last executing test programs: 14m17.420445207s ago: executing program 2 (id=196): socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x14) r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r1, 0x80045017, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$snddsp(r2, &(0x7f0000000200)="a38d", 0x2) ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0) pselect6(0x40, &(0x7f0000000600)={0x0, 0x10000000000000}, 0x0, &(0x7f0000000680)={0xff}, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_REWIND(r2, 0x40084146, &(0x7f00000003c0)=0x2) 14m15.903974985s ago: executing program 2 (id=202): unshare(0x22020400) r0 = syz_open_dev$sndctrl(&(0x7f0000001ac0), 0x0, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) creat(&(0x7f00000000c0)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x201000, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$sock_buf(r1, 0x1, 0x1c, 0x0, 0x0) open(&(0x7f0000000540)='./bus\x00', 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r2, 0x40405514, &(0x7f0000000200)={0x9, 0x2, 0x0, 0xfffffff7, 'syz1\x00', 0xffffff7d}) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0xc1105511, &(0x7f0000000040)={0x9}) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0xc1105511, &(0x7f0000000040)) 14m15.431276728s ago: executing program 2 (id=205): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x367, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffefb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r2}, 0x10) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000a000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r4, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 14m15.043301473s ago: executing program 2 (id=208): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) move_mount(r0, &(0x7f0000000080)='./file0/file0\x00', r0, &(0x7f0000000040)='./file0/../file0\x00', 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x12f451, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=r0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 14m14.580259382s ago: executing program 2 (id=212): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) mkdir(0x0, 0x0) r1 = gettid() r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101102) read(r2, &(0x7f0000000200)=""/213, 0xd5) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000040)={0x335, @tick, 0x0, {}, 0xfc}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r2, 0xc08c5334, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00'}) tkill(r1, 0x7) 14m14.128179498s ago: executing program 2 (id=215): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000340)={0x40, 0xf, 0x1, 'V'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000780)={0x2c, &(0x7f0000000580)={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f00000007c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 14m13.643303025s ago: executing program 32 (id=215): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000340)={0x40, 0xf, 0x1, 'V'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000780)={0x2c, &(0x7f0000000580)={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f00000007c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 14m10.593730433s ago: executing program 0 (id=229): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000a24000/0x3000)=nil, 0x3000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) munlockall() 14m8.40816154s ago: executing program 0 (id=230): syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f81"], 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}}) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x82c02, 0x40) truncate(&(0x7f0000000080)='./file0\x00', 0xb) write$binfmt_misc(r3, &(0x7f0000000300), 0x4) 14m6.855573573s ago: executing program 0 (id=235): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$isdn_base(0x22, 0x3, 0x0) r2 = timerfd_create(0x8, 0x0) timerfd_settime(r2, 0x3, 0x0, 0x0) bind$isdn_base(r1, 0x0, 0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r3, &(0x7f0000000100), 0x12) 14m5.814891909s ago: executing program 0 (id=238): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='nr_inodes=M']) chdir(&(0x7f0000000140)='./file0\x00') mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x1217880, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00') read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100) 14m5.648868497s ago: executing program 0 (id=239): ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) unshare(0x2040400) newfstatat(0xffffffff0000005d, 0x0, 0x0, 0x1000) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x84}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0xa0}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) 14m5.131438038s ago: executing program 0 (id=241): fanotify_mark(0xffffffffffffffff, 0x41, 0x8000038, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) r1 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) connect$l2tp6(r1, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20) sendmmsg$inet6(r1, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0}}], 0x17fd147c801ae9ab, 0x0) 14m4.136845329s ago: executing program 33 (id=241): fanotify_mark(0xffffffffffffffff, 0x41, 0x8000038, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) r1 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) connect$l2tp6(r1, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20) sendmmsg$inet6(r1, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0}}], 0x17fd147c801ae9ab, 0x0) 3m35.040818081s ago: executing program 1 (id=1672): socket$inet(0x2, 0x4000000000000001, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@deltaction={0x18, 0x30, 0x9, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x4}]}, 0x18}}, 0x6000c810) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x4}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time={0xffff, 0xa5}, {}, {0x2}, @connect={{0x2, 0x3}, {0x3}}}, {0x0, 0x0, 0x1, 0x0, @time, {}, {}, @connect={{}, {0x0, 0x5}}}], 0x54) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x13, 0x1c, &(0x7f00000009c0)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x6}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0x6}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x4}}, [@snprintf={{0x7, 0x0, 0x8, 0x6}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x6}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x6}, {}, {}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x4}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 3m31.993334286s ago: executing program 1 (id=1678): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, 0x0, 0x0) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f00000000c0)=0x5, 0x4) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fchdir(r2) close(r2) openat2(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)={0x591003, 0x0, 0x9}, 0x18) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) sendmmsg$sock(r1, &(0x7f0000000140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@txtime={{0x14, 0x1, 0x51, 0x7}}], 0x14}}], 0x1, 0x0) r3 = socket$kcm(0x11, 0x2, 0x300) setxattr$trusted_overlay_redirect(&(0x7f0000000180)='./cgroup\x00', &(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x8, 0x2) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendmsg$tipc(r4, &(0x7f0000003a00)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x9}}, 0x10, &(0x7f0000000b40)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000001a00), 0x101d0}], 0x4}, 0x0) recvmsg(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000b80)=""/4096, 0x1000}], 0x1}, 0x0) sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x2c, 0x2, 0x9, 0x301, 0x0, 0x0, {}, [@NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @dev}}}]}]}, 0x6f}}, 0x0) 3m30.553208442s ago: executing program 1 (id=1682): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) read$dsp(r1, &(0x7f00000002c0)=""/4096, 0x1000) write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) r2 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r2, &(0x7f0000000000)={0xa0000001}) ppoll(&(0x7f0000000200)=[{r5, 0x1}], 0x1, 0x0, 0x0, 0x3) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) read$dsp(r1, &(0x7f00000001c0)=""/167, 0xa7) 3m28.879766116s ago: executing program 1 (id=1688): r0 = socket$qrtr(0x2a, 0x2, 0x0) r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r2) r3 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0) ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x1000001000104) ioctl$NBD_SET_SOCK(r3, 0xab00, r2) ioctl$NBD_DO_IT(r1, 0xab03) ioctl$NBD_CLEAR_SOCK(r3, 0xab04) close_range(r0, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)={0x0, 0x0}) r5 = syz_open_procfs(r4, 0x0) fsync(r5) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r5, 0xc0096616, &(0x7f0000000180)) 3m28.433225884s ago: executing program 1 (id=1691): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x2) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x4) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x53cb1000) syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='ns\x00') getdents64(r0, &(0x7f0000000240)=""/177, 0xb1) getdents64(r0, 0x0, 0xffffffff00000018) 3m26.183255291s ago: executing program 1 (id=1698): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x800) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=r4]) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1) mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0)='jfs\x00', 0x0, &(0x7f0000000340)) 3m9.954776285s ago: executing program 34 (id=1698): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x800) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=r4]) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1) mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0)='jfs\x00', 0x0, &(0x7f0000000340)) 28.90740045s ago: executing program 4 (id=1986): r0 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000240)=@get={0x1, 0x0, 0x6}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2) readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/241, 0xf1}], 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/88, 0x58}, {&(0x7f0000000380)=""/97, 0x61}, {&(0x7f0000000580)=""/155, 0x9b}, {&(0x7f0000000640)=""/142, 0x8e}, {&(0x7f0000000700)=""/166, 0xa6}], 0x5) socket$key(0xf, 0x3, 0x2) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111a900000000008510000002000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="38010000100013070000000000000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032000000ff01000000000000000000200000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200030000000000000048000200656362286369706865725f6e756c6c29"], 0x138}, 0x1, 0xe}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000840)={'team0\x00', 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000880)={0x0, 0x0}, &(0x7f00000008c0)=0xc) sendmsg$nl_xfrm(r0, &(0x7f0000000b00)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000900)=@migrate={0x19c, 0x21, 0x4, 0x70bd28, 0x25dfdbfd, {{@in=@multicast1, @in=@broadcast, 0x4e20, 0x0, 0x4e23, 0x1, 0xa, 0x80, 0x20, 0x4, r4, r5}, 0x6e6bb8, 0x1}, [@algo_crypt={0xb2, 0x2, {{'lrw(serpent)\x00'}, 0x350, "a6b7e8726486965a5a2bd56e37340d481b0256e4c8f999666e48c39c49d15128afa78e920416545bc767b7cde88af6f04c0dc92f05f710630ec6098e69e66ce11e65b09674ed5596c9e502aa797ca4cd88432ed17c94f57141dc31ab1ad0ff709a993cc1452c3d9e88e3"}}, @mark={0xc, 0x15, {0x350759, 0x80}}, @lastused={0xc, 0xf, 0x6}, @algo_crypt={0x7f, 0x2, {{'ecb-serpent-avx2\x00'}, 0x1b8, "f193ce8d64275309e6715708536ee4d6a7622e5f8ed139db623e07f6ee0c3bd4eecd51cef2018299b2a079284662979d0c1bb20752fe42"}}]}, 0x19c}, 0x1, 0x0, 0x0, 0x24000000}, 0x40040) 24.131794378s ago: executing program 4 (id=1992): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) unshare(0x8000000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, &(0x7f0000000000)=0x7e, 0x4) setitimer(0x1, &(0x7f0000000000)={{0x100, 0x5}, {0xb, 0x4}}, 0x0) getitimer(0x1, &(0x7f0000000140)) 21.608556374s ago: executing program 4 (id=1997): r0 = io_uring_setup(0x2e34, &(0x7f0000000180)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r4, r3, 0x7, 0x0, 0x0, @void, @value}, 0x10) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) write$binfmt_elf32(r5, &(0x7f00000014c0)=ANY=[], 0x46b) sendmmsg$inet(r5, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0xa6}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r4, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r2}, 0x20) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 20.198792686s ago: executing program 4 (id=1999): r0 = socket$inet_smc(0x2b, 0x1, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mbind(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x4, 0x0, 0x0, 0x0) syz_usbip_server_init(0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000040), &(0x7f00000000c0)=0x30) r2 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_DEL_RULE(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x90101840}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x44c, 0x3f4, 0x300, 0x70bd26, 0x25dfdbfd, {0x6, 0x0, 0x2b, [0x3ff, 0x9, 0x0, 0x2, 0x80000000, 0x2, 0x5, 0xfffffffc, 0x7f, 0xd84, 0x9, 0x80000000, 0x1c64, 0x8000, 0xff, 0x2380, 0xfffffffd, 0x8, 0xfffffff9, 0x10001, 0xa814, 0xa, 0x0, 0xff, 0xd, 0x2, 0x3, 0x8, 0x1, 0x64, 0x7, 0x9, 0x89ce, 0x200, 0x2, 0x101, 0x7, 0x3, 0x8, 0x4, 0x4, 0x6, 0x10000, 0x9be, 0x1, 0x7ff, 0x88d, 0x9, 0x10000, 0x5, 0xbc, 0x7f, 0x2, 0x7fffffff, 0x1, 0x80, 0x5, 0x8000, 0x1, 0x3, 0x2, 0x3, 0x0, 0x118], [0x2, 0x101, 0xec, 0x9, 0x1, 0x81, 0x9, 0x9, 0xfffffbff, 0xfff, 0x720, 0x7, 0x2, 0x3, 0x81, 0x3, 0x8, 0x4, 0xfffffffd, 0xf5cf, 0x8, 0x5, 0xcef, 0x2, 0x2, 0xc9d, 0x4, 0x6ee, 0xffffffff, 0x0, 0x4, 0xffff, 0x0, 0x1000, 0x4, 0x6, 0xff, 0x322b, 0x7, 0x6, 0x2, 0x8, 0x2, 0x7f, 0x7, 0x4, 0x0, 0x5, 0xab, 0x9, 0xbb, 0x5, 0x0, 0x1, 0x40, 0x10000, 0x6, 0xffffffef, 0x5, 0x9, 0xe7ab, 0xed46, 0x101], [0x7ff, 0x2e, 0x2, 0x401, 0x64, 0x7, 0x6, 0x2, 0x0, 0x70dba000, 0x0, 0x4000000, 0x3, 0x10000, 0x2, 0xfffffffa, 0x7, 0x2, 0x4, 0xd2c1, 0x7f, 0x7f, 0x9, 0x8, 0x9, 0x80000000, 0x22f2, 0xffff, 0x7, 0x3, 0x8, 0xbcf, 0x5, 0xce2, 0x3, 0xdf95, 0xe02, 0xffffffff, 0x3ff, 0xfff, 0xffffffff, 0x3, 0xffff, 0xc, 0x8, 0xa, 0x401, 0x4, 0x8, 0x8, 0x5, 0x3, 0xffff, 0x9, 0x1, 0x9, 0x945, 0x4, 0x5, 0x6, 0x6fe, 0x5, 0x3, 0x6], [0x40, 0x3, 0x8001, 0x3cc3ad25, 0x83a, 0xc890, 0x4, 0x69e8, 0x1, 0x4, 0x3, 0x2, 0x2, 0x6, 0x0, 0x9, 0x8, 0x3860, 0x598, 0x2, 0x4, 0x4, 0x0, 0x8, 0x9a, 0x4, 0x5, 0xb, 0x4, 0x0, 0x10000, 0xf, 0x5, 0x100, 0x6, 0x2, 0x9, 0x5, 0x8, 0x5, 0x10000, 0x7, 0x7, 0xc28, 0x3ff, 0x2, 0x5, 0x8, 0xd0, 0x5, 0x1b9, 0x4, 0xfffff482, 0xb5, 0x5, 0x0, 0x2, 0x2, 0x4b, 0x1, 0x8, 0x40, 0x6, 0x1], 0x2b, ['bridge0\x00', 'bridge0\x00', '\x00', '/dev/cpu/#/msr\x00', ',\',\x00', '$+[}\x00', '[\x00']}, ["", "", ""]}, 0x44c}, 0x1, 0x0, 0x0, 0x10}, 0x80) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge0\x00'}) sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c00000010000104000000000008000008794ee0", @ANYRES32=0x0, @ANYRES8=r4], 0x4c}}, 0x40000) 19.859967544s ago: executing program 7 (id=2000): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) r3 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r3, 0x89e3, &(0x7f0000000280)) 16.556275694s ago: executing program 7 (id=2005): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000013c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300007e000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) syz_emit_ethernet(0xbe, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000000800450000b00000000000119078000000000000000000000000003490780100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000001e0000000000000000000000000000000008"], 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff, 0x1f}]}) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x3, 0x2, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0) r4 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42) ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000440)={r3, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323695c58d66500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}}) ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f0000000140)={0x0, {}, 0x0, {}, 0x6000, 0x6, 0x4, 0x0, "cd0d05a286a8d9c7b438dd4350274fc803519e3d7d156d943d4034728428556b2b5a97d6203497d63e98ec46bc3116e3930f9b02cdc0f982e0d499db318cb04c", "e39fb4a6d3333aba8405d70d523a5a783847b8bc04869aad25d757c86a08e932", [0xd026, 0x52]}) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe80, 0xe80, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x8001}}, './file0\x00'}) ioctl$SNDRV_PCM_IOCTL_REWIND(r6, 0x40084146, &(0x7f0000000040)=0x7) 16.24836335s ago: executing program 3 (id=2007): r0 = socket$kcm(0x2, 0x3, 0x2) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, 0x0) getsockopt$bt_hci(r1, 0x84, 0x76, 0x0, &(0x7f0000001080)) socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x6, &(0x7f0000000240), &(0x7f0000000280)=0x4) socket$nl_route(0x10, 0x3, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xa0, 0xce, 0xf6, 0x20, 0x557, 0x7820, 0xa62f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1e, 0xf2, 0x11}}]}}]}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$inet(r0, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x4d, &(0x7f00000000c0)=[{&(0x7f0000000100)="acfd4331", 0x4}, {&(0x7f0000000200)="69974f3c005fc51593d3a44df57ac648b27c9ecf2779be1fb6d33f46d4", 0x1d}, {&(0x7f0000000140)="f8d598772bc0364aa0b34c553897027d", 0x10}], 0x3, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x28}, @multicast1}}}, @ip_retopts={{0x14}}], 0x38}, 0x0) 13.610472324s ago: executing program 5 (id=2009): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x2, 0x80805, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) r4 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r3, 0x84, 0xe, &(0x7f0000000080)={r5, 0x0, 0x5, 0x6a3, 0x7, 0x7fff, 0x700, 0x0, {0x0, @in6={{0xa, 0x4e21, 0x67, @remote, 0x1}}, 0x4, 0xffff, 0x2fd50319, 0x8b, 0x7fffffff}}, &(0x7f0000000140)=0xb0) 13.572855211s ago: executing program 4 (id=2010): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324241}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000000203010100000000000000000000000009000200c9ce530ad2e4a1497b65a2444cd7a105585f1f4fdeb77b4788e22337b70000"], 0x28}}, 0x0) r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)="711f04800000000000000c55f538", 0xe}}, 0x0) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000002c80)=0x142, 0x4) recvmmsg(r4, &(0x7f0000002e40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}}], 0x40000000000019e, 0x142, 0x0) 13.135643746s ago: executing program 7 (id=2011): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x200000a, 0x5d031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xc4}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000}) 11.405735845s ago: executing program 3 (id=2013): r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 10.977419773s ago: executing program 5 (id=2014): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet(0x2, 0x3, 0x8d) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r4 = openat$cgroup_devices(r3, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r4, &(0x7f0000000080)={'b', ' *:* ', 'wm\x00'}, 0x9) write$cgroup_devices(r4, &(0x7f0000000700)={'c', ' *:* ', 'r\x00'}, 0x8) write$cgroup_devices(r4, &(0x7f0000003080)={'a', ' *:* ', 'r\x00'}, 0x17) 10.653174152s ago: executing program 6 (id=2015): mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) r0 = socket$kcm(0x10, 0x0, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) epoll_create(0x16a) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000002900), 0x4) fanotify_init(0xf00, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='huge=always']) chdir(&(0x7f0000000140)='./file0\x00') r3 = open(&(0x7f0000000380)='./file1\x00', 0x109042, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) pwritev2(r4, &(0x7f00000000c0), 0x0, 0x7ffffe, 0x0, 0x0) fallocate(r3, 0x0, 0x0, 0x7000000) 9.338438657s ago: executing program 5 (id=2016): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='cpuset.memory_pressure\x00', 0x275a, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000000340)={0x3}, 0x0, 0x0) msgctl$IPC_RMID(0x0, 0x0) 8.09580606s ago: executing program 6 (id=2017): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) socket$key(0xf, 0x3, 0x2) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) add_key$user(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) r3 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x7fffffff, @dev={0xfe, 0x80, '\x00', 0x13}, 0xffffff7f}, 0x1c) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x33, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x8, 0x0, 0xfffffffd}]}, 0x10) 8.065936739s ago: executing program 5 (id=2018): mkdirat(0xffffffffffffff9c, 0x0, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf, @void, @value}, 0x94) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) chdir(0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89f1, 0x0) 7.707642956s ago: executing program 3 (id=2019): sched_setscheduler(0x0, 0x0, 0x0) io_setup(0x6, &(0x7f0000000300)=0x0) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0x0) futex(0x0, 0xb, 0x0, 0x0, &(0x7f0000004000), 0x0) io_getevents(r0, 0x2, 0x2, &(0x7f0000000040)=[{}, {}], 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r2}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="2400000070000100000000000000000007000000", @ANYRES32=r3, @ANYBLOB="0c0002"], 0x24}}, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x723841, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mq_timedreceive(r4, 0x0, 0x0, 0xff, 0x0) r5 = socket$key(0xf, 0x3, 0x2) io_submit(r0, 0x1, &(0x7f0000000540)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0}]) r6 = socket$netlink(0x10, 0x3, 0x0) io_submit(r0, 0x1, &(0x7f00000005c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0}]) 6.48067068s ago: executing program 6 (id=2020): prlimit64(0x0, 0xe, 0x0, 0x0) ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) fsopen(&(0x7f0000000080)='ramfs\x00', 0x0) symlinkat(&(0x7f0000000140)='.\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000a08700000000000000000a20000000000a01010000000000000000020000000900010073797a300000000048000000030a01010000000000000000020000000900010073797a30000000000900030073797a3200000000080007006e617400140004800800014000000000080002400000000014000000020a0500"/143], 0xa4}}, 0x0) 6.429507637s ago: executing program 3 (id=2021): r0 = socket$kcm(0x10, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000005c0)="d8000000140081044e81f782db44b904021f080219000000040060a118000200e000000a09000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843cb12b00000803600cfab94dcf5c046100a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbeffa447ef4a6fbd3824305240c", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 6.339274533s ago: executing program 7 (id=2022): socketpair$unix(0x1, 0x5, 0x0, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$SNDRV_TIMER_IOCTL_GINFO(r4, 0xc0f85403, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x3}, 0x0, 0x0, 'id1\x00', 'timer1\x00', 0x0, 0x81, 0x1, 0xffffffffffffd0c4}) 5.675504634s ago: executing program 6 (id=2023): r0 = socket$kcm(0x21, 0x2, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_open_procfs(0x0, &(0x7f0000000480)='attr/prev\x00') preadv(r4, &(0x7f00000003c0)=[{&(0x7f0000001640)=""/4108, 0x100c}], 0x1, 0x3, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00') r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d0000100000000000000000000000080012000200020000000000000000001200326a03030000001b000000000000000010002b0001000000000000000000fc020000000000000000000000000000030005000000000002000000ac1414aa0000000000000000030006000000000002"], 0x80}}, 0x0) 3.023403896s ago: executing program 6 (id=2024): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000040)) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d55549b, 0x0, [0x0, 0x0, 0x0, 0x1, 0x0, 0xe3, 0x400]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 2.553467904s ago: executing program 7 (id=2025): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x92) mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./bus\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdir(&(0x7f0000000240)='./bus\x00', 0x0) chdir(&(0x7f00000003c0)='./bus\x00') renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus/file0\x00', 0x0) r2 = open(&(0x7f00000000c0)='.\x00', 0x400, 0x0) linkat(r2, &(0x7f0000000080)='./file0\x00', r2, &(0x7f0000000100)='./file1\x00', 0x0) getdents(r2, 0x0, 0x0) mknod$loop(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, 0x1) rename(&(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0\x00') r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r3, 0x0, 0x0) 2.527328629s ago: executing program 5 (id=2026): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) fanotify_init(0xd8eb7f182129f755, 0x800) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0) sched_setscheduler(0x0, 0x6, &(0x7f0000000b40)=0x4) ioprio_set$pid(0x1, r1, 0x4007) mount$nfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='fsc']) 2.349794071s ago: executing program 3 (id=2027): r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r0, 0x0, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) syz_emit_ethernet(0x1f, &(0x7f0000000140)=ANY=[@ANYBLOB="2105000b1e85b11c60b11300001142"], 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000500)="d8000000180081054e81f782db4cb904021d0800fe207c05e8fe55a10a0015000200142603600e12080005007f370401a8001600200006000500027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2e98a61e284ce5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xd8}], 0x1}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0) preadv(r4, 0x0, 0x0, 0x401, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000390400"/20, @ANYRES32=r6, @ANYBLOB="000000000040000014001680100001800c00090005ae000004000000080004"], 0x3c}}, 0x0) 2.056712613s ago: executing program 4 (id=2028): bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip_vti0\x00'}) getpgid(r0) r3 = socket$rds(0x15, 0x5, 0x0) bind$rds(r3, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$rds(r3, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f00000009c0)=""/4078, 0xfee}], 0x1, 0x0, 0x0, 0x20004004}, 0x0) 324.310214ms ago: executing program 7 (id=2029): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x400c031, 0xffffffffffffffff, 0x100000000) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000180)) r3 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x240, 0xd8, 0xffffffff, 0xffffffff, 0xd8, 0xffffffff, 0x1a8, 0xffffff7a, 0xffffffff, 0x1a8, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'veth1\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0x0, 0x41}, 0x6, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x2, 0x0, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x3000}) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) listen(r1, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000140), 0x4) connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r5 = accept(r0, 0x0, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1) ftruncate(0xffffffffffffffff, 0xc17a) recvfrom(r4, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x0, 0x0, 0x0) 300.09881ms ago: executing program 5 (id=2030): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r2, &(0x7f00000002c0)="1a", 0x1, 0x0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendmmsg$sock(r2, &(0x7f0000002340)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000001c0)='$', 0x1}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x40000) shutdown(r2, 0x1) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x2c, 0x3b, 0x107, 0x100, 0x0, {0x1, 0x7c}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@generic="8d437a57"]}]}, 0x2c}}, 0x20010804) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x94, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x58, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0xc}}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast1}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x33}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@dev={0xac, 0x14, 0x14, 0x27}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}]}]}, 0x94}, 0x1, 0x0, 0x0, 0xd4ff9e92527ae975}, 0x40) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}], 0x1) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5800000010000104000000000000000000030000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010067656e657665000014000280080001000100000005000300000000001400030067656e657665be0d5cf0f0d20583e1eb"], 0x58}}, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000640)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x67d, 0x24, 0x2, 0x0}) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x200004c, 0x4) sendmsg$inet6(r0, &(0x7f0000000040)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x62}, 0x2}, 0x1c, 0x0}, 0x0) 126.543464ms ago: executing program 6 (id=2031): ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0285628, &(0x7f0000000080)={0x0, @win={{0x7}, 0x0, 0x0, 0x0, 0x0, 0x0}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = open(&(0x7f00009e1000)='./file0\x00', 0x48141, 0x0) fcntl$getflags(r3, 0x401) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) ustat(0xfffffffeffffffff, 0x0) 0s ago: executing program 3 (id=2032): r0 = add_key(&(0x7f0000000000)='id_resolver\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) keyctl$KEYCTL_WATCH_KEY(0x20, r0, 0xffffffffffffffff, 0x0) socket(0x10, 0x803, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = socket$phonet(0x23, 0x2, 0x1) ioctl$SIOCPNDELRESOURCE(r5, 0x89ef, &(0x7f0000004880)=0x1) kernel console output (not intermixed with test programs): C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 113.069053][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 113.077025][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 113.085287][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 113.093507][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 113.101530][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 113.109458][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 113.117410][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 113.125432][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 113.199512][ T6234] netlink: 12 bytes leftover after parsing attributes in process `syz.4.87'. [ 113.209162][ T6234] netlink: 20 bytes leftover after parsing attributes in process `syz.4.87'. [ 114.012597][ T6233] ALSA: mixer_oss: invalid OSS volume '' [ 114.021284][ T6233] ALSA: mixer_oss: invalid OSS volume 'DIGITA' [ 115.259599][ T6258] serio: Serial port pts0 [ 117.180741][ T6291] kvm: pic: non byte write [ 117.193844][ T6291] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (245259927488 ns) > initial count (134218304 ns). Using initial count to start timer. [ 117.259283][ T6254] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 117.338915][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 117.346379][ T6251] Bluetooth: hci0: Opcode 0x080f failed: -110 [ 118.539491][ T6300] uprobe: syz.4.108:6300 failed to unregister, leaking uprobe [ 119.246308][ T6313] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 119.273614][ T6313] CIFS mount error: No usable UNC path provided in device string! [ 119.273614][ T6313] [ 119.284197][ T6313] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 119.999361][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 120.880254][ T5830] block nbd0: Receive control failed (result -107) [ 120.984762][ T6323] nbd0: detected capacity change from 0 to 8589934592 [ 121.929081][ T6318] block nbd0: shutting down sockets [ 121.934725][ T6021] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 122.430690][ T6021] buffer_io_error: 7 callbacks suppressed [ 122.430712][ T6021] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.039029][ T41] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.050383][ T41] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.075442][ T6021] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.129122][ T6021] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.709090][ T6021] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.718209][ T6021] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.779928][ T6021] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.846118][ T6021] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.861200][ T6021] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.889311][ T6021] Buffer I/O error on dev nbd0, logical block 0, async page read [ 124.437565][ T6021] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 124.466922][ T6021] Buffer I/O error on dev nbd0, logical block 0, async page read [ 124.488404][ T6021] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 124.498076][ T6021] Buffer I/O error on dev nbd0, logical block 0, async page read [ 124.510891][ T6021] ldm_validate_partition_table(): Disk read failed. [ 124.518336][ T6021] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 124.541506][ T6021] Buffer I/O error on dev nbd0, logical block 0, async page read [ 124.593533][ T6021] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 124.631257][ T6021] Buffer I/O error on dev nbd0, logical block 0, async page read [ 124.649853][ T6021] Dev nbd0: unable to read RDB block 0 [ 124.657956][ T6021] nbd0: unable to read partition table [ 124.674815][ T6356] Failed to enqueue queue_pair DETACH event datagram for context (ID=0x0) [ 124.696889][ T6021] ldm_validate_partition_table(): Disk read failed. [ 124.709385][ T6021] Dev nbd0: unable to read RDB block 0 [ 124.716787][ T6021] nbd0: unable to read partition table [ 126.939418][ T5909] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 127.210831][ T6380] Bluetooth: MGMT ver 1.23 [ 127.486330][ T5909] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 127.596403][ T5909] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.929414][ T5909] usb 2-1: config 0 descriptor?? [ 127.968890][ T5909] usb 2-1: can't set config #0, error -71 [ 128.049256][ T5909] usb 2-1: USB disconnect, device number 2 [ 128.143222][ T6385] netlink: 'syz.1.133': attribute type 4 has an invalid length. [ 128.194913][ T6388] netlink: 'syz.1.133': attribute type 4 has an invalid length. [ 133.339283][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.345626][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.592537][ T6485] netlink: 36 bytes leftover after parsing attributes in process `syz.0.163'. [ 138.637107][ T6485] netlink: 16 bytes leftover after parsing attributes in process `syz.0.163'. [ 138.657990][ T6485] netlink: 36 bytes leftover after parsing attributes in process `syz.0.163'. [ 138.667614][ T6485] netlink: 36 bytes leftover after parsing attributes in process `syz.0.163'. [ 139.618645][ T6492] ttyS ttyS3: ldisc open failed (-12), clearing slot 3 [ 139.789117][ T6487] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 141.031724][ T6509] overlayfs: failed to get inode (-116) [ 141.051274][ T6509] overlayfs: failed to get inode (-116) [ 141.057955][ T6509] overlayfs: failed to get inode (-116) [ 141.064918][ T6509] overlayfs: failed to get inode (-116) [ 142.519217][ T6528] usb usb4: usbfs: process 6528 (syz.0.175) did not claim interface 0 before use [ 142.549080][ T29] audit: type=1326 audit(1734268738.797:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.0.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9528985d19 code=0x7ffc0000 [ 142.572050][ T29] audit: type=1326 audit(1734268738.827:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.0.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9528985d19 code=0x7ffc0000 [ 142.613394][ T29] audit: type=1326 audit(1734268738.827:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.0.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9528985d19 code=0x7ffc0000 [ 142.668324][ T29] audit: type=1326 audit(1734268738.827:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.0.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9528985d19 code=0x7ffc0000 [ 142.700697][ T29] audit: type=1326 audit(1734268738.827:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.0.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9528985d19 code=0x7ffc0000 [ 142.733636][ T29] audit: type=1326 audit(1734268738.847:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.0.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9528985d19 code=0x7ffc0000 [ 142.767059][ T29] audit: type=1326 audit(1734268738.847:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.0.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9528985d19 code=0x7ffc0000 [ 142.797231][ T29] audit: type=1326 audit(1734268738.847:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.0.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9528985d19 code=0x7ffc0000 [ 142.820466][ T29] audit: type=1326 audit(1734268738.847:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.0.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f9528985d19 code=0x7ffc0000 [ 142.842848][ T29] audit: type=1326 audit(1734268738.847:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6525 comm="syz.0.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9528985d19 code=0x7ffc0000 [ 144.242913][ T6538] netlink: 'syz.4.177': attribute type 2 has an invalid length. [ 147.959755][ T6555] tipc: Started in network mode [ 147.966549][ T6555] tipc: Node identity ac14140f, cluster identity 4711 [ 147.975075][ T6555] tipc: New replicast peer: 255.255.255.255 [ 147.983436][ T6555] tipc: Enabled bearer , priority 10 [ 149.136850][ T974] tipc: Node number set to 2886997007 [ 152.615571][ T6610] netlink: 28 bytes leftover after parsing attributes in process `syz.4.198'. [ 152.642107][ T6610] netlink: 28 bytes leftover after parsing attributes in process `syz.4.198'. [ 153.206769][ T6621] Cannot find del_set index 3 as target [ 153.761350][ T6629] Illegal XDP return value 3401663381 on prog (id 42) dev N/A, expect packet loss! [ 153.804042][ T6632] overlayfs: statfs failed on './file0' [ 153.840418][ T6633] bridge0: port 3(gretap0) entered blocking state [ 153.869359][ T6633] bridge0: port 3(gretap0) entered disabled state [ 153.894476][ T6633] gretap0: entered allmulticast mode [ 153.917739][ T6633] gretap0: entered promiscuous mode [ 153.945671][ T6633] bridge0: port 3(gretap0) entered blocking state [ 153.952406][ T6633] bridge0: port 3(gretap0) entered forwarding state [ 154.000699][ T6634] gretap0: left allmulticast mode [ 154.011238][ T6634] gretap0: left promiscuous mode [ 154.024099][ T6636] ======================================================= [ 154.024099][ T6636] WARNING: The mand mount option has been deprecated and [ 154.024099][ T6636] and is ignored by this kernel. Remove the mand [ 154.024099][ T6636] option from the mount to silence this warning. [ 154.024099][ T6636] ======================================================= [ 154.062835][ T6634] bridge0: port 3(gretap0) entered disabled state [ 156.916058][ T5831] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 156.953869][ T5831] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 156.983855][ T5831] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 157.069929][ T5831] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 157.090566][ T5831] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 157.104701][ T5831] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 157.699909][ T5831] Bluetooth: hci3: command tx timeout [ 158.147438][ T6682] netlink: 92 bytes leftover after parsing attributes in process `syz.4.225'. [ 158.525860][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 159.673759][ T5831] Bluetooth: hci4: command tx timeout [ 160.959535][ T6676] chnl_net:caif_netlink_parms(): no params data found [ 161.943341][ T5831] Bluetooth: hci4: command tx timeout [ 162.245602][ T6676] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.253115][ T6676] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.273844][ T6676] bridge_slave_0: entered allmulticast mode [ 162.282335][ T6676] bridge_slave_0: entered promiscuous mode [ 162.291134][ T6676] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.304102][ T6676] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.348493][ T974] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 162.379685][ T6676] bridge_slave_1: entered allmulticast mode [ 162.436931][ T6676] bridge_slave_1: entered promiscuous mode [ 162.786228][ T974] usb 5-1: Using ep0 maxpacket: 8 [ 162.805779][ T974] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 162.833156][ T974] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 162.856668][ T974] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 162.873702][ T974] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 162.887002][ T974] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 162.903685][ T6676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 162.921204][ T6676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 162.937791][ T974] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 162.997837][ T974] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.082502][ T6676] team0: Port device team_slave_0 added [ 163.095235][ T6676] team0: Port device team_slave_1 added [ 163.175478][ T6728] kvm: pic: single mode not supported [ 163.203954][ T6676] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 163.216993][ T6676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 163.243038][ C0] vkms_vblank_simulate: vblank timer overrun [ 163.251192][ T6676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 163.267381][ T6676] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 163.274570][ T6676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 163.310161][ T974] usb 5-1: GET_CAPABILITIES returned 0 [ 163.315679][ T974] usbtmc 5-1:16.0: can't read capabilities [ 163.319437][ T6676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 163.548659][ T6676] hsr_slave_0: entered promiscuous mode [ 163.594137][ T6676] hsr_slave_1: entered promiscuous mode [ 163.629412][ T6676] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 163.647391][ T6676] Cannot create hsr debugfs directory [ 163.968610][ T974] usb 5-1: USB disconnect, device number 4 [ 163.979228][ T5831] Bluetooth: hci4: command tx timeout [ 164.132356][ T6721] usbtmc 5-1:16.0: usb_control_msg returned -71 [ 164.579411][ T6735] usbtmc 5-1:16.0: usb_control_msg returned -19 [ 164.707369][ T64] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.799035][ T6676] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 164.942299][ T64] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.005932][ T6676] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 165.066886][ T6676] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 165.089958][ T6746] kvm: pic: single mode not supported [ 165.093645][ T6746] kvm: pic: single mode not supported [ 165.120916][ T6746] kvm: pic: single mode not supported [ 165.227843][ T64] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.391659][ T6676] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 165.507010][ T5830] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 165.535658][ T5830] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 165.547614][ T5830] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 166.001911][ T5830] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 166.381541][ T64] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.426114][ T5830] Bluetooth: hci4: command tx timeout [ 166.434267][ T5134] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 166.441822][ T5134] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 166.687134][ T6758] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 167.934489][ T6676] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.149088][ T64] bridge_slave_1: left allmulticast mode [ 168.182154][ T64] bridge_slave_1: left promiscuous mode [ 168.201722][ T64] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.470084][ T5134] Bluetooth: hci1: command tx timeout [ 168.830394][ T64] bridge_slave_0: left allmulticast mode [ 168.836235][ T64] bridge_slave_0: left promiscuous mode [ 168.889081][ T64] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.272547][ T6793] serio: Serial port pts0 [ 170.542372][ T5134] Bluetooth: hci1: command tx timeout [ 171.013579][ T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 171.127372][ T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 171.249316][ T64] bond0 (unregistering): Released all slaves [ 171.580244][ T6810] Invalid source name [ 171.585883][ T6810] UBIFS error (pid: 6810): cannot open "/dev/sg0", error -22 [ 172.021815][ T6676] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.497549][ T6754] chnl_net:caif_netlink_parms(): no params data found [ 172.540417][ T3455] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.547727][ T3455] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.619612][ T5134] Bluetooth: hci1: command tx timeout [ 172.635948][ T3455] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.643303][ T3455] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.872994][ T6834] netlink: 12 bytes leftover after parsing attributes in process `syz.3.265'. [ 173.163720][ T5908] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 173.359856][ T6834] vlan2: entered promiscuous mode [ 173.364985][ T6834] team_slave_1: entered promiscuous mode [ 173.385297][ T6834] team_slave_1: left promiscuous mode [ 173.441825][ T5908] usb 5-1: config 0 has an invalid interface number: 229 but max is 0 [ 173.460201][ T5908] usb 5-1: config 0 has no interface number 0 [ 173.466512][ T5908] usb 5-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice= c.19 [ 173.482767][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.511489][ T5908] usb 5-1: config 0 descriptor?? [ 173.698151][ T64] hsr_slave_0: left promiscuous mode [ 173.732154][ T64] hsr_slave_1: left promiscuous mode [ 173.790880][ T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.810601][ T5869] usb 5-1: USB disconnect, device number 5 [ 173.814317][ T64] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 173.847697][ T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.879830][ T64] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 173.926662][ T64] veth1_macvtap: left promiscuous mode [ 173.933063][ T64] veth0_macvtap: left promiscuous mode [ 173.939407][ T64] veth1_vlan: left promiscuous mode [ 173.944991][ T64] veth0_vlan: left promiscuous mode [ 174.698911][ T5134] Bluetooth: hci1: command tx timeout [ 175.872947][ T6873] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input6 [ 176.129692][ T64] team0 (unregistering): Port device team_slave_1 removed [ 176.282383][ T64] team0 (unregistering): Port device team_slave_0 removed [ 177.175492][ T6890] team_slave_0: entered promiscuous mode [ 177.181596][ T6890] team_slave_1: entered promiscuous mode [ 177.224741][ T6890] macsec1: entered promiscuous mode [ 177.237083][ T6890] team0: entered promiscuous mode [ 177.246968][ T6890] macsec1: entered allmulticast mode [ 177.263680][ T6890] team0: entered allmulticast mode [ 177.273059][ T6890] team_slave_0: entered allmulticast mode [ 177.284676][ T6890] team_slave_1: entered allmulticast mode [ 177.303893][ T6890] team0: left allmulticast mode [ 177.315737][ T6890] team_slave_0: left allmulticast mode [ 177.332228][ T6890] team_slave_1: left allmulticast mode [ 177.367495][ T6890] team0: left promiscuous mode [ 177.373432][ T6890] team_slave_0: left promiscuous mode [ 177.379014][ T6890] team_slave_1: left promiscuous mode [ 178.395512][ T6754] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.418390][ T6754] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.445409][ T6754] bridge_slave_0: entered allmulticast mode [ 178.461264][ T6754] bridge_slave_0: entered promiscuous mode [ 178.516064][ T6754] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.525319][ T6754] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.544192][ T6754] bridge_slave_1: entered allmulticast mode [ 178.557488][ T6754] bridge_slave_1: entered promiscuous mode [ 178.861907][ T6754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 178.951407][ T6754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.931305][ T6754] team0: Port device team_slave_0 added [ 179.978214][ T6754] team0: Port device team_slave_1 added [ 180.140288][ T6754] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 180.186118][ T6754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.244658][ T6754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.300476][ T6754] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 180.307642][ T6754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.379296][ T6754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.560455][ T6676] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.295090][ T6754] hsr_slave_0: entered promiscuous mode [ 181.346700][ T6754] hsr_slave_1: entered promiscuous mode [ 181.407142][ T6754] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 181.451732][ T6754] Cannot create hsr debugfs directory [ 181.769028][ T5872] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 181.969000][ T5872] usb 5-1: Using ep0 maxpacket: 8 [ 181.987042][ T5872] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 182.015809][ T5872] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 182.055877][ T5872] usb 5-1: Product: syz [ 182.075285][ T5872] usb 5-1: Manufacturer: syz [ 182.081364][ T6754] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 182.089687][ T5872] usb 5-1: SerialNumber: syz [ 182.100015][ T6754] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 182.109884][ T5872] usb 5-1: config 0 descriptor?? [ 182.325515][ T6754] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 182.648181][ T6754] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 182.689072][ T5872] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 182.760790][ T6676] veth0_vlan: entered promiscuous mode [ 182.786141][ T6676] veth1_vlan: entered promiscuous mode [ 183.086934][ T6676] veth0_macvtap: entered promiscuous mode [ 183.102119][ T6676] veth1_macvtap: entered promiscuous mode [ 184.303420][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 184.460326][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.472110][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 184.484973][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.499162][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 184.511757][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.525294][ T6676] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 184.603446][ T6977] netlink: 12 bytes leftover after parsing attributes in process `syz.1.295'. [ 184.625907][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.654501][ T6977] netlink: 4 bytes leftover after parsing attributes in process `syz.1.295'. [ 184.672304][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.718843][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.748025][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.772401][ T6676] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 184.861004][ T6676] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.896774][ T5872] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 184.910371][ T6676] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.929113][ T5872] usb 5-1: USB disconnect, device number 6 [ 184.944106][ T6676] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.963218][ T6676] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.137874][ T6989] netlink: 8 bytes leftover after parsing attributes in process `syz.3.298'. [ 185.285895][ T6754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.890589][ T6754] 8021q: adding VLAN 0 to HW filter on device team0 [ 185.918026][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 185.951311][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.089674][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.097819][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 186.155066][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.162501][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 186.326824][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.402592][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.562161][ T6754] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 187.618922][ T6754] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 189.996232][ T6754] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 190.456014][ T7055] syz.1.309: attempt to access beyond end of device [ 190.456014][ T7055] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 190.470573][ T7055] XFS (nbd1): SB validate failed with error -5. [ 191.943094][ T7073] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 192.413760][ T7091] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns [ 193.073538][ T6754] veth0_vlan: entered promiscuous mode [ 193.144763][ T6754] veth1_vlan: entered promiscuous mode [ 193.255583][ T6754] veth0_macvtap: entered promiscuous mode [ 193.302491][ T6754] veth1_macvtap: entered promiscuous mode [ 193.628619][ T6754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.531292][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.546858][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.822615][ T6754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.856111][ T6754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.886248][ T6754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.908483][ T6754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.979165][ T6754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.008846][ T6754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.068616][ T6754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.139786][ T6754] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 195.198667][ T6754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.328350][ T6754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.377641][ T6754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.422051][ T6754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.478867][ T6754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.517443][ T6754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.564388][ T6754] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 195.615706][ T6754] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.678480][ T6754] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.834877][ T6754] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.945482][ T6754] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.784511][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.792791][ T3455] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.811645][ T3455] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.046473][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.117575][ T7144] bridge_slave_0: left allmulticast mode [ 198.144732][ T7144] bridge_slave_0: left promiscuous mode [ 198.159020][ T7144] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.189923][ T7144] bridge_slave_1: left allmulticast mode [ 198.195817][ T7144] bridge_slave_1: left promiscuous mode [ 198.212122][ T7144] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.252263][ T7144] bond0: (slave bond_slave_0): Releasing backup interface [ 198.284222][ T7144] bond0: (slave bond_slave_1): Releasing backup interface [ 198.349685][ T7144] team0: Port device team_slave_0 removed [ 198.384441][ T7144] team0: Port device team_slave_1 removed [ 198.406635][ T7144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.425175][ T7144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 198.454119][ T7144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.478950][ T7144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 202.226678][ T5825] Bluetooth: hci0: command 0x0c1a tx timeout [ 202.236122][ T5825] Bluetooth: hci2: command 0x0406 tx timeout [ 204.917754][ T5830] Bluetooth: hci5: sending frame failed (-49) [ 204.925520][ T5134] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 204.962457][ T5830] Bluetooth: hci6: sending frame failed (-49) [ 204.971701][ T5134] Bluetooth: hci6: Entering manufacturer mode failed (-49) [ 206.791433][ T5134] Bluetooth: hci3: command 0x0406 tx timeout [ 206.898330][ T7240] netlink: 16 bytes leftover after parsing attributes in process `syz.4.346'. [ 207.197575][ T7245] ipvlan2: entered promiscuous mode [ 208.869228][ T7240] syz.4.346 (7240) used greatest stack depth: 18928 bytes left [ 210.844272][ T7281] syz.6.353 (7281): drop_caches: 2 [ 210.939124][ T5831] Bluetooth: hci4: command 0x0401 tx timeout [ 210.945574][ T7265] Bluetooth: hci4: Opcode 0x0401 failed: -110 [ 211.160540][ T7263] sctp: failed to load transform for md5: -2 [ 212.955920][ T5908] IPVS: starting estimator thread 0... [ 212.963825][ T7307] netlink: 16 bytes leftover after parsing attributes in process `syz.1.359'. [ 213.128942][ T7308] IPVS: using max 28 ests per chain, 67200 per kthread [ 213.293730][ T5830] Bluetooth: hci6: sending frame failed (-49) [ 213.302495][ T5134] Bluetooth: hci6: Entering manufacturer mode failed (-49) [ 215.592729][ T5134] Bluetooth: hci5: command 0x1003 tx timeout [ 215.604239][ T5831] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 217.219333][ T7346] netlink: 4 bytes leftover after parsing attributes in process `syz.1.372'. [ 218.447090][ T7365] xt_cluster: you have exceeded the maximum number of cluster nodes (16128 > 32) [ 226.033705][ T5872] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 226.274638][ T5872] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 226.753774][ T5872] usb 5-1: config 0 has no interfaces? [ 226.765077][ T5872] usb 5-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 226.839000][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.850255][ T5872] usb 5-1: config 0 descriptor?? [ 227.051264][ T7423] netlink: 32 bytes leftover after parsing attributes in process `syz.3.380'. [ 227.142190][ T7403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 227.234974][ T7403] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 228.622227][ T5872] usb 5-1: USB disconnect, device number 7 [ 231.545463][ T7463] xt_TPROXY: Can be used only with -p tcp or -p udp [ 233.252992][ T25] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 233.840314][ T7487] block nbd5: NBD_DISCONNECT [ 233.846615][ T7487] block nbd5: Send disconnect failed -22 [ 233.856663][ T7487] input: syz0 as /devices/virtual/input/input7 [ 233.888836][ T25] usb 5-1: config 0 has an invalid interface number: 156 but max is 1 [ 233.897722][ T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 233.918084][ T25] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 233.927466][ T25] usb 5-1: config 0 has no interface number 0 [ 233.942916][ T25] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 233.958317][ T25] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 233.973237][ T7486] block nbd5: Disconnected due to user request. [ 233.977211][ T25] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 233.999277][ T7486] block nbd5: shutting down sockets [ 234.022180][ T25] usb 5-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 234.043768][ T25] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 234.058431][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.561144][ T25] usb 5-1: config 0 descriptor?? [ 234.637913][ T25] usb 5-1: can't set config #0, error -71 [ 234.707857][ T25] usb 5-1: USB disconnect, device number 8 [ 237.338842][ T7515] netlink: 'syz.6.417': attribute type 12 has an invalid length. [ 237.822159][ T7520] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 246.956986][ T7589] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 246.982765][ T7299] Bluetooth: hci5: Frame reassembly failed (-84) [ 246.997161][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 246.997182][ T29] audit: type=1326 audit(1734268843.247:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7593 comm="syz.4.440" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa33c985d19 code=0x0 [ 248.752482][ T7608] netlink: 12 bytes leftover after parsing attributes in process `syz.3.444'. [ 248.893574][ T7612] netlink: 4 bytes leftover after parsing attributes in process `syz.4.445'. [ 249.019396][ T5134] Bluetooth: hci5: command 0x1003 tx timeout [ 249.025847][ T5831] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 250.288839][ T7612] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 250.296487][ T7612] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 250.421406][ T7612] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 250.461439][ T7612] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 250.569364][ T7613] tipc: Started in network mode [ 250.579219][ T7613] tipc: Node identity ac14140f, cluster identity 4711 [ 250.657724][ T7613] tipc: New replicast peer: 255.255.255.255 [ 250.674938][ T7613] tipc: Enabled bearer , priority 10 [ 252.118665][ T974] tipc: Node number set to 2886997007 [ 252.645189][ T29] audit: type=1326 audit(1734268848.887:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7649 comm="syz.5.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 252.773110][ T29] audit: type=1326 audit(1734268848.927:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7649 comm="syz.5.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 252.924732][ T29] audit: type=1326 audit(1734268848.957:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7649 comm="syz.5.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 252.949591][ T29] audit: type=1326 audit(1734268848.967:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7649 comm="syz.5.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 252.980906][ T29] audit: type=1326 audit(1734268848.967:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7649 comm="syz.5.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 253.050422][ T29] audit: type=1326 audit(1734268848.967:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7649 comm="syz.5.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 253.138962][ T29] audit: type=1326 audit(1734268848.967:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7649 comm="syz.5.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 253.195104][ T29] audit: type=1326 audit(1734268848.967:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7649 comm="syz.5.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 253.221507][ T29] audit: type=1326 audit(1734268848.967:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7649 comm="syz.5.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 253.882182][ T29] audit: type=1326 audit(1734268848.967:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7649 comm="syz.5.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 255.914216][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.929889][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.948007][ T7699] capability: warning: `syz.1.466' uses 32-bit capabilities (legacy support in use) [ 259.630454][ T7716] evm: overlay not supported [ 260.851346][ T29] kauditd_printk_skb: 17 callbacks suppressed [ 260.851370][ T29] audit: type=1800 audit(1734268856.227:52): pid=7723 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.474" name="/" dev="fuse" ino=1 res=0 errno=0 [ 262.582581][ T7758] bridge_slave_0: left allmulticast mode [ 262.590759][ T7758] bridge_slave_0: left promiscuous mode [ 262.598303][ T7758] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.811726][ T7758] bridge_slave_1: left allmulticast mode [ 262.835896][ T7758] bridge_slave_1: left promiscuous mode [ 262.892921][ T7758] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.996476][ T7758] bond0: (slave bond_slave_0): Releasing backup interface [ 263.115901][ T7758] bond0: (slave bond_slave_1): Releasing backup interface [ 264.389087][ T7758] team0: Port device team_slave_0 removed [ 264.536342][ T7758] team0: Port device team_slave_1 removed [ 270.218129][ T7805] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 270.288579][ T7805] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 273.848348][ T7838] kvm: requested 30171 ns i8254 timer period limited to 200000 ns [ 273.857801][ T7838] kvm: requested 31847 ns i8254 timer period limited to 200000 ns [ 273.865973][ T7838] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 273.874259][ T7838] kvm: requested 71238 ns i8254 timer period limited to 200000 ns [ 273.883230][ T7838] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 273.891530][ T7838] kvm: requested 182704 ns i8254 timer period limited to 200000 ns [ 273.899891][ T7838] kvm: requested 1676 ns i8254 timer period limited to 200000 ns [ 274.769774][ T29] audit: type=1326 audit(1734268871.007:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7845 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 275.248927][ T29] audit: type=1326 audit(1734268871.007:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7845 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 275.292996][ T29] audit: type=1326 audit(1734268871.017:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7845 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 275.377283][ T29] audit: type=1326 audit(1734268871.017:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7845 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 275.419301][ T29] audit: type=1326 audit(1734268871.017:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7845 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 275.470634][ T29] audit: type=1326 audit(1734268871.017:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7845 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 275.532284][ T29] audit: type=1326 audit(1734268871.027:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7845 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 275.647717][ T29] audit: type=1326 audit(1734268871.027:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7845 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 275.709698][ T29] audit: type=1326 audit(1734268871.497:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7845 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 275.736846][ T29] audit: type=1326 audit(1734268871.497:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7845 comm="syz.3.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 275.815809][ T7864] kvm: pic: single mode not supported [ 275.815836][ T7864] kvm: pic: level sensitive irq not supported [ 276.324692][ T46] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 277.284296][ T7881] Process accounting resumed [ 277.343409][ T46] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 277.375108][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 277.387293][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 277.398869][ T46] usb 5-1: New USB device found, idVendor=056a, idProduct=00c6, bcdDevice= 0.00 [ 277.409180][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.435131][ T46] usb 5-1: config 0 descriptor?? [ 277.583939][ T7886] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 278.053204][ T46] wacom 0003:056A:00C6.0002: unknown main item tag 0x0 [ 278.165013][ T46] wacom 0003:056A:00C6.0002: unknown main item tag 0x0 [ 278.294316][ T46] wacom 0003:056A:00C6.0002: unknown main item tag 0x0 [ 278.304639][ T5831] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 278.521474][ T46] wacom 0003:056A:00C6.0002: unknown main item tag 0x0 [ 278.528441][ T46] wacom 0003:056A:00C6.0002: unknown main item tag 0x0 [ 278.541386][ T46] wacom 0003:056A:00C6.0002: hidraw0: USB HID vff.fe Device [HID 056a:00c6] on usb-dummy_hcd.4-1/input0 [ 278.596614][ T5869] usb 5-1: USB disconnect, device number 9 [ 280.339112][ T7909] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.529'. [ 280.418972][ T7903] netlink: 4093 bytes leftover after parsing attributes in process `syz.1.529'. [ 283.987335][ T5134] Bluetooth: hci4: command 0x0401 tx timeout [ 287.046430][ T7993] warning: `syz.5.556' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 287.129991][ T5869] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 287.310648][ T5869] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 287.345014][ T5869] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 287.366246][ T5869] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.378341][ T5869] usb 7-1: config 0 descriptor?? [ 287.407219][ T5869] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 290.019050][ T46] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 290.540611][ T974] usb 7-1: USB disconnect, device number 2 [ 290.625770][ T46] usb 6-1: config 14 has an invalid interface number: 41 but max is 1 [ 290.858988][ T46] usb 6-1: config 14 has an invalid interface number: 170 but max is 1 [ 291.324782][ T46] usb 6-1: config 14 has an invalid descriptor of length 0, skipping remainder of the config [ 291.418017][ T46] usb 6-1: config 14 has no interface number 0 [ 291.426477][ T46] usb 6-1: config 14 has no interface number 1 [ 291.434121][ T46] usb 6-1: config 14 interface 41 altsetting 6 has an endpoint descriptor with address 0x58, changing to 0x8 [ 291.447277][ T46] usb 6-1: config 14 interface 41 altsetting 6 has a duplicate endpoint with address 0x8, skipping [ 291.472181][ T46] usb 6-1: config 14 interface 41 altsetting 6 has an invalid descriptor for endpoint zero, skipping [ 291.534235][ T46] usb 6-1: config 14 interface 41 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0 [ 291.553021][ T46] usb 6-1: config 14 interface 170 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 8 [ 291.584146][ T46] usb 6-1: config 14 interface 41 has no altsetting 0 [ 291.682850][ T46] usb 6-1: string descriptor 0 read error: -22 [ 291.697746][ T46] usb 6-1: New USB device found, idVendor=0bfd, idProduct=0004, bcdDevice=97.d0 [ 291.774868][ T46] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.802682][ T8033] hub 2-0:1.0: USB hub found [ 291.818489][ T8033] hub 2-0:1.0: 1 port detected [ 292.483671][ T46] usb 6-1: can't set config #14, error -71 [ 292.518569][ T46] usb 6-1: USB disconnect, device number 2 [ 294.346829][ T8061] syz.4.575 (8061): /proc/8061/oom_adj is deprecated, please use /proc/8061/oom_score_adj instead. [ 294.779274][ T5134] Bluetooth: hci1: command tx timeout [ 295.329064][ T8069] netlink: 'syz.4.577': attribute type 12 has an invalid length. [ 295.999901][ T8074] netlink: 1264 bytes leftover after parsing attributes in process `syz.1.580'. [ 300.057339][ T8113] mac80211_hwsim hwsim13 wlan1: entered allmulticast mode [ 300.164973][ T8115] Trying to write to read-only block-device nullb0 [ 300.201415][ T8113] netlink: 'syz.5.591': attribute type 10 has an invalid length. [ 300.241519][ T8115] nullb0: [POWERTEC] p1 [ 300.262566][ T8113] mac80211_hwsim hwsim13 wlan1: left allmulticast mode [ 304.025994][ T8160] Bluetooth: MGMT ver 1.23 [ 307.656007][ T8186] netlink: 'syz.5.611': attribute type 12 has an invalid length. [ 311.197066][ T8] IPVS: starting estimator thread 0... [ 311.498843][ T8214] IPVS: using max 19 ests per chain, 45600 per kthread [ 314.094140][ T8226] netlink: 32 bytes leftover after parsing attributes in process `syz.6.622'. [ 314.103903][ T8226] netlink: 124 bytes leftover after parsing attributes in process `syz.6.622'. [ 314.123185][ T8226] netlink: 508 bytes leftover after parsing attributes in process `syz.6.622'. [ 314.641950][ T8241] netlink: 4 bytes leftover after parsing attributes in process `syz.6.625'. [ 314.838916][ T5869] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 314.876881][ T8246] [U]  [ 315.931092][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 315.959170][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 316.011683][ T5869] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 316.054754][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.294654][ T5869] usb 2-1: config 0 descriptor?? [ 317.128914][ T5869] usbhid 2-1:0.0: can't add hid device: -71 [ 317.134956][ T5869] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 317.175269][ T8251] netlink: 88 bytes leftover after parsing attributes in process `syz.3.628'. [ 317.211300][ T5869] usb 2-1: USB disconnect, device number 3 [ 317.344991][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.351930][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.620585][ T8277] vlan2: entered promiscuous mode [ 317.625896][ T8277] vlan2: entered allmulticast mode [ 317.633652][ T8277] hsr_slave_1: entered allmulticast mode [ 317.826020][ T8277] netlink: 4 bytes leftover after parsing attributes in process `syz.6.634'. [ 318.921719][ T8277] hsr_slave_1 (unregistering): left allmulticast mode [ 318.986458][ T8277] hsr_slave_1 (unregistering): left promiscuous mode [ 322.328802][ T5908] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 322.539008][ T5908] usb 2-1: Using ep0 maxpacket: 8 [ 322.555984][ T5908] usb 2-1: config 0 has an invalid interface number: 176 but max is 2 [ 322.577967][ T5908] usb 2-1: config 0 has no interface number 1 [ 322.833870][ T5908] usb 2-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac [ 323.114122][ T5908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.191342][ T5908] usb 2-1: config 0 descriptor?? [ 323.465909][ T5908] qcserial 2-1:0.2: Qualcomm USB modem converter detected [ 323.905492][ T5900] usb 2-1: USB disconnect, device number 4 [ 323.916719][ T5900] qcserial 2-1:0.2: device disconnected [ 326.908121][ T8376] netlink: 'syz.6.665': attribute type 4 has an invalid length. [ 327.137913][ T8385] netlink: 47 bytes leftover after parsing attributes in process `syz.5.667'. [ 327.258866][ T5900] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 327.431057][ T5900] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 327.448912][ T5900] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 327.462493][ T5900] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 327.479180][ T5900] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 327.487648][ T5900] usb 7-1: SerialNumber: syz [ 327.865183][ T5900] usb 7-1: cannot find UAC_HEADER [ 327.949708][ T8] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 328.052587][ T5900] snd-usb-audio 7-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 328.103441][ T5900] usb 7-1: USB disconnect, device number 3 [ 328.120740][ T8] usb 6-1: config 0 has no interfaces? [ 328.136274][ T8] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 328.178943][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.190880][ T8] usb 6-1: config 0 descriptor?? [ 328.299721][ T6021] udevd[6021]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 328.654873][ T5900] usb 6-1: USB disconnect, device number 3 [ 330.783729][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 330.783749][ T29] audit: type=1326 audit(1734268927.037:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8406 comm="syz.1.675" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7611185d19 code=0x0 [ 332.641991][ T8431] syzkaller0: entered promiscuous mode [ 332.656280][ T8431] syzkaller0: entered allmulticast mode [ 335.259196][ T5869] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 335.430997][ T5869] usb 2-1: Using ep0 maxpacket: 16 [ 335.471533][ T5869] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 335.537660][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 335.653326][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 335.679630][ T5869] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 335.695146][ T5869] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 335.745335][ T5869] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 335.779331][ T5869] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 335.898073][ T5869] usb 2-1: Manufacturer: syz [ 335.999692][ T5869] usb 2-1: config 0 descriptor?? [ 336.779100][ T5869] rc_core: IR keymap rc-hauppauge not found [ 336.802875][ T5869] Registered IR keymap rc-empty [ 337.014358][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 337.079050][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 337.820848][ T5869] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 338.189902][ T5869] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input11 [ 338.231696][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 338.313310][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 338.360412][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 338.462629][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 338.515009][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 338.578820][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 338.785751][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 339.703980][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 339.798793][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 339.829695][ T5869] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 339.876218][ T5869] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 339.906313][ T5869] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 340.924149][ T5869] usb 2-1: USB disconnect, device number 5 [ 345.154806][ T29] audit: type=1326 audit(1734268941.387:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8556 comm="syz.3.719" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x0 [ 352.343209][ T5869] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 352.709336][ T8617] xt_NFQUEUE: number of queues (1280) out of range (got 65792) [ 353.431765][ T5869] usb 7-1: Using ep0 maxpacket: 16 [ 353.763037][ T5869] usb 7-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 353.775463][ T5869] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 353.783886][ T5869] usb 7-1: Product: syz [ 353.788098][ T5869] usb 7-1: Manufacturer: syz [ 353.797483][ T5869] usb 7-1: SerialNumber: syz [ 353.894299][ T5869] usb 7-1: config 0 descriptor?? [ 353.934752][ T5869] usb 7-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 354.775196][ T3497] usb 7-1: Failed to submit usb control message: -71 [ 354.806022][ T46] usb 7-1: USB disconnect, device number 4 [ 354.840976][ T3497] usb 7-1: unable to send the bmi data to the device: -71 [ 354.898794][ T3497] usb 7-1: unable to get target info from device [ 354.937248][ T3497] usb 7-1: could not get target info (-71) [ 355.049096][ T3497] usb 7-1: could not probe fw (-71) [ 358.843182][ T5134] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 358.851909][ T5134] Bluetooth: hci1: Injecting HCI hardware error event [ 358.904390][ T5134] Bluetooth: hci1: hardware error 0x00 [ 361.319081][ T5134] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 362.099203][ T8679] random: crng reseeded on system resumption [ 364.715850][ T8695] block device autoloading is deprecated and will be removed. [ 364.869316][ T8695] syz.1.751: attempt to access beyond end of device [ 364.869316][ T8695] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 370.757428][ T8741] netlink: 24 bytes leftover after parsing attributes in process `syz.4.764'. [ 370.802780][ T8741] netlink: 24 bytes leftover after parsing attributes in process `syz.4.764'. [ 373.337061][ T8757] xt_l2tp: missing protocol rule (udp|l2tpip) [ 378.836951][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.845633][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.856436][ T8823] netlink: 72 bytes leftover after parsing attributes in process `syz.6.788'. [ 385.387781][ T8848] ecryptfs: Unknown parameter '/dev/sr0' [ 387.509630][ T8858] Attempt to restore checkpoint with obsolete wellknown handles [ 387.808939][ T5909] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 387.968826][ T5909] usb 5-1: Using ep0 maxpacket: 16 [ 388.018103][ T5909] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 388.049902][ T5909] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 388.094322][ T5909] usb 5-1: New USB device found, idVendor=0b43, idProduct=0003, bcdDevice= 0.00 [ 388.127741][ T5909] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 388.156548][ T5909] usb 5-1: config 0 descriptor?? [ 389.227213][ T5909] smartjoyplus 0003:0B43:0003.0003: unknown main item tag 0x0 [ 389.238795][ T5909] smartjoyplus 0003:0B43:0003.0003: unknown main item tag 0x0 [ 389.246485][ T5909] smartjoyplus 0003:0B43:0003.0003: unknown main item tag 0x0 [ 389.294031][ T5909] smartjoyplus 0003:0B43:0003.0003: unknown main item tag 0x0 [ 389.303473][ T5909] smartjoyplus 0003:0B43:0003.0003: unknown main item tag 0x0 [ 389.336217][ T5909] smartjoyplus 0003:0B43:0003.0003: hidraw0: USB HID v0.00 Device [HID 0b43:0003] on usb-dummy_hcd.4-1/input0 [ 389.376911][ T5909] smartjoyplus 0003:0B43:0003.0003: no output reports found [ 389.565030][ T5872] usb 5-1: USB disconnect, device number 10 [ 392.005529][ T8906] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 395.978792][ T974] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 396.182306][ T974] usb 7-1: Using ep0 maxpacket: 32 [ 396.241500][ T974] usb 7-1: config 67 has too many interfaces: 229, using maximum allowed: 32 [ 396.424536][ T974] usb 7-1: config 67 has 1 interface, different from the descriptor's value: 229 [ 396.962163][ T974] usb 7-1: config 67 has no interface number 0 [ 397.534185][ T974] usb 7-1: string descriptor 0 read error: -71 [ 397.552120][ T974] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 397.595518][ T974] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 397.625619][ T974] usb 7-1: can't set config #67, error -71 [ 397.653902][ T974] usb 7-1: USB disconnect, device number 5 [ 398.750264][ T8966] PKCS7: Unknown OID: [4] 2.19.13055.170809666(bad) [ 398.757483][ T29] audit: type=1326 audit(1734268994.997:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8964 comm="syz.6.827" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0cec385d19 code=0x0 [ 398.757628][ T8966] PKCS7: Only support pkcs7_signedData type [ 398.778481][ C0] vkms_vblank_simulate: vblank timer overrun [ 400.266577][ T8999] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 400.273478][ T8999] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 400.309064][ T8999] vhci_hcd vhci_hcd.0: Device attached [ 400.325582][ T9002] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 400.349956][ T8999] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 400.381334][ T8999] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 400.398450][ T8999] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 400.420970][ T8999] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 400.435744][ T8999] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 400.462739][ T8999] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 400.493344][ T8999] vhci_hcd vhci_hcd.0: port 0 already used [ 400.508891][ T5908] vhci_hcd: vhci_device speed not set [ 400.608780][ T5908] usb 39-1: new full-speed USB device number 2 using vhci_hcd [ 400.682222][ T9009] netlink: 8 bytes leftover after parsing attributes in process `syz.6.836'. [ 401.024758][ T9000] vhci_hcd: connection reset by peer [ 401.038549][ T3497] vhci_hcd: stop threads [ 401.085604][ T3497] vhci_hcd: release socket [ 401.093891][ T3497] vhci_hcd: disconnect device [ 401.481185][ T9021] 9pnet_fd: Insufficient options for proto=fd [ 402.331392][ T9027] ipvlan2: entered promiscuous mode [ 402.923692][ T9035] Cannot find set identified by id 0 to match [ 405.728808][ T5908] vhci_hcd: vhci_device speed not set [ 406.087976][ T9050] kexec: Could not allocate control_code_buffer [ 408.443261][ T9073] netlink: 24 bytes leftover after parsing attributes in process `syz.5.856'. [ 408.524413][ T9074] netlink: 24 bytes leftover after parsing attributes in process `syz.5.856'. [ 409.736281][ T9083] tipc: Failed to remove unknown binding: 66,2,2/2886997007:1007357858/1007357862 [ 410.642907][ T9092] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 410.657105][ T9092] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 415.944578][ T9128] hub 2-0:1.0: USB hub found [ 415.950516][ T9128] hub 2-0:1.0: 1 port detected [ 417.108430][ T9132] netlink: 4 bytes leftover after parsing attributes in process `syz.6.873'. [ 417.152671][ T9133] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 0, id = 0 [ 417.169259][ T9134] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 0, id = 1 [ 417.449873][ T9136] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 0, id = 2 [ 417.460727][ T9138] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 0, id = 3 [ 417.586336][ T9132] netlink: 4 bytes leftover after parsing attributes in process `syz.6.873'. [ 421.617273][ T9171] netlink: 4 bytes leftover after parsing attributes in process `syz.4.880'. [ 428.988211][ T9218] netlink: 12 bytes leftover after parsing attributes in process `syz.4.894'. [ 429.506434][ T9232] xt_TPROXY: Can be used only with -p tcp or -p udp [ 430.527997][ T9241] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 430.534599][ T9241] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 430.580466][ T9241] vhci_hcd vhci_hcd.0: Device attached [ 430.637525][ T9240] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(7) [ 430.644107][ T9240] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 430.651870][ T9240] vhci_hcd vhci_hcd.0: Device attached [ 431.880788][ T5909] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 432.338775][ T9242] vhci_hcd: connection reset by peer [ 432.343615][ T9246] vhci_hcd: connection closed [ 432.346791][ T3497] vhci_hcd: stop threads [ 432.368459][ T3497] vhci_hcd: release socket [ 432.381962][ T9253] netlink: 4 bytes leftover after parsing attributes in process `syz.4.900'. [ 432.411236][ T3497] vhci_hcd: disconnect device [ 432.422703][ T3497] vhci_hcd: stop threads [ 432.427145][ T3497] vhci_hcd: release socket [ 433.362147][ T3497] vhci_hcd: disconnect device [ 436.060449][ T9279] overlayfs: failed to get index nlink (file1/bus, err=-61) [ 438.150564][ T5909] vhci_hcd: vhci_device speed not set [ 440.239763][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.619140][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.007243][ T29] audit: type=1326 audit(1734269037.157:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9309 comm="syz.6.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 441.131852][ T29] audit: type=1326 audit(1734269037.167:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9309 comm="syz.6.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 441.223433][ T29] audit: type=1326 audit(1734269037.287:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9309 comm="syz.6.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 441.244797][ C0] vkms_vblank_simulate: vblank timer overrun [ 441.393737][ T29] audit: type=1326 audit(1734269037.287:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9309 comm="syz.6.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 441.508775][ T29] audit: type=1326 audit(1734269037.287:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9309 comm="syz.6.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 441.648084][ T29] audit: type=1326 audit(1734269037.287:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9309 comm="syz.6.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 441.764345][ T9325] syz.4.921 (9325) used greatest stack depth: 16912 bytes left [ 441.799171][ T29] audit: type=1326 audit(1734269037.287:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9309 comm="syz.6.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 441.901542][ T29] audit: type=1326 audit(1734269037.287:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9309 comm="syz.6.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 442.017773][ T29] audit: type=1326 audit(1734269037.297:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9309 comm="syz.6.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 442.052897][ T29] audit: type=1326 audit(1734269037.297:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9309 comm="syz.6.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 453.356189][ T9398] netlink: 4 bytes leftover after parsing attributes in process `syz.4.941'. [ 453.377179][ T9396] team0: Port device virt_wifi0 added [ 456.984998][ T9429] netlink: 104 bytes leftover after parsing attributes in process `syz.4.952'. [ 457.018991][ T8] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 457.194195][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 457.531538][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6 [ 457.782053][ T8] usb 2-1: New USB device found, idVendor=28bd, idProduct=1903, bcdDevice= 0.00 [ 457.829010][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.843681][ T8] usb 2-1: config 0 descriptor?? [ 458.092782][ T8] usbhid 2-1:0.0: can't add hid device: -71 [ 458.099613][ T8] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 458.122111][ T8] usb 2-1: USB disconnect, device number 6 [ 461.230024][ T9457] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 461.370797][ T9461] netlink: 128 bytes leftover after parsing attributes in process `syz.6.962'. [ 461.383266][ T9461] netlink: 20 bytes leftover after parsing attributes in process `syz.6.962'. [ 462.412107][ T9477] hsr0: entered promiscuous mode [ 462.427166][ T9477] hsr0: left promiscuous mode [ 464.147975][ T9496] loop7: detected capacity change from 0 to 16384 [ 464.371322][ T9501] loop7: detected capacity change from 16384 to 0 [ 464.554779][ T29] kauditd_printk_skb: 26 callbacks suppressed [ 464.554800][ T29] audit: type=1800 audit(1734269060.807:117): pid=9512 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.977" name="bus" dev="overlay" ino=775 res=0 errno=0 [ 467.826694][ T9539] netlink: 4 bytes leftover after parsing attributes in process `syz.5.983'. [ 473.254548][ T9559] proc: Bad value for 'gid' [ 473.546255][ T9567] fuse: Bad value for 'fd' [ 474.189089][ T5900] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 475.578010][ T9591] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 476.344447][ T9602] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode [ 476.827817][ T9607] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 477.212505][ T9607] kvm: pic: single mode not supported [ 477.212626][ T9607] kvm: pic: non byte read [ 477.355058][ T9607] kvm: pic: level sensitive irq not supported [ 477.358693][ T9607] kvm: pic: non byte read [ 479.447164][ C1] Unknown status report in ack skb [ 480.049305][ T9637] binder: 9632:9637 ioctl c0306201 20000680 returned -14 [ 480.293169][ T9636] 9pnet_fd: p9_fd_create_tcp (9636): problem connecting socket to 127.0.0.1 [ 482.298716][ T5872] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 482.673206][ T5872] usb 5-1: unable to get BOS descriptor or descriptor too short [ 482.716306][ T5872] usb 5-1: no configurations [ 482.734615][ T5872] usb 5-1: can't read configurations, error -22 [ 482.758299][ T9665] cgroup: fork rejected by pids controller in /syz6 [ 486.265735][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 486.354543][ T9912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1022'. [ 486.568492][ T9912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1022'. [ 488.618853][ T5872] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 488.779183][ T5872] usb 2-1: Using ep0 maxpacket: 8 [ 488.818843][ T5872] usb 2-1: config 0 has an invalid interface number: 143 but max is 0 [ 488.827073][ T5872] usb 2-1: config 0 has no interface number 0 [ 488.876647][ T5872] usb 2-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b [ 488.903260][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.930824][ T5872] usb 2-1: config 0 descriptor?? [ 489.059588][ T5872] viperboard 2-1:0.143: version 0.00 found at bus 002 address 007 [ 489.916596][ T5872] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100 [ 489.925630][ T5872] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5 [ 490.091002][ T5872] usb 2-1: USB disconnect, device number 7 [ 490.317388][ T9945] kvm: pic: level sensitive irq not supported [ 490.317487][ T9945] kvm: pic: single mode not supported [ 490.669693][ T9948] can0: slcan on ttyS3. [ 491.486025][ T9942] can0 (unregistered): slcan off ttyS3. [ 493.437571][ T9965] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1036'. [ 494.388749][ T5872] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 495.279030][ T5872] usb 5-1: Using ep0 maxpacket: 8 [ 495.312168][ T5872] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 495.388743][ T5872] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 495.407243][ T5872] usb 5-1: Product: syz [ 495.417736][ T5872] usb 5-1: Manufacturer: syz [ 495.427558][ T5872] usb 5-1: SerialNumber: syz [ 495.453722][ T5872] usb 5-1: config 0 descriptor?? [ 495.640279][ T9997] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1047'. [ 495.750967][ T9998] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1047'. [ 495.770744][ T5872] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 498.275807][ T5872] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 498.329395][ T5872] usb 5-1: USB disconnect, device number 13 [ 500.114243][T10026] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 500.137632][T10029] xt_TPROXY: Can be used only with -p tcp or -p udp [ 501.709617][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.716309][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 503.565545][ T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 503.910382][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 503.922444][ T25] usb 2-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 504.550843][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 504.564540][ T25] usb 2-1: config 0 descriptor?? [ 505.055188][ T25] magicmouse 0003:05AC:0265.0004: unknown main item tag 0x5 [ 505.324741][ T25] magicmouse 0003:05AC:0265.0004: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.1-1/input0 [ 505.540122][ T25] usb 2-1: USB disconnect, device number 8 [ 506.655881][T10093] rtc_cmos 00:00: Alarms can be up to one day in the future [ 508.882082][T10098] 9p: Unknown Cache mode or invalid value l [ 509.142062][ T29] audit: type=1804 audit(1734269105.397:118): pid=10102 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.5.1076" name="/newroot/161/bus/file0" dev="overlay" ino=888 res=1 errno=0 [ 510.338751][T10043] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 511.510518][T10043] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 511.520964][T10043] usb 2-1: New USB device found, idVendor=04d5, idProduct=0001, bcdDevice= 0.00 [ 511.533596][T10043] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.552899][T10043] usb 2-1: config 0 descriptor?? [ 511.571451][T10043] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 511.866512][T10043] usb 2-1: USB disconnect, device number 9 [ 515.411219][ T25] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 515.584840][T10158] block device autoloading is deprecated and will be removed. [ 516.674650][ T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 517.659484][ T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 517.805136][T10173] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 517.813341][T10173] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 517.824348][T10173] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 517.832282][T10173] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 518.658728][ T25] usb 5-1: string descriptor 0 read error: -71 [ 518.665242][ T25] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 518.680966][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 519.128226][ T25] usb 5-1: can't set config #1, error -71 [ 519.159043][ T25] usb 5-1: USB disconnect, device number 14 [ 520.785237][T10191] veth3: entered promiscuous mode [ 520.790580][T10191] veth3: entered allmulticast mode [ 522.455692][T10200] cgroup: fork rejected by pids controller in /syz3 [ 522.478754][ T9] usb 5-1: new full-speed USB device number 15 using dummy_hcd [ 522.647384][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 522.679861][ T9] usb 5-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 522.927707][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 522.941898][ T9] usb 5-1: config 0 descriptor?? [ 523.253835][T10245] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1106'. [ 523.290983][T10245] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1106'. [ 523.337937][T10246] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1106'. [ 523.379790][T10246] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1106'. [ 523.391024][ T9] holtek 0003:1241:5015.0005: item fetching failed at offset 1/3 [ 523.402192][T10246] netlink: 'syz.1.1106': attribute type 1 has an invalid length. [ 523.429635][ T9] holtek 0003:1241:5015.0005: parse failed [ 523.435572][ T9] holtek 0003:1241:5015.0005: probe with driver holtek failed with error -22 [ 523.439660][T10246] nbd: error processing sock list [ 523.621729][ T9] usb 5-1: USB disconnect, device number 15 [ 531.367899][T10308] xt_nat: multiple ranges no longer supported [ 537.347568][T10361] ip6gretap0: entered promiscuous mode [ 537.387898][T10361] batadv_slave_0: entered promiscuous mode [ 537.928318][T10372] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1140'. [ 539.337920][T10382] sctp: [Deprecated]: syz.3.1142 (pid 10382) Use of int in maxseg socket option. [ 539.337920][T10382] Use struct sctp_assoc_value instead [ 539.359371][ T5872] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 540.150241][ T5872] usb 2-1: config 0 has an invalid interface number: 242 but max is 0 [ 540.158713][ T5872] usb 2-1: config 0 has no interface number 0 [ 540.164931][ T5872] usb 2-1: config 0 interface 242 has no altsetting 0 [ 540.181102][ T5872] usb 2-1: New USB device found, idVendor=2c7c, idProduct=0125, bcdDevice=51.ba [ 540.190919][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 540.199719][ T5872] usb 2-1: Product: syz [ 540.204022][ T5872] usb 2-1: Manufacturer: syz [ 540.212235][ T5872] usb 2-1: SerialNumber: syz [ 540.410293][ T5872] usb 2-1: config 0 descriptor?? [ 540.564765][T10388] bridge1: entered allmulticast mode [ 542.952684][T10400] overlayfs: failed to get inode (-116) [ 542.979505][T10400] overlayfs: failed to look up (file0) for ino (-116) [ 543.094541][ T5872] qmi_wwan 2-1:0.242: probe with driver qmi_wwan failed with error -22 [ 543.129189][ T9601] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 543.148601][ T5872] usb 2-1: USB disconnect, device number 10 [ 543.605030][ T9601] usb 6-1: device descriptor read/64, error -71 [ 547.424424][T10419] kvm: kvm [10418]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 547.555631][T10419] kvm: kvm [10418]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 552.832598][T10476] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 556.250707][T10503] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1177'. [ 559.211948][T10536] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 559.219812][T10536] IPv6: NLM_F_CREATE should be set when creating new route [ 559.227091][T10536] IPv6: NLM_F_CREATE should be set when creating new route [ 559.234367][T10536] IPv6: NLM_F_CREATE should be set when creating new route [ 560.813719][T10612] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1191'. [ 560.824950][T10612] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1191'. [ 560.835494][T10612] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1191'. [ 563.329230][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.335588][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 566.276361][ T9] hid (null): unknown global tag 0xd [ 566.288869][ T9] hid (null): invalid report_count -437012996 [ 566.295036][ T9] hid (null): unknown global tag 0xd [ 567.256920][T10648] tipc: Started in network mode [ 567.302825][T10648] tipc: Node identity 4, cluster identity 4711 [ 568.235736][T10648] tipc: Node number set to 4 [ 568.409896][ T9] hid-generic 0081:0000:0006.0006: unexpected long global item [ 568.418622][ T9] hid-generic 0081:0000:0006.0006: probe with driver hid-generic failed with error -22 [ 574.740578][T10719] netlink: 'syz.3.1219': attribute type 1 has an invalid length. [ 579.104487][T10747] binder: 10739:10747 ioctl c0306201 20000680 returned -14 [ 580.099510][T10761] CIFS mount error: No usable UNC path provided in device string! [ 580.099510][T10761] [ 580.109742][T10761] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 593.427317][ T9601] IPVS: starting estimator thread 0... [ 594.068728][T10859] IPVS: using max 21 ests per chain, 50400 per kthread [ 597.089244][T10886] input: syz0 as /devices/virtual/input/input12 [ 597.267918][T10886] netlink: 'syz.1.1265': attribute type 1 has an invalid length. [ 597.290808][T10890] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 597.291098][T10886] netlink: 83992 bytes leftover after parsing attributes in process `syz.1.1265'. [ 599.601902][T10913] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0 [ 600.209852][ T29] audit: type=1804 audit(1734269196.467:119): pid=10916 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.1273" name="/newroot/259/bus/bus" dev="overlay" ino=1481 res=1 errno=0 [ 600.301042][T10920] x_tables: ip_tables: ah match: only valid for protocol 51 [ 600.364143][ T29] audit: type=1326 audit(1734269196.617:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10921 comm="syz.6.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 600.450120][ T29] audit: type=1326 audit(1734269196.647:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10921 comm="syz.6.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 600.558669][ T29] audit: type=1326 audit(1734269196.657:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10921 comm="syz.6.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 600.694394][ T29] audit: type=1326 audit(1734269196.657:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10921 comm="syz.6.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 600.831025][ T29] audit: type=1326 audit(1734269196.657:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10921 comm="syz.6.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 601.073527][ T29] audit: type=1326 audit(1734269196.657:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10921 comm="syz.6.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 601.640328][T10930] syz.3.1277 (10930): drop_caches: 2 [ 601.692597][ T29] audit: type=1326 audit(1734269196.667:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10921 comm="syz.6.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 601.797859][ T29] audit: type=1326 audit(1734269196.667:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10921 comm="syz.6.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 601.989678][ T29] audit: type=1326 audit(1734269196.667:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10921 comm="syz.6.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0cec385d19 code=0x7ffc0000 [ 602.754857][T10948] Bluetooth: MGMT ver 1.23 [ 606.595080][T10956] vlan2: entered promiscuous mode [ 606.629025][T10956] vlan2: entered allmulticast mode [ 606.660635][T10956] hsr_slave_1: entered allmulticast mode [ 606.669177][T10960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1286'. [ 606.977345][T10963] kvm: kvm [10962]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x34500000800 [ 607.025390][T10963] kvm: kvm [10962]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x34600000000 [ 607.074431][T10963] kvm: kvm [10962]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x47e00000000 [ 607.089046][T10960] hsr_slave_1 (unregistering): left allmulticast mode [ 607.117123][T10963] kvm: kvm [10962]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x64e00000000 [ 607.160539][T10963] kvm: kvm [10962]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x64f00000800 [ 607.223210][T10960] hsr_slave_1 (unregistering): left promiscuous mode [ 607.438597][T10974] block nbd1: shutting down sockets [ 607.865935][T10983] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 608.808196][T10986] pim6reg: entered allmulticast mode [ 608.849831][T10986] pim6reg: left allmulticast mode [ 609.989723][T10998] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1297'. [ 610.045473][T10998] bridge0: entered promiscuous mode [ 610.052071][T10998] macvtap1: entered promiscuous mode [ 610.058334][T10998] macvtap1: entered allmulticast mode [ 610.066985][T10998] bridge0: entered allmulticast mode [ 610.121120][T11000] macvtap1: left promiscuous mode [ 610.147088][T11000] macvtap1: left allmulticast mode [ 610.166248][T11000] bridge0: left allmulticast mode [ 611.646632][T11011] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 611.656456][T11011] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 611.665885][T11011] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 611.675643][T11011] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 612.253120][T11011] team0: Port device vxlan0 added [ 615.486056][T11042] syz.5.1310: attempt to access beyond end of device [ 615.486056][T11042] nbd5: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 615.501411][T11042] gfs2: error -5 reading superblock [ 615.992647][T11043] openvswitch: netlink: Missing valid actions attribute. [ 616.001860][T11043] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 618.362770][T11066] hub 6-0:1.0: USB hub found [ 618.368952][T11066] hub 6-0:1.0: 1 port detected [ 620.788684][ T8] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 620.963097][ T8] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 512, setting to 64 [ 621.013651][ T8] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 621.057065][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 621.096702][ T8] usb 6-1: Product: syz [ 621.756124][ T8] usb 6-1: Manufacturer: syz [ 622.024850][ T8] usb 6-1: SerialNumber: syz [ 622.121871][T11073] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 622.962623][ T8] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 623.074726][ T8] usb 6-1: USB disconnect, device number 6 [ 623.120257][ T8] usblp0: removed [ 624.659361][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.665907][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.883840][T11167] binder: 11159:11167 ioctl c0306201 20000680 returned -14 [ 629.854631][T11194] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 630.230941][T11197] bond0: entered promiscuous mode [ 631.231700][T11204] mac80211_hwsim hwsim3 syzkaller0: left allmulticast mode [ 634.220835][T11227] vlan2: entered promiscuous mode [ 634.248009][T11227] bridge0: entered promiscuous mode [ 634.317089][T11227] team0: Port device vlan2 added [ 634.614151][T11238] debugfs: Directory 'netdev:nicvf0' with parent 'phy3' already present! [ 636.470263][T11248] netlink: 'syz.5.1354': attribute type 32 has an invalid length. [ 636.633081][T11248] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1354'. [ 636.744298][T11248] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 638.752684][T11268] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 641.600830][T11290] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 642.695631][T11302] netlink: 'syz.1.1368': attribute type 10 has an invalid length. [ 642.731114][T11298] bridge0: port 2(bridge_slave_1) entered disabled state [ 642.771932][T11298] bridge0: port 1(bridge_slave_0) entered disabled state [ 646.351518][T11333] block nbd5: not configured, cannot reconfigure [ 649.445187][T11355] overlayfs: failed to get inode (-116) [ 649.481842][T11355] overlayfs: failed to get inode (-116) [ 653.198809][T11381] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1393'. [ 653.208133][T11381] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1393'. [ 653.237499][T11381] bridge0: entered promiscuous mode [ 653.249147][T11381] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 653.256779][T11381] Cannot create hsr debugfs directory [ 653.267801][T11381] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 653.285816][T11381] hsr1: Slave B (bridge0) is not up; please bring it up to get a fully working HSR network [ 655.143390][T11392] vlan3: entered promiscuous mode [ 655.179885][T11392] team_slave_0: entered promiscuous mode [ 655.186226][T11392] team_slave_1: entered promiscuous mode [ 655.248875][T11392] team0: entered promiscuous mode [ 655.311018][T11392] team0: left promiscuous mode [ 655.365323][T11392] team_slave_0: left promiscuous mode [ 655.371269][T11392] team_slave_1: left promiscuous mode [ 665.841494][T11488] syz.1.1421: attempt to access beyond end of device [ 665.841494][T11488] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 665.886515][ T29] kauditd_printk_skb: 33 callbacks suppressed [ 665.886548][ T29] audit: type=1326 audit(1734269262.087:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11481 comm="syz.6.1422" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0cec385d19 code=0x0 [ 666.518761][ T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 666.557286][T11508] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 666.692793][ T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 666.708742][ T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 666.720057][ T9] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 667.558785][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 667.598405][ T9] usb 2-1: SerialNumber: syz [ 667.908070][ T9] usb 2-1: 0:2 : does not exist [ 667.949946][ T9] usb 2-1: unit 255 not found! [ 668.607006][ T9] usb 2-1: 5:0: cannot get min/max values for control 6 (id 5) [ 668.724377][ T9] usb 2-1: 5:0: cannot get min/max values for control 7 (id 5) [ 668.747782][ T9] usb 2-1: 5:0: cannot get min/max values for control 8 (id 5) [ 668.771900][ T9] usb 2-1: 5:0: cannot get min/max values for control 9 (id 5) [ 668.800576][ T9] usb 2-1: 5:0: cannot get min/max values for control 10 (id 5) [ 668.841237][ T9] usb 2-1: 5:0: cannot get min/max values for control 11 (id 5) [ 668.869647][ T9] usb 2-1: 5:0: cannot get min/max values for control 12 (id 5) [ 668.896258][ T9] usb 2-1: 5:0: cannot get min/max values for control 13 (id 5) [ 668.918361][ T9] usb 2-1: 5:0: cannot get min/max values for control 14 (id 5) [ 668.990821][ T9] usb 2-1: USB disconnect, device number 11 [ 669.271938][T11479] udevd[11479]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 678.317110][T11610] infiniband syz2: set active [ 678.322295][T11610] infiniband syz2: added team_slave_1 [ 678.410451][T11610] RDS/IB: syz2: added [ 678.416010][T11610] smc: adding ib device syz2 with port count 1 [ 678.422629][T11610] smc: ib device syz2 port 1 has pnetid [ 679.499891][T11613] kvm: kvm [11600]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x5500000800 [ 679.519265][T11613] kvm: kvm [11600]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x7100000800 [ 679.893473][ T5908] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 680.259338][ T5908] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 680.816853][ T5908] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 680.849338][ T5908] usb 5-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 680.898696][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 680.948101][ T5908] usb 5-1: config 0 descriptor?? [ 681.012694][ T5908] usb 5-1: can't set config #0, error -71 [ 681.042661][ T5908] usb 5-1: USB disconnect, device number 16 [ 681.230386][ T29] audit: type=1804 audit(1734269277.487:163): pid=11634 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.1463" name="/newroot/292/bus/file1" dev="overlay" ino=1667 res=1 errno=0 [ 681.509571][T11644] program syz.5.1458 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 683.560486][T11663] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1470'. [ 684.634076][T11666] kvm: kvm [11665]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x9b50000081a [ 684.670523][T11666] kvm: kvm [11665]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x9e80000007f [ 686.469676][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.476068][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.593188][ T29] audit: type=1326 audit(1734269282.497:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11684 comm="syz.4.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c985d19 code=0x7ffc0000 [ 687.357507][ T29] audit: type=1326 audit(1734269282.497:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11684 comm="syz.4.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c985d19 code=0x7ffc0000 [ 687.425655][ T29] audit: type=1326 audit(1734269282.627:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11684 comm="syz.4.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fa33c985d19 code=0x7ffc0000 [ 688.344134][ T29] audit: type=1326 audit(1734269282.627:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11684 comm="syz.4.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c985d19 code=0x7ffc0000 [ 688.543025][ T29] audit: type=1326 audit(1734269282.627:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11684 comm="syz.4.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c985d19 code=0x7ffc0000 [ 688.637053][ T29] audit: type=1326 audit(1734269282.627:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11684 comm="syz.4.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa33c985d19 code=0x7ffc0000 [ 688.664862][ T29] audit: type=1326 audit(1734269282.627:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11684 comm="syz.4.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c985d19 code=0x7ffc0000 [ 688.708607][ T29] audit: type=1326 audit(1734269282.627:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11684 comm="syz.4.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c985d19 code=0x7ffc0000 [ 689.660110][ T29] audit: type=1326 audit(1734269282.627:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11684 comm="syz.4.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fa33c985d19 code=0x7ffc0000 [ 690.089792][ T29] audit: type=1326 audit(1734269282.627:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11684 comm="syz.4.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33c985d19 code=0x7ffc0000 [ 692.637983][T11742] kvm: kvm [11738]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111 [ 694.079502][T11771] sp0: Synchronizing with TNC [ 694.088359][T11771] sp0: Found TNC [ 694.340226][T11769] [U] è` [ 697.936731][T11782] kvm: kvm [11779]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111 [ 703.581103][T11835] netlink: 152 bytes leftover after parsing attributes in process `syz.6.1513'. [ 708.680561][T11886] capability: warning: `syz.4.1526' uses deprecated v2 capabilities in a way that may be insecure [ 711.784568][T11912] xt_cgroup: xt_cgroup: no path or classid specified [ 719.712674][ T5134] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 720.726299][T11978] mkiss: ax0: crc mode is auto. [ 727.011563][ T5831] Bluetooth: hci4: command 0x0401 tx timeout [ 728.327426][T12056] overlayfs: conflicting options: verity=on,redirect_dir=follow [ 732.186309][T10975] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 736.171357][T12095] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1574'. [ 736.180531][T12095] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1574'. [ 736.394389][T12105] vlan2: entered promiscuous mode [ 736.438653][T12105] dummy0: entered promiscuous mode [ 736.557646][T12105] dummy0: left promiscuous mode [ 743.966706][T12167] openvswitch: netlink: IP tunnel dst address not specified [ 748.275773][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 748.282318][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 756.989366][T12223] veth0_to_team: entered promiscuous mode [ 757.044425][T12223] veth0_to_team: entered allmulticast mode [ 757.320631][T12236] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 759.282061][T12247] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 763.758550][T12276] x_tables: unsorted entry at hook 3 [ 773.755439][T12338] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 774.682221][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 774.682930][ T29] audit: type=1326 audit(1734269370.927:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12350 comm="syz.1.1642" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7611185d19 code=0x0 [ 781.870521][T12397] netlink: 'syz.6.1652': attribute type 10 has an invalid length. [ 781.937738][T12397] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 783.489859][T12406] random: crng reseeded on system resumption [ 786.676208][T12415] fuse: Unknown parameter '0x0000000000000006' [ 788.229213][T12425] loop7: detected capacity change from 0 to 16383 [ 789.129778][T12418] buffer_io_error: 23 callbacks suppressed [ 789.129803][T12418] Buffer I/O error on dev loop7, logical block 4095, async page read [ 790.383790][ T5134] Bluetooth: hci4: command 0x0401 tx timeout [ 792.898958][T12456] : renamed from bond0 (while UP) [ 797.102125][ T8] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 797.583998][T12502] netlink: 'syz.1.1678': attribute type 1 has an invalid length. [ 797.841494][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 798.108714][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 798.204815][ T8] usb 6-1: New USB device found, idVendor=22ed, idProduct=1010, bcdDevice= 0.00 [ 798.224710][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 798.255585][T12505] x_tables: unsorted underflow at hook 3 [ 798.264246][ T8] usb 6-1: config 0 descriptor?? [ 798.288228][T12505] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1680'. [ 798.743391][ T8] hid-generic 0003:22ED:1010.0007: unknown main item tag 0x0 [ 798.819396][ T8] hid-generic 0003:22ED:1010.0007: hidraw0: USB HID v10.00 Device [HID 22ed:1010] on usb-dummy_hcd.5-1/input0 [ 799.182907][ T8] usb 6-1: USB disconnect, device number 7 [ 800.108332][T12487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 800.150311][T12487] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 800.279332][T12539] block nbd1: shutting down sockets [ 800.349563][T12538] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 806.902068][T12578] ubi0: attaching mtd0 [ 807.092465][T12578] ubi0: scanning is finished [ 808.164633][T12584] bond_slave_0: entered promiscuous mode [ 808.171219][T12584] bond_slave_1: entered promiscuous mode [ 808.209415][T12578] ubi0: empty MTD device detected [ 808.222293][T12584] bond_slave_0: left promiscuous mode [ 808.227838][T12584] bond_slave_1: left promiscuous mode [ 808.909788][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.921979][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 810.536056][T12578] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 814.684864][T12631] rdma_rxe: rxe_newlink: failed to add team_slave_1 [ 819.404927][T12655] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 819.532058][T12661] kvm: pic: non byte read [ 819.623185][T12661] kvm: pic: level sensitive irq not supported [ 819.623248][T12661] kvm: pic: non byte read [ 819.707101][T12661] kvm: pic: level sensitive irq not supported [ 819.707816][T12661] kvm: pic: non byte read [ 820.783232][T12661] kvm: pic: level sensitive irq not supported [ 820.783340][T12661] kvm: pic: non byte read [ 822.175670][T10975] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 822.338498][T10975] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 822.357422][T10975] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 822.378243][T10975] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 822.395596][T10975] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 822.978802][T10975] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 825.799430][T10975] Bluetooth: hci5: command tx timeout [ 828.328640][ T5134] Bluetooth: hci5: command tx timeout [ 830.728735][ T5134] Bluetooth: hci5: command tx timeout [ 832.985123][ T5134] Bluetooth: hci5: command tx timeout [ 833.200845][T12673] chnl_net:caif_netlink_parms(): no params data found [ 834.423263][T12744] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 835.093863][T12673] bridge0: port 1(bridge_slave_0) entered blocking state [ 835.104309][T12673] bridge0: port 1(bridge_slave_0) entered disabled state [ 835.127921][T12673] bridge_slave_0: entered allmulticast mode [ 835.486233][T12673] bridge_slave_0: entered promiscuous mode [ 835.543973][T12673] bridge0: port 2(bridge_slave_1) entered blocking state [ 835.585584][T12673] bridge0: port 2(bridge_slave_1) entered disabled state [ 835.601044][T12673] bridge_slave_1: entered allmulticast mode [ 835.620045][T12673] bridge_slave_1: entered promiscuous mode [ 837.855142][T12673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 837.908167][T12759] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 837.949740][T12673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 838.827570][T12779] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 838.848163][T12779] VFS: Can't find a romfs filesystem on dev nullb0. [ 838.848163][T12779] [ 839.165759][T12673] team0: Port device team_slave_0 added [ 840.792835][T12673] team0: Port device team_slave_1 added [ 841.676268][T12783] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 842.544779][T12673] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 842.577214][T12673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 842.628652][T12673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 842.872327][T12673] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 843.888627][T12673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 843.935530][T12673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 844.673500][T12673] hsr_slave_0: entered promiscuous mode [ 844.693375][T12673] hsr_slave_1: entered promiscuous mode [ 844.976047][T12673] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 845.004882][T12673] Cannot create hsr debugfs directory [ 845.168173][T12800] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 845.178242][T12800] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 845.224779][T12800] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 845.233973][T12800] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 845.349310][T12800] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 845.358066][T12800] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 845.367478][T12673] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 845.378699][T12800] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 845.394823][T12800] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 845.492085][T12800] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 845.629036][T12673] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 845.657130][T12673] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 845.907478][T12811] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 845.921837][T12811] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 845.936711][T12811] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 846.289203][T12813] xt_CT: You must specify a L4 protocol and not use inversions on it [ 847.120440][ T5134] Bluetooth: hci0: command 0x0c1a tx timeout [ 847.144901][T12673] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 847.289559][ T5134] Bluetooth: hci3: command 0x0406 tx timeout [ 847.448965][ T5134] Bluetooth: hci5: command 0x0c1a tx timeout [ 847.455181][ T5134] Bluetooth: hci4: command 0x0401 tx timeout [ 849.250198][T10975] Bluetooth: hci0: command 0x0c1a tx timeout [ 849.348937][T10975] Bluetooth: hci3: command 0x0406 tx timeout [ 849.501039][T10975] Bluetooth: hci4: command 0x0401 tx timeout [ 849.507213][T10975] Bluetooth: hci5: command 0x0c1a tx timeout [ 849.523409][T12673] 8021q: adding VLAN 0 to HW filter on device bond0 [ 849.604707][T12673] 8021q: adding VLAN 0 to HW filter on device team0 [ 849.698230][T10599] bridge0: port 1(bridge_slave_0) entered blocking state [ 849.705559][T10599] bridge0: port 1(bridge_slave_0) entered forwarding state [ 849.824926][ T7297] bridge0: port 2(bridge_slave_1) entered blocking state [ 849.832192][ T7297] bridge0: port 2(bridge_slave_1) entered forwarding state [ 852.484115][ T5134] Bluetooth: hci5: command 0x0c1a tx timeout [ 852.533763][T12673] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 852.814677][T12673] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 856.489224][ T5134] Bluetooth: hci4: unexpected event for opcode 0x2060 [ 857.489030][T12673] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 860.573690][T10975] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 860.631366][T10975] Bluetooth: hci4: Injecting HCI hardware error event [ 860.643398][ T5134] Bluetooth: hci4: hardware error 0x00 [ 861.997223][T12673] veth0_vlan: entered promiscuous mode [ 862.035801][T12673] veth1_vlan: entered promiscuous mode [ 862.135197][T12673] veth0_macvtap: entered promiscuous mode [ 862.167342][T12673] veth1_macvtap: entered promiscuous mode [ 862.229221][T12673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.259265][T12673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.294266][T12673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.327652][T12673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.358007][T12673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.391492][T12673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.416268][T12673] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 863.287590][ T5134] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 863.375615][T12673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 863.413590][T12673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 863.442153][T12673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 863.488738][T12673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 863.511563][T12673] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 863.542396][T12673] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 863.556021][T12673] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 863.574140][T12673] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 863.650952][T12673] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 863.805440][T12924] syz.3.1776: attempt to access beyond end of device [ 863.805440][T12924] nbd3: rw=2048, sector=2, nr_sectors = 1 limit=0 [ 867.807739][T10599] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 867.832106][T10599] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 869.887599][ T7297] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 869.969502][ T7297] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 870.301719][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.308294][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.509676][T12970] binder: 12963:12970 unknown command 0 [ 870.515308][T12970] binder: 12963:12970 ioctl c0306201 20000a80 returned -22 [ 879.850617][T13065] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 887.888575][ T25] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 889.010129][ T25] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 889.028565][ T25] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 889.037665][ T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 889.169512][ T25] usb 8-1: config 0 descriptor?? [ 889.222154][ T25] pwc: Askey VC010 type 2 USB webcam detected. [ 890.261694][ T25] pwc: send_video_command error -71 [ 890.267273][ T25] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 890.398635][ T25] Philips webcam 8-1:0.0: probe with driver Philips webcam failed with error -71 [ 890.419757][ T25] usb 8-1: USB disconnect, device number 2 [ 890.793053][T13130] netlink: 80 bytes leftover after parsing attributes in process `syz.6.1817'. [ 893.804181][T13146] overlayfs: missing 'workdir' [ 893.821546][T13149] overlayfs: missing 'lowerdir' [ 895.625778][ T29] audit: type=1326 audit(1734269491.867:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 895.807440][ T29] audit: type=1326 audit(1734269491.907:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 895.830217][ T29] audit: type=1326 audit(1734269491.937:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 895.852589][ T29] audit: type=1326 audit(1734269491.937:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 895.875085][ T29] audit: type=1326 audit(1734269491.937:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 895.910931][ T29] audit: type=1326 audit(1734269491.937:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 895.949552][T13162] fuse: Unknown parameter 'd' [ 895.961228][ T29] audit: type=1326 audit(1734269491.937:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 896.063118][ T29] audit: type=1326 audit(1734269491.947:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 896.085377][T13162] 9pnet_virtio: no channels available for device syz [ 897.458652][ T29] audit: type=1326 audit(1734269491.977:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 897.811868][ T29] audit: type=1326 audit(1734269491.977:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13158 comm="syz.3.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb26185d19 code=0x7ffc0000 [ 899.663706][T13183] netlink: 'syz.5.1832': attribute type 4 has an invalid length. [ 900.376480][T13237] sctp: [Deprecated]: syz.6.1834 (pid 13237) Use of int in maxseg socket option. [ 900.376480][T13237] Use struct sctp_assoc_value instead [ 902.059033][T13246] vlan2: entered promiscuous mode [ 902.102685][T13246] nlmon0: entered promiscuous mode [ 902.299005][T13246] bond0: (slave vlan2): Enslaving as an active interface with an up link [ 902.384531][T13251] bridge0: port 1(erspan0) entered blocking state [ 902.391209][T13251] bridge0: port 1(erspan0) entered disabled state [ 902.397821][T13251] erspan0: entered allmulticast mode [ 902.404233][T13251] erspan0: entered promiscuous mode [ 902.410189][T13251] bridge0: port 1(erspan0) entered blocking state [ 902.418379][T13251] bridge0: port 1(erspan0) entered forwarding state [ 903.964484][T13260] syz.5.1841 (13260): drop_caches: 2 [ 909.218278][T13275] team0: Device macsec1 is already an upper device of the team interface [ 909.437089][T13284] syz.4.1848[13284] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 909.437227][T13284] syz.4.1848[13284] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 909.472492][T13288] Bluetooth: MGMT ver 1.23 [ 909.520608][T13284] syz.4.1848[13284] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 909.599784][T13291] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5) [ 909.617937][T13291] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 910.648561][T13291] vhci_hcd vhci_hcd.0: Device attached [ 910.908726][ T25] vhci_hcd: vhci_device speed not set [ 911.839095][T13289] netlink: 44 bytes leftover after parsing attributes in process `syz.7.1849'. [ 912.257498][ T25] usb 47-1: new full-speed USB device number 2 using vhci_hcd [ 912.294512][T13293] vhci_hcd: connection closed [ 912.889411][T13313] vivid-006: kernel_thread() failed [ 913.077484][T13310] netlink: 'syz.6.1855': attribute type 21 has an invalid length. [ 913.517738][T10288] vhci_hcd: stop threads [ 913.522226][T10288] vhci_hcd: release socket [ 913.528050][T10288] vhci_hcd: disconnect device [ 913.603898][ T25] usb 47-1: enqueue for inactive port 0 [ 913.895400][ T25] vhci_hcd: vhci_device speed not set [ 916.881824][T13324] vlan3: entered promiscuous mode [ 916.887171][T13324] vlan3: entered allmulticast mode [ 916.961750][T13324] hsr_slave_1: entered allmulticast mode [ 918.698899][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 918.698920][ T29] audit: type=1326 audit(1734269514.847:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13348 comm="syz.5.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 918.968244][ T29] audit: type=1326 audit(1734269514.847:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13348 comm="syz.5.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 918.991115][ T29] audit: type=1326 audit(1734269514.847:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13348 comm="syz.5.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 919.479259][ T29] audit: type=1326 audit(1734269514.847:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13348 comm="syz.5.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 920.543735][ T29] audit: type=1326 audit(1734269514.847:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13348 comm="syz.5.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 921.068934][ T29] audit: type=1326 audit(1734269514.947:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13348 comm="syz.5.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 921.090556][ C0] vkms_vblank_simulate: vblank timer overrun [ 921.158693][ T29] audit: type=1326 audit(1734269514.947:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13348 comm="syz.5.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 921.195274][ T29] audit: type=1326 audit(1734269514.947:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13348 comm="syz.5.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 921.225863][ T29] audit: type=1326 audit(1734269514.957:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13348 comm="syz.5.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 921.478602][ T29] audit: type=1326 audit(1734269514.957:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13348 comm="syz.5.1864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425b385d19 code=0x7ffc0000 [ 921.503115][ T5134] Bluetooth: hci5: unexpected event for opcode 0x0c58 [ 924.840657][T13399] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 925.578661][ T5134] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 925.589909][ T5134] Bluetooth: hci5: Injecting HCI hardware error event [ 925.603240][ T5134] Bluetooth: hci5: hardware error 0x00 [ 926.727280][T13411] Unsupported ieee802154 address type: 0 [ 927.688248][ T5134] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 929.249287][T13420] kvm: kvm [13419]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xce00000806 [ 931.044546][T13447] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1887'. [ 931.054604][T13447] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1887'. [ 931.901766][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.909755][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 934.679820][T13471] binder_alloc: binder_alloc_mmap_handler: 13464 20ffd000-21000000 already mapped failed -16 [ 936.667648][T13495] sg_write: data in/out 246879826/56 bytes for SCSI command 0xeb-- guessing data in; [ 936.667648][T13495] program syz.4.1902 not setting count and/or reply_len properly [ 939.812349][T13520] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1905'. [ 944.765989][T13549] futex_wake_op: syz.5.1913 tries to shift op by -1; fix this program [ 951.547059][T13595] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 951.555113][T13595] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 951.566099][T13595] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 951.574081][T13595] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 953.553471][T13605] netlink: 165 bytes leftover after parsing attributes in process `syz.3.1928'. [ 955.608125][T13610] vlan2: entered promiscuous mode [ 955.628703][T13610] vlan2: entered allmulticast mode [ 960.718604][T13667] hub 9-0:1.0: USB hub found [ 960.725742][T13667] hub 9-0:1.0: 1 port detected [ 963.098156][T13690] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 967.420823][T13726] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 968.999469][T13740] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 970.039393][T13729] kvm: pic: level sensitive irq not supported [ 970.039516][T13729] kvm: pic: non byte read [ 970.053502][T13729] kvm: pic: level sensitive irq not supported [ 970.053589][T13729] kvm: pic: non byte read [ 970.067804][T13729] kvm: pic: level sensitive irq not supported [ 970.067953][T13729] kvm: pic: non byte read [ 970.085366][T13729] kvm: pic: level sensitive irq not supported [ 970.085516][T13729] kvm: pic: non byte read [ 970.622986][T13759] SET target dimension over the limit! [ 971.749063][T13770] overlayfs: missing 'lowerdir' [ 973.104081][T13781] vivid-003: disconnect [ 973.112575][T13781] vivid-003: reconnect [ 974.508897][T13791] syz.4.1976[13791] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 974.509019][T13791] syz.4.1976[13791] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 974.520697][T13791] syz.4.1976[13791] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 975.170143][T13791] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1976'. [ 975.927098][T13799] pim6reg: entered allmulticast mode [ 975.937009][T13799] pim6reg: left allmulticast mode [ 976.724032][T12618] usb 8-1: new full-speed USB device number 3 using dummy_hcd [ 977.341347][T12618] usb 8-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62 [ 977.368480][T12618] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 977.397257][T12618] usb 8-1: Product: syz [ 977.414567][T12618] usb 8-1: Manufacturer: syz [ 977.427156][T12618] usb 8-1: SerialNumber: syz [ 977.448270][T12618] usb 8-1: config 0 descriptor?? [ 977.752465][T12618] usb 8-1: selecting invalid altsetting 3 [ 977.873852][T12618] comedi comedi0: could not set alternate setting 3 in high speed [ 977.946335][T12618] usbdux 8-1:0.0: driver 'usbdux' failed to auto-configure device. [ 978.189722][T12618] usbdux 8-1:0.0: probe with driver usbdux failed with error -22 [ 978.210196][T12618] usb 8-1: USB disconnect, device number 3 [ 980.818080][T13829] serio: Serial port ptm0 [ 988.284442][T13885] TCP: out of memory -- consider tuning tcp_mem [ 988.308607][T13884] veth0_to_team: entered promiscuous mode [ 988.470287][T13884] veth0_to_team: entered allmulticast mode [ 990.049062][T13901] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 990.055735][T13901] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 990.259240][T13901] vhci_hcd vhci_hcd.0: Device attached [ 991.305502][T12930] vhci_hcd: vhci_device speed not set [ 991.904643][T13891] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1999'. [ 992.328553][T13902] vhci_hcd: connection closed [ 992.329020][ T6157] vhci_hcd: stop threads [ 992.344150][T12930] usb 41-1: new full-speed USB device number 2 using vhci_hcd [ 992.368473][ T6157] vhci_hcd: release socket [ 992.393574][ T6157] vhci_hcd: disconnect device [ 992.651783][T13922] loop6: detected capacity change from 0 to 524287999 [ 992.685459][ C0] blk_print_req_error: 24 callbacks suppressed [ 992.685481][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 992.700996][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 992.728872][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 992.738080][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 992.754629][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 992.763888][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 992.772987][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 992.782345][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 993.729093][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.735596][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 995.122819][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 995.132076][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 995.204128][T13920] loop6: detected capacity change from 524287999 to 524287952 [ 995.239546][T13922] loop6: unable to read partition table [ 995.268778][T13922] loop_reread_partitions: partition scan of loop6 (Í¢†¨ÙÇ´8ÝCP'OÈQž=}m”=@4r„(Uk+Z—Ö 4—Ö>˜ìF¼1ã“›ÍÀù‚àÔ™Û1Œ°) failed (rc=-5) [ 997.874668][T12930] vhci_hcd: vhci_device speed not set [ 998.052028][T13956] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2010'. [ 1005.699409][T13997] netlink: 'syz.3.2021': attribute type 2 has an invalid length. [ 1005.707268][T13997] netlink: 'syz.3.2021': attribute type 8 has an invalid length. [ 1005.715424][T13997] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2021'. [ 1008.500339][T14016] netlink: 'syz.3.2027': attribute type 21 has an invalid length. [ 1008.527141][T14016] netlink: 'syz.3.2027': attribute type 6 has an invalid length. [ 1008.566097][T14016] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2027'. [ 1008.647425][T14017] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1008.755151][T14020] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1008.779015][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1008.967852][T14026] : entered promiscuous mode [ 1115.168344][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 1115.175441][ C1] rcu: 0-...!: (1 GPs behind) idle=94c4/1/0x4000000000000000 softirq=51224/51229 fqs=0 [ 1115.187113][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5900/1:b..l P14025/2:b..l P14026/1:b..l [ 1115.197561][ C1] rcu: (detected by 1, t=10502 jiffies, g=52869, q=121 ncpus=2) [ 1115.205323][ C1] Sending NMI from CPU 1 to CPUs 0: [ 1115.205364][ C0] NMI backtrace for cpu 0 [ 1115.205385][ C0] CPU: 0 UID: 0 PID: 14031 Comm: syz.6.2031 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 1115.205406][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1115.205418][ C0] RIP: 0010:kasan_check_range+0x24/0x290 [ 1115.205454][ C0] Code: 90 90 90 90 90 90 66 0f 1f 00 55 41 57 41 56 41 54 53 b0 01 48 85 f6 0f 84 a0 01 00 00 4c 8d 04 37 49 39 f8 0f 82 56 02 00 00 <48> 89 fd 48 c1 ed 2f 81 fd fe ff 01 00 0f 86 43 02 00 00 48 89 fb [ 1115.205470][ C0] RSP: 0018:ffffc90000007ad0 EFLAGS: 00000002 [ 1115.205486][ C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff817a9934 [ 1115.205500][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff90184ef0 [ 1115.205512][ C0] RBP: ffffc90000007c48 R08: ffffffff90184ef8 R09: 0000000000000000 [ 1115.205526][ C0] R10: dffffc0000000000 R11: ffffffff89c58860 R12: 1ffff92000000f68 [ 1115.205540][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888029458ac8 [ 1115.205553][ C0] FS: 00007f0ced18b6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 1115.205570][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1115.205583][ C0] CR2: 0000001b2fa18ff8 CR3: 000000005e56c000 CR4: 00000000003526f0 [ 1115.205599][ C0] DR0: 0000000000002800 DR1: 0000000000000000 DR2: 0000000000000000 [ 1115.205611][ C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 1115.205623][ C0] Call Trace: [ 1115.205631][ C0] [ 1115.205640][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 1115.205665][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1115.205687][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1115.205708][ C0] ? nmi_handle+0x2a/0x5a0 [ 1115.205737][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 1115.205764][ C0] ? nmi_handle+0x14f/0x5a0 [ 1115.205784][ C0] ? nmi_handle+0x2a/0x5a0 [ 1115.205804][ C0] ? kasan_check_range+0x24/0x290 [ 1115.205831][ C0] ? default_do_nmi+0x63/0x160 [ 1115.205851][ C0] ? exc_nmi+0x123/0x1f0 [ 1115.205870][ C0] ? end_repeat_nmi+0xf/0x53 [ 1115.205889][ C0] ? __pfx_advance_sched+0x10/0x10 [ 1115.205912][ C0] ? lock_acquire+0xd4/0x550 [ 1115.205931][ C0] ? kasan_check_range+0x24/0x290 [ 1115.205958][ C0] ? kasan_check_range+0x24/0x290 [ 1115.205993][ C0] ? kasan_check_range+0x24/0x290 [ 1115.206020][ C0] [ 1115.206027][ C0] [ 1115.206034][ C0] lock_acquire+0xd4/0x550 [ 1115.206056][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1115.206077][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1115.206101][ C0] ? __hrtimer_run_queues+0x477/0xd30 [ 1115.206126][ C0] ? __pfx_lock_release+0x10/0x10 [ 1115.206149][ C0] ? __pfx_advance_sched+0x10/0x10 [ 1115.206170][ C0] _raw_spin_lock+0x2e/0x40 [ 1115.206190][ C0] ? advance_sched+0xab/0xca0 [ 1115.206210][ C0] advance_sched+0xab/0xca0 [ 1115.206232][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1115.206255][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1115.206283][ C0] ? __pfx_advance_sched+0x10/0x10 [ 1115.206304][ C0] __hrtimer_run_queues+0x59b/0xd30 [ 1115.206338][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 1115.206361][ C0] ? sched_clock+0x4a/0x70 [ 1115.206387][ C0] ? read_tsc+0x9/0x20 [ 1115.206411][ C0] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 1115.206435][ C0] hrtimer_interrupt+0x403/0xa40 [ 1115.206471][ C0] __sysvec_apic_timer_interrupt+0x110/0x420 [ 1115.206494][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 1115.206518][ C0] [ 1115.206524][ C0] [ 1115.206531][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1115.206559][ C0] RIP: 0010:user_get_super+0x6b/0x180 [ 1115.206582][ C0] Code: c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 2d 53 ee ff 48 8b 1b 4c 39 eb 74 37 48 8d 6b 10 48 89 e8 48 c1 e8 03 42 0f b6 04 20 <84> c0 75 0d 44 39 7d 00 74 24 e8 66 75 8a ff eb c1 89 e9 80 e1 07 [ 1115.206597][ C0] RSP: 0018:ffffc90004a17d48 EFLAGS: 00000a02 [ 1115.206613][ C0] RAX: 0000000000000000 RBX: ffff888144e92000 RCX: 0000000000080000 [ 1115.206626][ C0] RDX: ffffc9001c605000 RSI: 0000000000000012 RDI: 0000000000000013 [ 1115.206638][ C0] RBP: ffff888144e92010 R08: 0000000000000003 R09: fffff52000942f98 [ 1115.206651][ C0] R10: dffffc0000000000 R11: fffff52000942f98 R12: dffffc0000000000 [ 1115.206665][ C0] R13: ffffffff8ea769c0 R14: 0000000000000000 R15: 00000000ffffffff [ 1115.206687][ C0] ? user_get_super+0x7a/0x180 [ 1115.206710][ C0] __se_sys_ustat+0xc1/0x430 [ 1115.206733][ C0] ? __pfx_do_settimeofday64+0x10/0x10 [ 1115.206763][ C0] ? __pfx___se_sys_ustat+0x10/0x10 [ 1115.206797][ C0] ? do_syscall_64+0x100/0x230 [ 1115.206826][ C0] ? do_syscall_64+0xb6/0x230 [ 1115.206853][ C0] do_syscall_64+0xf3/0x230 [ 1115.206879][ C0] ? clear_bhb_loop+0x35/0x90 [ 1115.206897][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1115.206924][ C0] RIP: 0033:0x7f0cec385d19 [ 1115.206946][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1115.206961][ C0] RSP: 002b:00007f0ced18b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000088 [ 1115.206979][ C0] RAX: ffffffffffffffda RBX: 00007f0cec576160 RCX: 00007f0cec385d19 [ 1115.206999][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: fffffffeffffffff [ 1115.207012][ C0] RBP: 00007f0cec401a20 R08: 0000000000000000 R09: 0000000000000000 [ 1115.207024][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1115.207035][ C0] R13: 0000000000000000 R14: 00007f0cec576160 R15: 00007ffc9d743ac8 [ 1115.207056][ C0] [ 1115.207358][ C1] task:syz.5.2030 state:R running task stack:22640 pid:14026 tgid:14021 ppid:6676 flags:0x00004000 [ 1115.759087][ C1] Call Trace: [ 1115.762389][ C1] [ 1115.765361][ C1] __schedule+0x17fb/0x4be0 [ 1115.769934][ C1] ? __pfx___schedule+0x10/0x10 [ 1115.774826][ C1] ? mark_lock+0x9a/0x360 [ 1115.779292][ C1] ? preempt_schedule+0xe1/0xf0 [ 1115.784180][ C1] preempt_schedule_common+0x84/0xd0 [ 1115.789504][ C1] preempt_schedule+0xe1/0xf0 [ 1115.794215][ C1] ? __pfx_preempt_schedule+0x10/0x10 [ 1115.799618][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1115.805547][ C1] ? __sanitizer_cov_trace_pc+0x11/0x70 [ 1115.811137][ C1] preempt_schedule_thunk+0x1a/0x30 [ 1115.816383][ C1] _raw_spin_unlock+0x3e/0x50 [ 1115.821097][ C1] unmap_page_range+0x36c3/0x4040 [ 1115.826170][ C1] ? __lock_acquire+0x1397/0x2100 [ 1115.831264][ C1] ? __pfx_unmap_page_range+0x10/0x10 [ 1115.836686][ C1] ? mas_next_slot+0xdc6/0xea0 [ 1115.841494][ C1] ? uprobe_munmap+0x197/0x460 [ 1115.846383][ C1] ? unmap_single_vma+0x1bd/0x2b0 [ 1115.851457][ C1] unmap_vmas+0x3cc/0x5f0 [ 1115.855833][ C1] ? __pfx_unmap_vmas+0x10/0x10 [ 1115.860744][ C1] ? tlb_gather_mmu_fullmm+0x160/0x210 [ 1115.866244][ C1] exit_mmap+0x275/0xc20 [ 1115.870529][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 1115.875336][ C1] ? __pfx_exit_aio+0x10/0x10 [ 1115.880068][ C1] ? uprobe_clear_state+0x271/0x290 [ 1115.885298][ C1] ? mm_update_next_owner+0xa2/0x8a0 [ 1115.890610][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1115.895860][ C1] __mmput+0x115/0x3b0 [ 1115.899975][ C1] exit_mm+0x220/0x310 [ 1115.904253][ C1] ? __pfx_exit_mm+0x10/0x10 [ 1115.908873][ C1] ? taskstats_exit+0x326/0xa60 [ 1115.913762][ C1] do_exit+0x9b2/0x28e0 [ 1115.917972][ C1] ? __pfx_do_exit+0x10/0x10 [ 1115.922679][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1115.928093][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1115.934299][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1115.940759][ C1] ? _raw_spin_lock_irq+0xdf/0x120 [ 1115.945911][ C1] do_group_exit+0x207/0x2c0 [ 1115.950529][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 1115.955758][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 1115.961004][ C1] get_signal+0x16b2/0x1750 [ 1115.965557][ C1] ? __pfx_get_signal+0x10/0x10 [ 1115.970453][ C1] arch_do_signal_or_restart+0x96/0x860 [ 1115.976136][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1115.982330][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1115.988353][ C1] ? syscall_exit_to_user_mode+0xa3/0x340 [ 1115.994114][ C1] syscall_exit_to_user_mode+0xce/0x340 [ 1115.999703][ C1] do_syscall_64+0x100/0x230 [ 1116.004342][ C1] ? clear_bhb_loop+0x35/0x90 [ 1116.009347][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1116.015279][ C1] RIP: 0033:0x7f425b385d19 [ 1116.019722][ C1] RSP: 002b:00007f425c0ef0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1116.028170][ C1] RAX: fffffffffffffe00 RBX: 00007f425b576088 RCX: 00007f425b385d19 [ 1116.036258][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f425b576088 [ 1116.044252][ C1] RBP: 00007f425b576080 R08: 0000000000000000 R09: 0000000000000000 [ 1116.052248][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f425b57608c [ 1116.060252][ C1] R13: 0000000000000000 R14: 00007fffa0632000 R15: 00007fffa06320e8 [ 1116.068271][ C1] [ 1116.071314][ C1] task:syz.7.2029 state:R running task stack:23152 pid:14025 tgid:14019 ppid:12673 flags:0x00004002 [ 1116.083109][ C1] Call Trace: [ 1116.086415][ C1] [ 1116.089371][ C1] __schedule+0x17fb/0x4be0 [ 1116.093938][ C1] ? __pfx___schedule+0x10/0x10 [ 1116.098830][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1116.104902][ C1] ? preempt_schedule_irq+0xf0/0x1c0 [ 1116.110225][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 1116.115397][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 1116.121175][ C1] irqentry_exit+0x5e/0x90 [ 1116.125633][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1116.131662][ C1] RIP: 0010:lock_acquire+0x264/0x550 [ 1116.136978][ C1] Code: 2b 00 74 08 4c 89 f7 e8 ea a0 88 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 1116.156608][ C1] RSP: 0018:ffffc9000ba76c40 EFLAGS: 00000206 [ 1116.162724][ C1] RAX: 0000000000000001 RBX: 1ffff9200174ed94 RCX: ffff8880268928d8 [ 1116.170719][ C1] RDX: dffffc0000000000 RSI: ffffffff8c0aa960 RDI: ffffffff8c5ed820 [ 1116.178717][ C1] RBP: ffffc9000ba76d88 R08: ffffffff94270887 R09: 1ffffffff284e110 [ 1116.186782][ C1] R10: dffffc0000000000 R11: fffffbfff284e111 R12: 1ffff9200174ed90 [ 1116.194778][ C1] R13: dffffc0000000000 R14: ffffc9000ba76ca0 R15: 0000000000000246 [ 1116.202804][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1116.207871][ C1] ? __pfx_rcu_read_lock_sched_held+0x10/0x10 [ 1116.213980][ C1] ? percpu_ref_tryget+0x14/0x180 [ 1116.219047][ C1] percpu_ref_tryget+0x31/0x180 [ 1116.223934][ C1] ? percpu_ref_tryget+0x14/0x180 [ 1116.228992][ C1] ? get_mem_cgroup_from_mm+0x38/0x2a0 [ 1116.234479][ C1] get_mem_cgroup_from_mm+0x103/0x2a0 [ 1116.239884][ C1] __mem_cgroup_charge+0x16/0x80 [ 1116.244945][ C1] folio_prealloc+0x4f/0x170 [ 1116.249660][ C1] do_wp_page+0x1253/0x49b0 [ 1116.254235][ C1] ? __pfx_do_wp_page+0x10/0x10 [ 1116.259126][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1116.264197][ C1] ? rcu_is_watching+0x15/0xb0 [ 1116.268996][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 1116.274056][ C1] ? __pfx___pte_offset_map+0x10/0x10 [ 1116.279505][ C1] handle_pte_fault+0xfa5/0x5ed0 [ 1116.284503][ C1] ? mark_lock+0x9a/0x360 [ 1116.288879][ C1] ? __pfx_handle_pte_fault+0x10/0x10 [ 1116.294287][ C1] ? __lock_acquire+0x1397/0x2100 [ 1116.299377][ C1] ? mt_find+0x2a9/0x920 [ 1116.303658][ C1] ? __pfx_lock_release+0x10/0x10 [ 1116.308733][ C1] handle_mm_fault+0x1053/0x1ad0 [ 1116.313730][ C1] ? __pfx_handle_mm_fault+0x10/0x10 [ 1116.319067][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1116.325434][ C1] ? lock_mm_and_find_vma+0x9c/0x2f0 [ 1116.330752][ C1] exc_page_fault+0x2b9/0x8b0 [ 1116.335472][ C1] asm_exc_page_fault+0x26/0x30 [ 1116.340358][ C1] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 1116.346195][ C1] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 1116.365933][ C1] RSP: 0018:ffffc9000ba77718 EFLAGS: 00050206 [ 1116.372063][ C1] RAX: ffffffff84b7b001 RBX: 0000000020021ee8 RCX: 0000000000000110 [ 1116.380072][ C1] RDX: 0000000000000000 RSI: ffff88807ec61f48 RDI: 0000000020022000 [ 1116.388082][ C1] RBP: ffffc9000ba77898 R08: ffff88807ec62057 R09: 1ffff1100fd8c40a [ 1116.396094][ C1] R10: dffffc0000000000 R11: ffffed100fd8c40b R12: 1ffff9200174efbb [ 1116.404097][ C1] R13: ffffc9000ba77dd8 R14: 0000000000000228 R15: ffff88807ec61e30 [ 1116.412120][ C1] ? _copy_to_iter+0x1b1/0x1c50 [ 1116.417018][ C1] _copy_to_iter+0x267/0x1c50 [ 1116.421735][ C1] ? __virt_addr_valid+0x183/0x530 [ 1116.426927][ C1] ? __pfx_lock_release+0x10/0x10 [ 1116.432004][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 1116.437441][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 1116.442870][ C1] ? __pfx__copy_to_iter+0x10/0x10 [ 1116.448025][ C1] ? __virt_addr_valid+0x183/0x530 [ 1116.453171][ C1] ? __virt_addr_valid+0x183/0x530 [ 1116.458317][ C1] ? __virt_addr_valid+0x45f/0x530 [ 1116.463471][ C1] ? __check_object_size+0x47a/0x730 [ 1116.468810][ C1] __skb_datagram_iter+0x3c6/0x900 [ 1116.473983][ C1] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 1116.479681][ C1] skb_copy_datagram_iter+0xd1/0x250 [ 1116.485014][ C1] mptcp_recvmsg+0x4c5/0x1b10 [ 1116.489731][ C1] ? mark_lock+0x9a/0x360 [ 1116.494135][ C1] ? __pfx_mptcp_recvmsg+0x10/0x10 [ 1116.499580][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1116.504729][ C1] ? __fget_files+0x2a/0x410 [ 1116.509360][ C1] ? __pfx_lock_release+0x10/0x10 [ 1116.514416][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1116.519656][ C1] ? sock_rps_record_flow+0x1a/0x400 [ 1116.524977][ C1] ? inet_recvmsg+0xde/0x2d0 [ 1116.529598][ C1] ? __pfx_mptcp_recvmsg+0x10/0x10 [ 1116.534747][ C1] inet_recvmsg+0x2b5/0x2d0 [ 1116.539285][ C1] ? __pfx_inet_recvmsg+0x10/0x10 [ 1116.544340][ C1] ? __fget_files+0x2a/0x410 [ 1116.548961][ C1] ? __fget_files+0x395/0x410 [ 1116.553661][ C1] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 1116.558998][ C1] sock_recvmsg+0x1ae/0x280 [ 1116.563560][ C1] __sys_recvfrom+0x202/0x380 [ 1116.568278][ C1] ? __pfx___sys_recvfrom+0x10/0x10 [ 1116.573508][ C1] ? do_futex+0x33b/0x560 [ 1116.577908][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1116.583927][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1116.590294][ C1] __x64_sys_recvfrom+0xde/0x100 [ 1116.595277][ C1] do_syscall_64+0xf3/0x230 [ 1116.599821][ C1] ? clear_bhb_loop+0x35/0x90 [ 1116.604540][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1116.610472][ C1] RIP: 0033:0x7fcbc5385d19 [ 1116.614913][ C1] RSP: 002b:00007fcbc61da038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 1116.623360][ C1] RAX: ffffffffffffffda RBX: 00007fcbc5576080 RCX: 00007fcbc5385d19 [ 1116.631362][ C1] RDX: fffffffffffffecb RSI: 0000000020000180 RDI: 0000000000000006 [ 1116.639370][ C1] RBP: 00007fcbc5401a20 R08: 0000000000000000 R09: 0000000000000000 [ 1116.647375][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1116.655382][ C1] R13: 0000000000000000 R14: 00007fcbc5576080 R15: 00007ffdb4023e98 [ 1116.663494][ C1] [ 1116.666542][ C1] task:kworker/1:4 state:R running task stack:20144 pid:5900 tgid:5900 ppid:2 flags:0x00004000 [ 1116.678337][ C1] Workqueue: events_power_efficient gc_worker [ 1116.684448][ C1] Call Trace: [ 1116.687750][ C1] [ 1116.690707][ C1] __schedule+0x17fb/0x4be0 [ 1116.695261][ C1] ? __pfx_validate_chain+0x10/0x10 [ 1116.700615][ C1] ? __pfx___schedule+0x10/0x10 [ 1116.705602][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1116.711636][ C1] ? preempt_schedule_irq+0xf0/0x1c0 [ 1116.716966][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 1116.722136][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 1116.727936][ C1] irqentry_exit+0x5e/0x90 [ 1116.732400][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1116.738427][ C1] RIP: 0010:seqcount_lockdep_reader_access+0x1e0/0x220 [ 1116.745310][ C1] Code: f7 4d 85 ed 75 16 e8 ff d7 c7 f7 eb 15 e8 f8 d7 c7 f7 e8 33 f4 e8 01 4d 85 ed 74 ea e8 e9 d7 c7 f7 fb 48 c7 04 24 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00 [ 1116.765037][ C1] RSP: 0018:ffffc900043af9a0 EFLAGS: 00000293 [ 1116.771142][ C1] RAX: ffffffff89d78607 RBX: 0000000000000000 RCX: ffff888035519e00 [ 1116.779143][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1116.787141][ C1] RBP: ffffc900043afa50 R08: ffffffff89d785dd R09: 1ffffffff284e124 [ 1116.795142][ C1] R10: dffffc0000000000 R11: fffffbfff284e125 R12: dffffc0000000000 [ 1116.803145][ C1] R13: 0000000000000200 R14: 0000000000000046 R15: 1ffff92000875f34 [ 1116.811328][ C1] ? seqcount_lockdep_reader_access+0x1ad/0x220 [ 1116.817601][ C1] ? seqcount_lockdep_reader_access+0x1d7/0x220 [ 1116.823895][ C1] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 1116.831054][ C1] gc_worker+0x316/0x1530 [ 1116.835412][ C1] ? gc_worker+0x26b/0x1530 [ 1116.839951][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1116.845967][ C1] ? __pfx_gc_worker+0x10/0x10 [ 1116.850771][ C1] ? process_scheduled_works+0x976/0x1840 [ 1116.856537][ C1] process_scheduled_works+0xa66/0x1840 [ 1116.862153][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 1116.868181][ C1] ? assign_work+0x364/0x3d0 [ 1116.872823][ C1] worker_thread+0x870/0xd30 [ 1116.877458][ C1] ? __kthread_parkme+0x169/0x1d0 [ 1116.882514][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1116.887658][ C1] kthread+0x2f0/0x390 [ 1116.891765][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1116.896909][ C1] ? __pfx_kthread+0x10/0x10 [ 1116.901533][ C1] ret_from_fork+0x4b/0x80 [ 1116.905985][ C1] ? __pfx_kthread+0x10/0x10 [ 1116.910602][ C1] ret_from_fork_asm+0x1a/0x30 [ 1116.915422][ C1] [ 1116.918462][ C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g52869 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 1116.929679][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 1116.939671][ C1] rcu: RCU grace-period kthread stack dump: [ 1116.945572][ C1] task:rcu_preempt state:R running task stack:25976 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 1116.957373][ C1] Call Trace: [ 1116.960674][ C1] [ 1116.963633][ C1] __schedule+0x17fb/0x4be0 [ 1116.968292][ C1] ? __pfx___schedule+0x10/0x10 [ 1116.973178][ C1] ? __pfx_lock_release+0x10/0x10 [ 1116.978245][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1116.984605][ C1] ? schedule+0x90/0x320 [ 1116.988880][ C1] schedule+0x14b/0x320 [ 1116.993159][ C1] schedule_timeout+0x15a/0x290 [ 1116.998040][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 1117.003467][ C1] ? __pfx_process_timeout+0x10/0x10 [ 1117.008814][ C1] ? prepare_to_swait_event+0x330/0x350 [ 1117.014395][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 1117.019280][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 1117.024517][ C1] ? rcu_gp_init+0x1256/0x1630 [ 1117.029353][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 1117.034325][ C1] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 1117.040510][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 1117.045831][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1117.051765][ C1] ? finish_swait+0xd4/0x1e0 [ 1117.056393][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 1117.061026][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1117.066250][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1117.072177][ C1] ? __kthread_parkme+0x169/0x1d0 [ 1117.077237][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1117.082467][ C1] kthread+0x2f0/0x390 [ 1117.086564][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1117.091809][ C1] ? __pfx_kthread+0x10/0x10 [ 1117.096432][ C1] ret_from_fork+0x4b/0x80 [ 1117.101050][ C1] ? __pfx_kthread+0x10/0x10 [ 1117.105759][ C1] ret_from_fork_asm+0x1a/0x30 [ 1117.110580][ C1] [ 1117.113623][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 1117.119964][ C1] CPU: 1 UID: 0 PID: 6157 Comm: kworker/u8:12 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 1117.130925][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 1117.141002][ C1] Workqueue: events_unbound toggle_allocation_gate [ 1117.147556][ C1] RIP: 0010:smp_call_function_many_cond+0x19f3/0x2c60 [ 1117.154353][ C1] Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 56 e9 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 01 e5 0b 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 e5 e4 [ 1117.174358][ C1] RSP: 0018:ffffc900034d76e0 EFLAGS: 00000293 [ 1117.180453][ C1] RAX: ffffffff8193790b RBX: 1ffff110170c8c65 RCX: ffff888033ff9e00 [ 1117.188455][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1117.196452][ C1] RBP: ffffc900034d78e0 R08: ffffffff819378da R09: 1ffffffff284e110 [ 1117.204449][ C1] R10: dffffc0000000000 R11: fffffbfff284e111 R12: dffffc0000000000 [ 1117.212535][ C1] R13: ffff8880b8646328 R14: ffff8880b873f940 R15: 0000000000000000 [ 1117.220620][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 1117.229574][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1117.236179][ C1] CR2: 0000000020022000 CR3: 000000000e736000 CR4: 00000000003526f0 [ 1117.244186][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1117.252270][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1117.260265][ C1] Call Trace: [ 1117.263568][ C1] [ 1117.266435][ C1] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 1117.272803][ C1] ? print_other_cpu_stall+0x1481/0x15c0 [ 1117.278481][ C1] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 1117.284332][ C1] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 1117.290959][ C1] ? rcu_sched_clock_irq+0xa26/0x10e0 [ 1117.296371][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 1117.302135][ C1] ? update_process_times+0x242/0x2f0 [ 1117.307539][ C1] ? tick_nohz_handler+0x37c/0x500 [ 1117.312689][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 1117.318188][ C1] ? __hrtimer_run_queues+0x551/0xd30 [ 1117.323613][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 1117.329389][ C1] ? handle_softirqs+0x7e0/0x9b0 [ 1117.334452][ C1] ? read_tsc+0x9/0x20 [ 1117.338555][ C1] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 1117.344665][ C1] ? hrtimer_interrupt+0x403/0xa40 [ 1117.349834][ C1] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 1117.356020][ C1] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 1117.361862][ C1] [ 1117.364814][ C1] [ 1117.367775][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1117.374063][ C1] ? smp_call_function_many_cond+0x19da/0x2c60 [ 1117.380251][ C1] ? smp_call_function_many_cond+0x1a0b/0x2c60 [ 1117.386481][ C1] ? smp_call_function_many_cond+0x19f3/0x2c60 [ 1117.392705][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 1117.397817][ C1] ? __pfx___text_poke+0x10/0x10 [ 1117.402809][ C1] ? process_scheduled_works+0x976/0x1840 [ 1117.408668][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 1117.415048][ C1] ? __pfx___might_resched+0x10/0x10 [ 1117.420380][ C1] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1117.426319][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 1117.431451][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 1117.436605][ C1] text_poke_bp_batch+0x352/0xb30 [ 1117.441735][ C1] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1117.447757][ C1] ? arch_jump_label_transform_apply+0x17/0x30 [ 1117.453982][ C1] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 1117.459589][ C1] ? arch_jump_label_transform_queue+0x9b/0x100 [ 1117.465905][ C1] ? process_scheduled_works+0x976/0x1840 [ 1117.471684][ C1] text_poke_finish+0x30/0x50 [ 1117.476401][ C1] arch_jump_label_transform_apply+0x1c/0x30 [ 1117.482428][ C1] static_key_enable_cpuslocked+0x136/0x260 [ 1117.488453][ C1] static_key_enable+0x1a/0x20 [ 1117.493260][ C1] toggle_allocation_gate+0xbc/0x260 [ 1117.498594][ C1] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 1117.504554][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1117.510935][ C1] process_scheduled_works+0xa66/0x1840 [ 1117.516818][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 1117.522847][ C1] ? assign_work+0x364/0x3d0 [ 1117.527488][ C1] worker_thread+0x870/0xd30 [ 1117.532114][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1117.538089][ C1] ? __kthread_parkme+0x169/0x1d0 [ 1117.543441][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1117.548592][ C1] kthread+0x2f0/0x390 [ 1117.552697][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1117.557854][ C1] ? __pfx_kthread+0x10/0x10 [ 1117.562490][ C1] ret_from_fork+0x4b/0x80 [ 1117.566932][ C1] ? __pfx_kthread+0x10/0x10 [ 1117.571558][ C1] ret_from_fork_asm+0x1a/0x30 [ 1117.576374][ C1]