0x600 [ 568.584978][T30633] __blk_flush_plug+0x2c4/0x4b0 [ 568.586657][T30633] __submit_bio+0x584/0x6c0 [ 568.588248][T30633] submit_bio_noacct_nocheck+0x543/0xbf0 [ 568.590169][T30633] submit_bio_noacct+0xd18/0x2000 [ 568.591821][T30633] submit_bh_wbc+0x681/0x890 [ 568.593518][T30633] block_read_full_folio+0x4c8/0x8e0 [ 568.595344][T30633] filemap_read_folio+0xfc/0x3b0 [ 568.597072][T30633] do_read_cache_folio+0x2d7/0x6b0 [ 568.598814][T30633] read_part_sector+0xd1/0x370 [ 568.600457][T30633] adfspart_check_ICS+0x91/0x7d0 [ 568.602159][T30633] bdev_disk_changed+0x7a3/0x1250 [ 568.603875][T30633] blkdev_get_whole+0x187/0x290 [ 568.605585][T30633] bdev_open+0x2c7/0xe40 [ 568.607078][T30633] blkdev_open+0x34e/0x4f0 [ 568.608622][T30633] do_dentry_open+0x6d8/0x1660 [ 568.610293][T30633] vfs_open+0x82/0x3f0 [ 568.611755][T30633] path_openat+0x208c/0x31a0 [ 568.613366][T30633] do_file_open+0x20e/0x430 [ 568.614942][T30633] do_sys_openat2+0x10d/0x1e0 [ 568.616566][T30633] __x64_sys_openat+0x12d/0x210 [ 568.618235][T30633] do_syscall_64+0x10b/0x830 [ 568.619828][T30633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.621810][T30633] [ 568.621810][T30633] -> #4 (&cmd->lock){+.+.}-{4:4}: [ 568.623989][T30633] __mutex_lock+0x1a4/0x1b10 [ 568.625609][T30633] nbd_queue_rq+0xba/0x1080 [ 568.627183][T30633] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 568.629084][T30633] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 568.631174][T30633] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 568.633203][T30633] blk_mq_run_hw_queue+0x23c/0x670 [ 568.634964][T30633] blk_mq_dispatch_list+0x51d/0x1360 [ 568.636779][T30633] blk_mq_flush_plug_list+0x130/0x600 [ 568.638633][T30633] __blk_flush_plug+0x2c4/0x4b0 [ 568.640217][T30633] __submit_bio+0x584/0x6c0 [ 568.641808][T30633] submit_bio_noacct_nocheck+0x543/0xbf0 [ 568.643729][T30633] submit_bio_noacct+0xd18/0x2000 [ 568.645466][T30633] submit_bh_wbc+0x681/0x890 [ 568.647068][T30633] block_read_full_folio+0x4c8/0x8e0 [ 568.648882][T30633] filemap_read_folio+0xfc/0x3b0 [ 568.650595][T30633] do_read_cache_folio+0x2d7/0x6b0 [ 568.652349][T30633] read_part_sector+0xd1/0x370 [ 568.654007][T30633] adfspart_check_ICS+0x91/0x7d0 [ 568.655709][T30633] bdev_disk_changed+0x7a3/0x1250 [ 568.657436][T30633] blkdev_get_whole+0x187/0x290 [ 568.659110][T30633] bdev_open+0x2c7/0xe40 [ 568.660615][T30633] blkdev_open+0x34e/0x4f0 [ 568.662173][T30633] do_dentry_open+0x6d8/0x1660 [ 568.663827][T30633] vfs_open+0x82/0x3f0 [ 568.665288][T30633] path_openat+0x208c/0x31a0 [ 568.666898][T30633] do_file_open+0x20e/0x430 [ 568.668478][T30633] do_sys_openat2+0x10d/0x1e0 [ 568.670111][T30633] __x64_sys_openat+0x12d/0x210 [ 568.671795][T30633] do_syscall_64+0x10b/0x830 [ 568.673402][T30633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.675393][T30633] [ 568.675393][T30633] -> #3 (set->srcu){.+.+}-{0:0}: [ 568.677591][T30633] __synchronize_srcu+0xa2/0x300 [ 568.679313][T30633] blk_mq_quiesce_queue+0x149/0x1c0 [ 568.681100][T30633] elevator_switch+0x17b/0x7e0 [ 568.682753][T30633] elevator_change+0x352/0x530 [ 568.684393][T30633] elevator_set_default+0x29e/0x360 [ 568.686158][T30633] blk_register_queue+0x48e/0x630 [ 568.687878][T30633] __add_disk+0x73f/0xe40 [ 568.689410][T30633] add_disk_fwnode+0x118/0x5c0 [ 568.691069][T30633] nbd_dev_add+0x77a/0xb10 [ 568.692634][T30633] nbd_init+0x291/0x2b0 [ 568.694248][T30633] do_one_initcall+0x121/0x750 [ 568.695907][T30633] kernel_init_freeable+0x6ea/0x7b0 [ 568.697716][T30633] kernel_init+0x1f/0x1e0 [ 568.699237][T30633] ret_from_fork+0x72b/0xd50 [ 568.700841][T30633] ret_from_fork_asm+0x1a/0x30 [ 568.702499][T30633] [ 568.702499][T30633] -> #2 (&q->elevator_lock){+.+.}-{4:4}: [ 568.704899][T30633] __mutex_lock+0x1a4/0x1b10 [ 568.706509][T30633] elevator_change+0x1bc/0x530 [ 568.708152][T30633] elevator_set_none+0x92/0xf0 [ 568.709803][T30633] blk_mq_update_nr_hw_queues+0x4c1/0x15f0 [ 568.711782][T30633] nbd_start_device+0x1a6/0xbd0 [ 568.713465][T30633] nbd_genl_connect+0xff2/0x1a40 [ 568.715178][T30633] genl_family_rcv_msg_doit+0x214/0x300 [ 568.717099][T30633] genl_rcv_msg+0x560/0x800 [ 568.718676][T30633] netlink_rcv_skb+0x159/0x420 [ 568.720316][T30633] genl_rcv+0x28/0x40 [ 568.721757][T30633] netlink_unicast+0x585/0x850 [ 568.723409][T30633] netlink_sendmsg+0x8b0/0xda0 [ 568.725084][T30633] ____sys_sendmsg+0x9e1/0xb70 [ 568.726808][T30633] ___sys_sendmsg+0x190/0x1e0 [ 568.728418][T30633] __sys_sendmsg+0x170/0x220 [ 568.729984][T30633] __do_fast_syscall_32+0xe7/0x950 [ 568.731736][T30633] do_fast_syscall_32+0x32/0x70 [ 568.733411][T30633] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 568.735525][T30633] [ 568.735525][T30633] -> #1 (&q->q_usage_counter(io)#55){++++}-{0:0}: [ 568.738145][T30633] blk_alloc_queue+0x610/0x790 [ 568.739797][T30633] blk_mq_alloc_queue+0x174/0x290 [ 568.741537][T30633] __blk_mq_alloc_disk+0x29/0x120 [ 568.743269][T30633] nbd_dev_add+0x492/0xb10 [ 568.744828][T30633] nbd_init+0x291/0x2b0 [ 568.746313][T30633] do_one_initcall+0x121/0x750 [ 568.747970][T30633] kernel_init_freeable+0x6ea/0x7b0 [ 568.749748][T30633] kernel_init+0x1f/0x1e0 [ 568.751278][T30633] ret_from_fork+0x72b/0xd50 [ 568.753011][T30633] ret_from_fork_asm+0x1a/0x30 [ 568.754692][T30633] [ 568.754692][T30633] -> #0 (fs_reclaim){+.+.}-{0:0}: [ 568.756945][T30633] __lock_acquire+0x14b8/0x2630 [ 568.758662][T30633] lock_acquire+0x1b1/0x370 [ 568.760248][T30633] fs_reclaim_acquire+0xc4/0x100 [ 568.761964][T30633] kmem_cache_alloc_node_noprof+0x53/0x6f0 [ 568.763929][T30633] __alloc_skb+0x140/0x710 [ 568.765510][T30633] tcp_stream_alloc_skb+0x34/0x660 [ 568.767286][T30633] tcp_connect+0xf06/0x5530 [ 568.768858][T30633] tcp_v4_connect+0x15fe/0x1b40 [ 568.770536][T30633] __inet_stream_connect+0x208/0xfa0 [ 568.772364][T30633] inet_stream_connect+0x57/0xa0 [ 568.774066][T30633] p9_fd_create_tcp+0x379/0x4d0 [ 568.775772][T30633] p9_client_create+0x563/0xd40 [ 568.777412][T30633] v9fs_session_init+0x3c/0xd20 [ 568.779150][T30633] v9fs_get_tree+0xb8/0xb50 [ 568.780709][T30633] vfs_get_tree+0x92/0x320 [ 568.782213][T30633] path_mount+0x7d0/0x23d0 [ 568.783731][T30633] __ia32_sys_mount+0x292/0x310 [ 568.785386][T30633] __do_fast_syscall_32+0xe7/0x950 [ 568.787076][T30633] do_fast_syscall_32+0x32/0x70 [ 568.788743][T30633] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 568.790859][T30633] [ 568.790859][T30633] other info that might help us debug this: [ 568.790859][T30633] [ 568.793997][T30633] Chain exists of: [ 568.793997][T30633] fs_reclaim --> sk_lock-AF_INET --> k-sk_lock-AF_INET [ 568.793997][T30633] [ 568.797860][T30633] Possible unsafe locking scenario: [ 568.797860][T30633] [ 568.800150][T30633] CPU0 CPU1 [ 568.801812][T30633] ---- ---- [ 568.803432][T30633] lock(k-sk_lock-AF_INET); [ 568.804878][T30633] lock(sk_lock-AF_INET); [ 568.807018][T30633] lock(k-sk_lock-AF_INET); [ 568.809154][T30633] lock(fs_reclaim); [ 568.810406][T30633] [ 568.810406][T30633] *** DEADLOCK *** [ 568.810406][T30633] [ 568.812887][T30633] 1 lock held by syz.6.10849/30633: [ 568.814505][T30633] #0: ffff888057760f60 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: inet_stream_connect+0x43/0xa0 [ 568.817520][T30633] [ 568.817520][T30633] stack backtrace: [ 568.819304][T30633] CPU: 0 UID: 0 PID: 30633 Comm: syz.6.10849 Tainted: G L syzkaller #0 PREEMPT(full) [ 568.819321][T30633] Tainted: [L]=SOFTLOCKUP [ 568.819326][T30633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 568.819354][T30633] Call Trace: [ 568.819379][T30633] [ 568.819384][T30633] dump_stack_lvl+0x100/0x190 [ 568.819400][T30633] print_circular_bug.cold+0x178/0x1c7 [ 568.819460][T30633] check_noncircular+0x146/0x160 [ 568.819481][T30633] __lock_acquire+0x14b8/0x2630 [ 568.819493][T30633] ? ipv4_dst_check+0x1a8/0x3b0 [ 568.819506][T30633] lock_acquire+0x1b1/0x370 [ 568.819516][T30633] ? kmem_cache_alloc_node_noprof+0x53/0x6f0 [ 568.819529][T30633] ? __lock_acquire+0x4a5/0x2630 [ 568.819540][T30633] fs_reclaim_acquire+0xc4/0x100 [ 568.819555][T30633] ? kmem_cache_alloc_node_noprof+0x53/0x6f0 [ 568.819565][T30633] kmem_cache_alloc_node_noprof+0x53/0x6f0 [ 568.819577][T30633] ? __alloc_skb+0x140/0x710 [ 568.819591][T30633] __alloc_skb+0x140/0x710 [ 568.819603][T30633] ? __pfx___alloc_skb+0x10/0x10 [ 568.819617][T30633] tcp_stream_alloc_skb+0x34/0x660 [ 568.819631][T30633] tcp_connect+0xf06/0x5530 [ 568.819648][T30633] ? __pfx_tcp_connect+0x10/0x10 [ 568.819662][T30633] ? get_random_u16+0x583/0x7d0 [ 568.819737][T30633] ? tcp_fastopen_cookie_check+0x3c8/0x450 [ 568.819759][T30633] tcp_v4_connect+0x15fe/0x1b40 [ 568.819774][T30633] ? __pfx_tcp_v4_connect+0x10/0x10 [ 568.819786][T30633] ? __lock_acquire+0x4a5/0x2630 [ 568.819797][T30633] __inet_stream_connect+0x208/0xfa0 [ 568.819811][T30633] ? __pfx___inet_stream_connect+0x10/0x10 [ 568.819823][T30633] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 568.819837][T30633] ? __local_bh_enable_ip+0x9e/0x120 [ 568.819871][T30633] inet_stream_connect+0x57/0xa0 [ 568.819882][T30633] p9_fd_create_tcp+0x379/0x4d0 [ 568.819899][T30633] ? __pfx_p9_fd_create_tcp+0x10/0x10 [ 568.819917][T30633] ? lockdep_init_map_type+0x5c/0x250 [ 568.819929][T30633] p9_client_create+0x563/0xd40 [ 568.819942][T30633] ? __pfx_p9_client_create+0x10/0x10 [ 568.819955][T30633] ? lockdep_init_map_type+0x5c/0x250 [ 568.819966][T30633] ? __raw_spin_lock_init+0x3a/0x110 [ 568.819983][T30633] v9fs_session_init+0x3c/0xd20 [ 568.819998][T30633] ? kasan_save_track+0x14/0x30 [ 568.820030][T30633] v9fs_get_tree+0xb8/0xb50 [ 568.820046][T30633] ? rcu_is_watching+0x12/0xc0 [ 568.820059][T30633] ? __pfx_v9fs_get_tree+0x10/0x10 [ 568.820075][T30633] ? bpf_lsm_capable+0x9/0x10 [ 568.820090][T30633] ? security_capable+0x80/0x260 [ 568.820166][T30633] vfs_get_tree+0x92/0x320 [ 568.820178][T30633] path_mount+0x7d0/0x23d0 [ 568.820196][T30633] ? __pfx_path_mount+0x10/0x10 [ 568.820211][T30633] ? lockdep_hardirqs_on+0x78/0x100 [ 568.820223][T30633] ? putname+0xb1/0x110 [ 568.820237][T30633] ? kmem_cache_free+0x127/0x6c0 [ 568.820255][T30633] ? __ia32_sys_mount+0x292/0x310 [ 568.820270][T30633] __ia32_sys_mount+0x292/0x310 [ 568.820286][T30633] ? __pfx___ia32_sys_mount+0x10/0x10 [ 568.820303][T30633] ? rcu_is_watching+0x12/0xc0 [ 568.820316][T30633] __do_fast_syscall_32+0xe7/0x950 [ 568.820329][T30633] do_fast_syscall_32+0x32/0x70 [ 568.820341][T30633] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 568.820356][T30633] RIP: 0023:0xf700ef7c [ 568.820365][T30633] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 568.820377][T30633] RSP: 002b:00000000f53dc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000015 [ 568.820410][T30633] RAX: ffffffffffffffda RBX: 0000000080000640 RCX: 0000000080000680 [ 568.820417][T30633] RDX: 00000000800006c0 RSI: 0000000000008010 RDI: 0000000080000180 [ 568.820424][T30633] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 568.820430][T30633] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 568.820437][T30633] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 568.820447][T30633] [ 568.954766][T30633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.957424][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.960017][T30633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.962703][T30633] 9pnet_fd: p9_fd_create_tcp (30633): problem connecting socket to 127.0.0.1 [ 568.965478][T30633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 568.971966][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 569.502114][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 569.524055][T17442] syz_tun (unregistering): left allmulticast mode [ 569.526450][T17442] syz_tun (unregistering): left promiscuous mode [ 569.528668][T17442] bridge0: port 3(syz_tun) entered disabled state [ 569.723798][ T34] usbhid 12-1:0.0: can't add hid device: -71 [ 569.725686][ T34] usbhid 12-1:0.0: probe with driver usbhid failed with error -71 [ 569.729144][ T34] usb 12-1: USB disconnect, device number 20 [ 569.902360][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 570.073641][T30633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 570.222940][ T6235] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.503663][ T6235] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.542444][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 570.882685][ T6235] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 571.162696][ T6235] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 571.792576][ T6235] bridge_slave_1: left promiscuous mode [ 571.794518][ T6235] bridge0: port 2(bridge_slave_1) entered disabled state [ 571.882320][ T6235] bridge_slave_0: left allmulticast mode [ 571.884506][ T6235] bridge_slave_0: left promiscuous mode [ 571.886502][ T6235] bridge0: port 1(bridge_slave_0) entered disabled state [ 572.624358][ T5450] 8021q: adding VLAN 0 to HW filter on device eth10 [ 572.703189][ T6235] tipc: Disabling bearer [ 572.705010][ T6235] tipc: Left network mode [ 572.767292][ T5450] 8021q: adding VLAN 0 to HW filter on device eth11 [ 572.882616][ T5450] 8021q: adding VLAN 0 to HW filter on device eth12 [ 573.284076][ T5450] 8021q: adding VLAN 0 to HW filter on device eth13 [ 573.512924][ T6235] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 573.515429][ T6235] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 573.612786][ T6235] veth1_macvtap: left promiscuous mode [ 573.614638][ T6235] veth0_macvtap: left promiscuous mode [ 573.616554][ T6235] veth1_vlan: left promiscuous mode [ 573.618393][ T6235] veth0_vlan: left promiscuous mode [ 573.662846][ T5823] net_ratelimit: 3 callbacks suppressed [ 573.662860][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.473406][ T6235] team0 (unregistering): Port device team_slave_1 removed [ 574.522407][ T6235] team0 (unregistering): Port device team_slave_0 removed [ 574.713107][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 575.743022][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 575.856901][ T6235] IPVS: stop unused estimator thread 0... [ 575.982505][ T5884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 576.333095][ T6235] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 576.652688][ T6235] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 576.784500][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 577.002848][ T6235] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 577.282774][ T6235] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 577.822556][ T5528] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 577.825506][ T5823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 577.892537][ T6235] bridge_slave_1: left allmulticast mode [ 577.894774][ T6235] bridge_slave_1: left promiscuous mode [ 577.897060][ T6235] bridge0: port 2(bridge_slave_1) entered disabled state [ 577.982627][ T6235] bridge_slave_0: left allmulticast mode [ 577.985011][ T6235] bridge_slave_0: left promiscuous mode [ 577.987165][ T6235] bridge0: port 1(bridge_slave_0) entered disabled state