last executing test programs: 3.012861501s ago: executing program 4 (id=737): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000100)={{&(0x7f0000428000/0x4000)=nil, 0x4000}}) 2.921313981s ago: executing program 0 (id=738): r0 = socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000340)={0x2c, r1, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_WME={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x800) 2.697166511s ago: executing program 0 (id=742): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x12, r0, 0x7e422000) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fe9000/0x2000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ff0000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) io_uring_setup(0x1c79, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1}) 2.09888086s ago: executing program 0 (id=746): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x1, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) syz_clone3(&(0x7f0000000680)={0x40004000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) timer_settime(r0, 0x1, &(0x7f00000001c0)={{}, {0x0, 0x3938700}}, &(0x7f00000000c0)) 1.890222705s ago: executing program 3 (id=749): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3cd2e7b3d6526bf5}}}, 0x68}}, 0x0) r1 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f00000001c0)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001c40)="5346f7f875528ef24043c68e04180a33", 0xffeb}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0) 1.690462282s ago: executing program 1 (id=751): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = socket$unix(0x1, 0x5, 0x0) bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e) r1 = socket$kcm(0x10, 0x100000000002, 0x4) sendmsg$kcm(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0) 1.550758663s ago: executing program 2 (id=752): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) socket$inet6(0xa, 0x3, 0x2) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x47, &(0x7f00000002c0)={@broadcast, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "e100", 0x11, 0x11, 0x1, @local, @mcast2, {[], {0x4000, 0xe22, 0x11, 0x0, @opaque="886a6307346ce50cf5"}}}}}}, 0x0) 1.465801622s ago: executing program 3 (id=753): pipe(&(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x4}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x6c}, 0x1, 0x0, 0x0, 0x40}, 0x24000840) close_range(r0, 0xffffffffffffffff, 0x0) 1.445894199s ago: executing program 1 (id=754): creat(&(0x7f00000002c0)='./file0\x00', 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x2000401c) r0 = open(&(0x7f0000000280)='./file0\x00', 0x325280, 0x143) setresuid(0xee01, 0x0, 0x0) linkat(r0, &(0x7f0000000100)='./file1\x00', 0xffffffffffffffff, 0x0, 0x1000) 1.428894182s ago: executing program 4 (id=755): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x90, r1, 0x1, 0x270b525, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x65, 0x33, @probe_response={{{0x0, 0x0, 0x5, 0x0, 0x0, 0x1}, {0x8}, @device_b, @device_a, @initial, {0x4, 0x3}}, 0x5, @default, 0x2, @val={0x0, 0x6, @default_ibss_ssid}, @val, @val={0x3, 0x1, 0xab}, @val={0x4, 0x6, {0x4, 0xdb, 0x7, 0x7}}, @val={0x6, 0x2, 0x7}, @val={0x2d, 0x1a, {0x2, 0x3, 0x3, 0x0, {0x6, 0x40, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x1, 0x7, 0x9}}, @val={0x72, 0x6}, @void}}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x513}]}, 0x90}}, 0x0) 1.349270172s ago: executing program 2 (id=756): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = getpid() close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6) fcntl$setownex(r0, 0xf, &(0x7f0000000100)={0x2, r1}) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000001c0)) 1.233209995s ago: executing program 1 (id=757): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000bc0)=[@iv={0xe0, 0x117, 0x2, 0x105, "8e2ac50df8daace0fca0342845755e0963228ee017f0bf10c7ac83c0f51aa2d770d1388060968b78be13acdf6557f76db9a3dbe925ee65b2b32d0ba02e9f9407bfdbe5aac2fc65d33c4c981a99ac7834b67b4eeac5ca67f61367a1dcaab6eb9e4b4fcd9cdacc7d898211216660ade385dad5e61e1a7664bcc8ac93783b8f8b5ab7d9668fa71f99bd261b5782e676e7ca9e8e42ef289833e0bebbbc04b04fcf9fbf3abc5a70fdc7c7c506268c32fc8610938ecf5474fcd97a70175d670f8c6483dcdd967f749e33de170379"}], 0xe0}], 0x1, 0x40800) 1.106788801s ago: executing program 2 (id=758): ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)=@x86={0x3, 0x1, 0xfb, 0x0, 0x10005, 0x5, 0x3, 0xd4, 0x7, 0x2, 0x4, 0x1, 0x0, 0x7, 0x3, 0xd6, 0x2, 0x9, 0x7, '\x00', 0x8, 0x1}) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15) r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) 1.096618953s ago: executing program 3 (id=759): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x8, 0x4) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=""/171, 0xab}, 0x5}], 0x1, 0x2, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 1.069504973s ago: executing program 4 (id=760): r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) connect$llc(r0, &(0x7f0000000340)={0x1a, 0x0, 0x4, 0x22, 0x81, 0xfa}, 0x10) r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) 920.939218ms ago: executing program 1 (id=761): r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) close(r1) close(0xffffffffffffffff) execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000340)={[], 0xfffffffffffffff8}, 0x0, 0x0) 807.062859ms ago: executing program 2 (id=762): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x880) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000005c0)={0x0, 0x0, 0x0, 'queue1\x00', 0xff}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x353, @time={0x95}}) 806.895635ms ago: executing program 0 (id=763): pipe(&(0x7f0000000180)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0) splice(r0, 0x0, r1, 0x0, 0x5d, 0x0) 759.164739ms ago: executing program 4 (id=764): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001100)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x50) r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000001240)={r0, r1, 0x26, 0x0, @val=@kprobe_multi=@addrs={0x0, 0x0, 0x0, 0x0, 0x3}}, 0x30) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000000000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000001080)={r2, r3, 0x4}, 0x6) 724.797728ms ago: executing program 3 (id=765): socketpair$unix(0x1, 0x2, 0x0, 0x0) unshare(0x26020480) r0 = inotify_init1(0x0) r1 = dup(r0) inotify_rm_watch(r1, 0x0) 644.394358ms ago: executing program 1 (id=766): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x284, 0x65, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x4}, {0x0, 0xa}}, [@TCA_CHAIN={0x8, 0xb, 0x3745}, @TCA_CHAIN={0x8, 0xb, 0x89f}, @filter_kind_options=@f_u32={{0x8}, {0x248, 0x2, [@TCA_U32_SEL={0x14, 0x5, {0x2, 0x7, 0x2, 0x1, 0x7, 0xd, 0x94, 0x2}}, @TCA_U32_ACT={0x230, 0x7, [@m_csum={0x128, 0x4, 0x0, 0x0, {{0x9}, {0xac, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff, 0x4, 0xfffffffb}, 0x48}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x100, 0x4, 0x1, 0x7, 0xb28}, 0x60}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x10001, 0x3ff, 0x10000000, 0x5, 0x3}, 0x43}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xc, 0x0, 0x1, 0x3, 0x3}, 0x26}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x430800, 0x4, 0x7, 0x4}, 0x80}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7, 0x7, 0x4, 0x9, 0xb}, 0x77}}]}, {0x51, 0x6, "fd94c06764f37d74e02e47d2112b5242809e2419a3cf7f21e0a41fd7d83b6df9e9c285b3a976c4ebcd91e46a33997be265aa1e90d10cac810d688759dede90afba97f4b1c43b3b365eb86d85fb"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_ife={0xc0, 0x1a, 0x0, 0x0, {{0x8}, {0x34, 0x2, 0x0, 0x1, [@TCA_IFE_TYPE={0x6}, @TCA_IFE_SMAC={0xa, 0x4, @random="dad6d78a2b85"}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x8, 0x6, 0x3, 0x2, 0x2}}}]}, {0x65, 0x6, "59b69513e97e708c0dc836f724775dbb59b2f21e013426759c817a1bd718849baa0b9d47756ce75b26f113f5bfe81ebbf06c0a2c154843e8d984f48c206498de65a138cb2d060aa964127c922df85b876a47f2b35d8bc8e3e0ce3e453511ffd2a3"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_bpf={0x44, 0x13, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x10a, 0x5, 0x10000000, 0xff, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3}}}}]}]}}]}, 0x284}, 0x1, 0x0, 0x0, 0x91}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x4f}) 523.047373ms ago: executing program 4 (id=767): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000280)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000200)={0x24, r2, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_SECLEVEL={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x800) 518.930035ms ago: executing program 0 (id=768): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x3, 0x0, &(0x7f00000019c0)="b1e0c4", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010018000000000000007c0000007c00000002000000f3ff00000000000e0000000000000000000000000600000d00000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000c20000000000000000000000900000000000000000000000900000000000000000000000902"], 0x0, 0x96}, 0x28) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r1, 0xd8, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x0, 0x8, 0xffffffffffffff0e, 0x0}}, 0x10) 483.29941ms ago: executing program 2 (id=769): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f00000005c0), 0x10) recvmmsg(r0, &(0x7f0000003140)=[{{0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000001680)=""/137, 0x89}, {0x0}], 0x2}, 0x5}], 0x1, 0x10002, 0x0) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f0000000000)=0x567, 0x4) sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}, 0x1, 0x0, 0x0, 0x4030}, 0x0) 298.901869ms ago: executing program 3 (id=770): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 221.066893ms ago: executing program 4 (id=771): r0 = socket(0x2, 0x1, 0x0) r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r0) ioctl$BLKSECDISCARD(r1, 0x127d, 0x0) ioctl$NBD_CLEAR_SOCK(r1, 0xab04) 154.688064ms ago: executing program 0 (id=772): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x34, 0x65, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x4}, {0x0, 0xa}}, [@TCA_CHAIN={0x8, 0xb, 0x3745}, @TCA_CHAIN={0x8, 0xb, 0x89f}]}, 0x34}, 0x1, 0x0, 0x0, 0x91}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x4f}) 154.543746ms ago: executing program 3 (id=773): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0) landlock_restrict_self(r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) 90.846227ms ago: executing program 1 (id=774): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 2 (id=775): r0 = socket(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x5, @remote, 0x4}, 0x1c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmmsg$inet6(r0, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000000c0)="5e54e574da93883e8c628a600b17cbe584d2e73c68141965f3fbcf0e16db6e759d420151c6c57504", 0x28}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@pktinfo={{0x24, 0x29, 0x32, {@local, r2}}}], 0x28}}], 0x2, 0x80) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.253' (ED25519) to the list of known hosts. [ 88.442806][ T5592] cgroup: Unknown subsys name 'net' [ 88.684808][ T5592] cgroup: Unknown subsys name 'cpuset' [ 88.758004][ T5592] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 90.741307][ T5592] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 92.070852][ T823] cfg80211: failed to load regulatory.db [ 93.378938][ T5620] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 93.398422][ T5620] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.400339][ T5620] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 93.430510][ T5625] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 93.432655][ T5625] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 93.434779][ T5625] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.447718][ T5624] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 93.448531][ T5625] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.449506][ T5625] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 93.456640][ T5624] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 93.466625][ T5624] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.475992][ T5622] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 93.476111][ T5624] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 93.476362][ T5624] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 93.485185][ T5624] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.500482][ T5622] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 93.507405][ T5622] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 93.510988][ T5624] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 93.539542][ T5624] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 93.542985][ T5624] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 93.548660][ T59] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 93.554203][ T5624] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 93.557021][ T5617] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 93.587877][ T5612] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 93.594105][ T5612] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 95.659059][ T4926] Bluetooth: hci0: command tx timeout [ 95.738105][ T4926] Bluetooth: hci2: command tx timeout [ 95.738132][ T5612] Bluetooth: hci4: command tx timeout [ 95.738260][ T4926] Bluetooth: hci1: command tx timeout [ 95.738273][ T5612] Bluetooth: hci3: command tx timeout [ 96.262520][ T5607] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.263270][ T5607] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.263426][ T5607] bridge_slave_0: entered allmulticast mode [ 96.265481][ T5607] bridge_slave_0: entered promiscuous mode [ 96.346324][ T5607] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.346441][ T5607] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.346578][ T5607] bridge_slave_1: entered allmulticast mode [ 96.354896][ T5607] bridge_slave_1: entered promiscuous mode [ 96.438961][ T5610] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.439102][ T5610] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.439223][ T5610] bridge_slave_0: entered allmulticast mode [ 96.441104][ T5610] bridge_slave_0: entered promiscuous mode [ 96.515432][ T5610] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.515577][ T5610] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.515748][ T5610] bridge_slave_1: entered allmulticast mode [ 96.519492][ T5610] bridge_slave_1: entered promiscuous mode [ 96.566232][ T5608] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.566359][ T5608] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.566479][ T5608] bridge_slave_0: entered allmulticast mode [ 96.572474][ T5608] bridge_slave_0: entered promiscuous mode [ 96.596395][ T5607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.690734][ T5608] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.690872][ T5608] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.691225][ T5608] bridge_slave_1: entered allmulticast mode [ 96.693107][ T5608] bridge_slave_1: entered promiscuous mode [ 96.723916][ T5607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.753298][ T5606] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.753423][ T5606] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.753596][ T5606] bridge_slave_0: entered allmulticast mode [ 96.755798][ T5606] bridge_slave_0: entered promiscuous mode [ 96.835208][ T5610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.835458][ T5606] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.835616][ T5606] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.836363][ T5606] bridge_slave_1: entered allmulticast mode [ 96.852050][ T5606] bridge_slave_1: entered promiscuous mode [ 96.856228][ T5609] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.856529][ T5609] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.879368][ T5609] bridge_slave_0: entered allmulticast mode [ 96.893836][ T5609] bridge_slave_0: entered promiscuous mode [ 96.935760][ T5610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.956812][ T5609] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.956953][ T5609] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.957081][ T5609] bridge_slave_1: entered allmulticast mode [ 96.975730][ T5609] bridge_slave_1: entered promiscuous mode [ 96.988120][ T5608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.991033][ T5607] team0: Port device team_slave_0 added [ 97.065852][ T5608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.070902][ T5607] team0: Port device team_slave_1 added [ 97.098202][ T5606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.165817][ T5610] team0: Port device team_slave_0 added [ 97.179591][ T5606] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.182529][ T5609] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.237608][ T5610] team0: Port device team_slave_1 added [ 97.260608][ T5609] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.262761][ T5608] team0: Port device team_slave_0 added [ 97.264014][ T5607] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.264025][ T5607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.264044][ T5607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.380204][ T5608] team0: Port device team_slave_1 added [ 97.380997][ T5607] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.381010][ T5607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.381030][ T5607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.456446][ T5606] team0: Port device team_slave_0 added [ 97.502588][ T5610] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.502602][ T5610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.502621][ T5610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.505499][ T5606] team0: Port device team_slave_1 added [ 97.518291][ T5609] team0: Port device team_slave_0 added [ 97.578975][ T5610] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.578994][ T5610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.579014][ T5610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.631179][ T5609] team0: Port device team_slave_1 added [ 97.632537][ T5608] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.632552][ T5608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.632582][ T5608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.720801][ T5608] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.720816][ T5608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.720835][ T5608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.738929][ T5616] Bluetooth: hci0: command tx timeout [ 97.817690][ T5616] Bluetooth: hci3: command tx timeout [ 97.817710][ T4926] Bluetooth: hci1: command tx timeout [ 97.817724][ T5616] Bluetooth: hci2: command tx timeout [ 97.817735][ T4926] Bluetooth: hci4: command tx timeout [ 98.222282][ T5606] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.222300][ T5606] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.222329][ T5606] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.309130][ T5606] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.309144][ T5606] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.309163][ T5606] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.310235][ T5609] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.310245][ T5609] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.310264][ T5609] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.334436][ T5607] hsr_slave_0: entered promiscuous mode [ 98.350007][ T5607] hsr_slave_1: entered promiscuous mode [ 98.465889][ T5609] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.465908][ T5609] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.465938][ T5609] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.576063][ T5610] hsr_slave_0: entered promiscuous mode [ 98.577109][ T5610] hsr_slave_1: entered promiscuous mode [ 98.583240][ T5610] debugfs: 'hsr0' already exists in 'hsr' [ 98.583584][ T5610] Cannot create hsr debugfs directory [ 98.659131][ T5608] hsr_slave_0: entered promiscuous mode [ 98.660074][ T5608] hsr_slave_1: entered promiscuous mode [ 98.660744][ T5608] debugfs: 'hsr0' already exists in 'hsr' [ 98.660761][ T5608] Cannot create hsr debugfs directory [ 98.759709][ T5606] hsr_slave_0: entered promiscuous mode [ 98.760728][ T5606] hsr_slave_1: entered promiscuous mode [ 98.761513][ T5606] debugfs: 'hsr0' already exists in 'hsr' [ 98.761532][ T5606] Cannot create hsr debugfs directory [ 99.051948][ T5609] hsr_slave_0: entered promiscuous mode [ 99.052996][ T5609] hsr_slave_1: entered promiscuous mode [ 99.053681][ T5609] debugfs: 'hsr0' already exists in 'hsr' [ 99.053704][ T5609] Cannot create hsr debugfs directory [ 99.818280][ T5612] Bluetooth: hci0: command tx timeout [ 99.818769][ T5607] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 99.859677][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 99.871945][ T5607] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 99.892013][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 99.894242][ T5607] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 99.897464][ T5612] Bluetooth: hci2: command tx timeout [ 99.897494][ T5612] Bluetooth: hci1: command tx timeout [ 99.897517][ T5612] Bluetooth: hci4: command tx timeout [ 99.897538][ T5612] Bluetooth: hci3: command tx timeout [ 99.946152][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 99.973335][ T5607] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 100.002451][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 100.120139][ T5608] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 100.155450][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 100.176057][ T5608] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 100.212103][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 100.217189][ T5608] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 100.266483][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 100.292137][ T5608] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 100.332523][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 100.482531][ T5606] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 100.521286][ T5606] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 100.545098][ T5606] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 100.582296][ T5606] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 100.595995][ T5606] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 100.621545][ T5606] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 100.654799][ T5606] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 100.683468][ T5606] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 100.870621][ T5609] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 100.911535][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 100.929467][ T5609] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 100.971133][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 100.976455][ T5609] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 101.026359][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 101.071383][ T5609] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 101.111993][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 101.306182][ T5607] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.306594][ T5610] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 101.343348][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 101.351449][ T5610] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 101.391990][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 101.406224][ T5610] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 101.451746][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 101.473511][ T5610] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 101.506138][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 101.576933][ T5607] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.606337][ T5608] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.653494][ T3392] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.653658][ T3392] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.706865][ T3392] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.706969][ T3392] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.771345][ T5608] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.815012][ T1420] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.815547][ T1420] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.833290][ T5606] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.890172][ T1419] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.890282][ T1419] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.901721][ T5616] Bluetooth: hci0: command tx timeout [ 101.977696][ T5612] Bluetooth: hci4: command tx timeout [ 101.977726][ T5612] Bluetooth: hci1: command tx timeout [ 101.977745][ T5612] Bluetooth: hci2: command tx timeout [ 101.977801][ T5616] Bluetooth: hci3: command tx timeout [ 102.034959][ T5606] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.071042][ T5609] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.092547][ T1420] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.092703][ T1420] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.160283][ T1420] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.160395][ T1420] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.296104][ T5609] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.385959][ T1420] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.386184][ T1420] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.421435][ T5610] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.456868][ T3392] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.457084][ T3392] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.611715][ T5610] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.655114][ T1420] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.672332][ T1420] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.847132][ T140] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.847654][ T140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.551671][ T5607] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.056257][ T5607] veth0_vlan: entered promiscuous mode [ 104.098897][ T5606] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.184884][ T5607] veth1_vlan: entered promiscuous mode [ 104.235242][ T5608] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.490667][ T5607] veth0_macvtap: entered promiscuous mode [ 104.565383][ T5607] veth1_macvtap: entered promiscuous mode [ 104.743389][ T5608] veth0_vlan: entered promiscuous mode [ 104.764344][ T5607] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.791423][ T5609] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.806535][ T5607] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.893790][ T5608] veth1_vlan: entered promiscuous mode [ 104.908403][ T3392] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.914269][ T5610] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.930978][ T3392] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.948751][ T3392] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.956104][ T3392] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.414814][ T5608] veth0_macvtap: entered promiscuous mode [ 105.462948][ T5609] veth0_vlan: entered promiscuous mode [ 105.488760][ T5606] veth0_vlan: entered promiscuous mode [ 105.490172][ T5608] veth1_macvtap: entered promiscuous mode [ 105.560904][ T1419] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.560932][ T1419] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.603264][ T5609] veth1_vlan: entered promiscuous mode [ 105.605894][ T5610] veth0_vlan: entered promiscuous mode [ 105.655523][ T5606] veth1_vlan: entered promiscuous mode [ 105.689872][ T5608] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.726092][ T5610] veth1_vlan: entered promiscuous mode [ 105.760460][ T5608] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.799970][ T1419] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.799993][ T1419] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.828138][ T3392] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.852632][ T3392] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.877772][ T3392] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.931753][ T3392] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.000880][ T5609] veth0_macvtap: entered promiscuous mode [ 106.115693][ T5609] veth1_macvtap: entered promiscuous mode [ 106.149277][ T5606] veth0_macvtap: entered promiscuous mode [ 106.352964][ T5610] veth0_macvtap: entered promiscuous mode [ 106.416153][ T5606] veth1_macvtap: entered promiscuous mode [ 106.465606][ T5610] veth1_macvtap: entered promiscuous mode [ 106.535937][ T5609] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.620446][ T5606] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.651910][ T5609] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.690866][ T3392] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.690892][ T3392] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.696895][ T5610] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.734233][ T5606] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.873358][ T1040] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.916518][ T5610] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.916612][ T1040] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.978102][ T1040] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.076783][ T1040] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.088891][ T1040] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.095013][ T1040] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.184031][ T1040] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.213329][ T1040] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.228966][ T140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.228987][ T140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.303459][ T140] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.485504][ T140] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.494004][ T140] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.496596][ T140] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.628142][ T3392] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.628160][ T3392] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.808411][ T3392] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.808432][ T3392] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.957740][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.957759][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.185119][ T1483] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.185142][ T1483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.403947][ T3392] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.423968][ T3392] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.643968][ T5830] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 109.797573][ T1476] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.797595][ T1476] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.373434][ T5614] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 112.431031][ T5600] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 112.729211][ T5614] usb 5-1: Using ep0 maxpacket: 16 [ 112.744921][ T5600] usb 2-1: Using ep0 maxpacket: 32 [ 112.802916][ T5614] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.802954][ T5614] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 112.802999][ T5614] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 112.803025][ T5614] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.804597][ T5600] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 112.804623][ T5600] usb 2-1: config 0 has no interface number 0 [ 112.875455][ T5600] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 112.875485][ T5600] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.875505][ T5600] usb 2-1: Product: syz [ 112.875520][ T5600] usb 2-1: Manufacturer: syz [ 112.875534][ T5600] usb 2-1: SerialNumber: syz [ 112.973117][ T5889] netlink: 204 bytes leftover after parsing attributes in process `syz.2.33'. [ 112.973153][ T5889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.33'. [ 113.082411][ T5614] usb 5-1: config 0 descriptor?? [ 113.129170][ T5600] usb 2-1: config 0 descriptor?? [ 114.048278][ T5600] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 114.048311][ T5600] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 114.112227][ T5600] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 114.141788][ T5600] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71 [ 114.832311][ T5600] usb 2-1: USB disconnect, device number 2 [ 115.416250][ T5614] usbhid 5-1:0.0: can't add hid device: -71 [ 115.416370][ T5614] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 115.509972][ T5614] usb 5-1: USB disconnect, device number 2 [ 116.023767][ T5936] process 'syz.1.47' launched './file2' with NULL argv: empty string added [ 117.161321][ T5963] Zero length message leads to an empty skb [ 117.246647][ T5271] veth1_macvtap: left promiscuous mode [ 117.624628][ T5614] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 117.886363][ T5614] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 117.886394][ T5614] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 117.886414][ T5614] usb 2-1: config 220 contains an unexpected descriptor of type 0x1, skipping [ 117.886434][ T5614] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 117.886464][ T5614] usb 2-1: config 220 has no interface number 2 [ 117.886535][ T5614] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 117.886564][ T5614] usb 2-1: config 220 interface 0 has no altsetting 0 [ 117.886583][ T5614] usb 2-1: config 220 interface 76 has no altsetting 0 [ 117.886602][ T5614] usb 2-1: config 220 interface 1 has no altsetting 0 [ 117.958494][ T5614] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 117.958533][ T5614] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.958550][ T5614] usb 2-1: Product: syz [ 117.958564][ T5614] usb 2-1: Manufacturer: syz [ 117.958576][ T5614] usb 2-1: SerialNumber: syz [ 118.414761][ T5614] uvcvideo 2-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 118.414809][ T5614] uvcvideo 2-1:220.0: No valid video chain found. [ 118.414997][ T5614] usb 2-1: selecting invalid altsetting 0 [ 118.500621][ T5614] usb 2-1: selecting invalid altsetting 0 [ 118.500663][ T5614] usbtest 2-1:220.1: probe with driver usbtest failed with error -22 [ 118.561584][ T5614] usb 2-1: USB disconnect, device number 3 [ 119.286866][ T5997] netlink: 8 bytes leftover after parsing attributes in process `syz.2.70'. [ 119.286895][ T5997] netlink: 4 bytes leftover after parsing attributes in process `syz.2.70'. [ 120.025764][ T6016] __vm_enough_memory: pid: 6016, comm: syz.1.76, bytes: 11728013389824 not enough memory for the allocation [ 121.854313][ T5746] IPVS: starting estimator thread 0... [ 122.305455][ T6067] IPVS: using max 8 ests per chain, 19200 per kthread [ 123.144641][ T6097] Illegal XDP return value 4291336736 on prog (id 13) dev N/A, expect packet loss! [ 123.214023][ T6103] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.110'. [ 123.302969][ T6102] loop4: detected capacity change from 0 to 7 [ 123.390187][ T5704] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 123.487614][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 123.538267][ T5704] usb 1-1: Using ep0 maxpacket: 32 [ 123.540895][ T5704] usb 1-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 123.540934][ T5704] usb 1-1: config 0 interface 0 has no altsetting 0 [ 123.540958][ T5704] usb 1-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 123.540975][ T5704] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.641519][ T5803] Buffer I/O error on dev loop4, logical block 0, async page read [ 123.675517][ T5803] Buffer I/O error on dev loop4, logical block 0, async page read [ 123.676155][ T5803] Buffer I/O error on dev loop4, logical block 0, async page read [ 123.676758][ T5803] Buffer I/O error on dev loop4, logical block 0, async page read [ 123.702672][ T5803] Buffer I/O error on dev loop4, logical block 0, async page read [ 123.884666][ T5704] usb 1-1: config 0 descriptor?? [ 125.049082][ T5704] corsair-cpro 0003:1B1C:0C10.0001: unknown main item tag 0x0 [ 125.049128][ T5704] corsair-cpro 0003:1B1C:0C10.0001: unknown main item tag 0x0 [ 125.049156][ T5704] corsair-cpro 0003:1B1C:0C10.0001: unknown main item tag 0x0 [ 125.049183][ T5704] corsair-cpro 0003:1B1C:0C10.0001: unknown main item tag 0x0 [ 125.049211][ T5704] corsair-cpro 0003:1B1C:0C10.0001: unknown main item tag 0x0 [ 125.311281][ T5704] corsair-cpro 0003:1B1C:0C10.0001: hidraw0: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.0-1/input0 [ 126.169723][ T6163] netlink: 8 bytes leftover after parsing attributes in process `syz.2.133'. [ 126.262103][ T5704] corsair-cpro 0003:1B1C:0C10.0001: probe with driver corsair-cpro failed with error -110 [ 126.434526][ T5704] usb 1-1: USB disconnect, device number 2 [ 126.493202][ T6170] netlink: 8 bytes leftover after parsing attributes in process `syz.0.136'. [ 126.593010][ T6173] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bond, syncid = 0, id = 0 [ 128.987877][ T6217] capability: warning: `syz.1.152' uses deprecated v2 capabilities in a way that may be insecure [ 129.718376][ T6232] netlink: 'syz.0.157': attribute type 9 has an invalid length. [ 129.718402][ T6232] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.157'. [ 131.108265][ T6251] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 131.163204][ T6251] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 132.224277][ T6288] netlink: 27 bytes leftover after parsing attributes in process `syz.3.179'. [ 132.554470][ T6300] netlink: 12 bytes leftover after parsing attributes in process `syz.3.184'. [ 132.554510][ T6300] netlink: 'syz.3.184': attribute type 1 has an invalid length. [ 132.785307][ T6306] vcan0: tx drop: invalid da for name 0x00000000000000fe [ 133.031519][ T1337] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.031624][ T1337] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.036741][ T6345] sctp: [Deprecated]: syz.0.197 (pid 6345) Use of int in maxseg socket option. [ 134.036741][ T6345] Use struct sctp_assoc_value instead [ 134.080487][ T6346] netlink: 16 bytes leftover after parsing attributes in process `syz.4.198'. [ 134.414239][ T6356] netlink: 36 bytes leftover after parsing attributes in process `syz.0.201'. [ 134.557161][ T6358] netlink: 220 bytes leftover after parsing attributes in process `syz.0.201'. [ 135.035990][ T6375] netlink: 'syz.4.208': attribute type 7 has an invalid length. [ 135.857693][ T6394] h: entered promiscuous mode [ 136.164106][ T6410] netlink: 27 bytes leftover after parsing attributes in process `syz.3.222'. [ 136.541283][ T6418] Bluetooth: MGMT ver 1.23 [ 136.598818][ T5616] block nbd0: Receive control failed (result -32) [ 136.599491][ T5616] block nbd0: Receive control failed (result -32) [ 136.689556][ T6392] nbd0: detected capacity change from 0 to 128 [ 136.793791][ T6156] block nbd0: Dead connection, failed to find a fallback [ 136.826866][ T6156] block nbd0: shutting down sockets [ 136.826891][ T6156] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 136.826921][ T6156] Buffer I/O error on dev nbd0, logical block 0, async page read [ 136.941250][ T6156] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 136.941287][ T6156] Buffer I/O error on dev nbd0, logical block 0, async page read [ 136.941454][ T6156] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 136.941480][ T6156] Buffer I/O error on dev nbd0, logical block 0, async page read [ 136.941638][ T6156] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 136.941663][ T6156] Buffer I/O error on dev nbd0, logical block 0, async page read [ 136.941829][ T6156] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 136.941855][ T6156] Buffer I/O error on dev nbd0, logical block 0, async page read [ 136.942036][ T6156] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 136.942062][ T6156] Buffer I/O error on dev nbd0, logical block 0, async page read [ 136.942235][ T6156] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 136.942260][ T6156] Buffer I/O error on dev nbd0, logical block 0, async page read [ 136.942415][ T6156] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 136.942440][ T6156] Buffer I/O error on dev nbd0, logical block 0, async page read [ 137.131483][ T6156] ldm_validate_partition_table(): Disk read failed. [ 137.131589][ T6156] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 137.131615][ T6156] Buffer I/O error on dev nbd0, logical block 0, async page read [ 137.131791][ T6156] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 137.131814][ T6156] Buffer I/O error on dev nbd0, logical block 0, async page read [ 137.132255][ T6156] Dev nbd0: unable to read RDB block 0 [ 137.244652][ T6156] nbd0: unable to read partition table [ 137.363269][ T6156] ldm_validate_partition_table(): Disk read failed. [ 137.363926][ T6156] Dev nbd0: unable to read RDB block 0 [ 137.393031][ T6156] nbd0: unable to read partition table [ 137.465162][ T37] audit: type=1326 audit(1777370818.680:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6432 comm="syz.4.230" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f26b6afcdd9 code=0x0 [ 138.413051][ T6471] loop3: detected capacity change from 0 to 7 [ 138.554113][ T6471] Dev loop3: unable to read RDB block 7 [ 138.554159][ T6471] loop3: AHDI p1 p2 [ 138.554191][ T6471] loop3: partition table partially beyond EOD, truncated [ 138.554417][ T6471] loop3: p1 start 1702000233 is beyond EOD, truncated [ 139.187441][ T5614] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 139.337407][ T5614] usb 1-1: Using ep0 maxpacket: 16 [ 139.342316][ T5614] usb 1-1: config index 0 descriptor too short (expected 4495, got 71) [ 139.342346][ T5614] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 139.342367][ T5614] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 139.342388][ T5614] usb 1-1: config 0 has no interface number 0 [ 139.379881][ T5614] usb 1-1: New USB device found, idVendor=046c, idProduct=14e0, bcdDevice= 0.01 [ 139.379970][ T5614] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.380026][ T5614] usb 1-1: Product: syz [ 139.380063][ T5614] usb 1-1: Manufacturer: syz [ 139.380105][ T5614] usb 1-1: SerialNumber: syz [ 139.480914][ T5614] usb 1-1: config 0 descriptor?? [ 139.587130][ T5614] uvcvideo 1-1:0.105: Found UVC 0.00 device syz (046c:14e0) [ 139.587167][ T5614] uvcvideo 1-1:0.105: No valid video chain found. [ 139.935156][ T5614] usb 1-1: USB disconnect, device number 3 [ 142.429661][ T6528] trusted_key: encrypted_key: master key parameter 'us' is invalid [ 142.912677][ T6563] netlink: 32 bytes leftover after parsing attributes in process `syz.0.280'. [ 142.912723][ T6563] netlink: 8 bytes leftover after parsing attributes in process `syz.0.280'. [ 143.234644][ T6575] netlink: 168 bytes leftover after parsing attributes in process `syz.0.285'. [ 143.781570][ T6591] warning: `syz.4.292' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 143.974321][ T6596] bridge0: port 1(bridge_slave_0) entered listening state [ 144.158706][ T6603] binder: 6601:6603 ioctl c0306201 200000000600 returned -14 [ 144.287515][ T5614] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 144.407419][ T5746] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 144.449252][ T5614] usb 1-1: Using ep0 maxpacket: 8 [ 144.483843][ T5614] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 144.483904][ T5614] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 144.483927][ T5614] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 144.483953][ T5614] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 144.483970][ T5614] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 144.484001][ T5614] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 144.484017][ T5614] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.684666][ T5746] usb 5-1: Using ep0 maxpacket: 32 [ 144.762487][ T5746] usb 5-1: unable to get BOS descriptor or descriptor too short [ 144.794247][ T5746] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 144.794288][ T5746] usb 5-1: can't read configurations, error -71 [ 144.870156][ T5614] usb 1-1: usb_control_msg returned -32 [ 144.870208][ T5614] usbtmc 1-1:16.0: can't read capabilities [ 144.882846][ T6618] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 144.934609][ T6616] overlayfs: conflicting lowerdir path [ 145.193133][ T6621] netlink: 16 bytes leftover after parsing attributes in process `syz.3.307'. [ 145.193163][ T6621] netlink: 16 bytes leftover after parsing attributes in process `syz.3.307'. [ 145.315432][ T5614] usb 1-1: USB disconnect, device number 4 [ 149.502293][ T6731] ======================================================= [ 149.502293][ T6731] WARNING: The mand mount option has been deprecated and [ 149.502293][ T6731] and is ignored by this kernel. Remove the mand [ 149.502293][ T6731] option from the mount to silence this warning. [ 149.502293][ T6731] ======================================================= [ 150.222322][ T4926] Bluetooth: hci1: command 0x0406 tx timeout [ 152.104383][ T6775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.370'. [ 152.225596][ T5616] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 152.225800][ T5616] Bluetooth: hci4: Injecting HCI hardware error event [ 152.228476][ T4926] Bluetooth: hci4: hardware error 0x00 [ 152.333869][ T6779] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.371'. [ 152.796181][ T6795] netlink: 'syz.2.379': attribute type 12 has an invalid length. [ 152.796203][ T6795] netlink: 'syz.2.379': attribute type 29 has an invalid length. [ 152.796217][ T6795] netlink: 148 bytes leftover after parsing attributes in process `syz.2.379'. [ 152.796254][ T6795] netlink: 'syz.2.379': attribute type 1 has an invalid length. [ 152.796267][ T6795] netlink: 'syz.2.379': attribute type 2 has an invalid length. [ 152.796280][ T6795] netlink: 15 bytes leftover after parsing attributes in process `syz.2.379'. [ 152.958990][ T823] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 153.148005][ T823] usb 2-1: Using ep0 maxpacket: 32 [ 153.164053][ T823] usb 2-1: config 0 has an invalid interface number: 184 but max is 0 [ 153.164082][ T823] usb 2-1: config 0 has no interface number 0 [ 153.164131][ T823] usb 2-1: config 0 interface 184 has no altsetting 0 [ 153.192998][ T823] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 153.193030][ T823] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.193051][ T823] usb 2-1: Product: syz [ 153.193067][ T823] usb 2-1: Manufacturer: syz [ 153.193082][ T823] usb 2-1: SerialNumber: syz [ 153.254033][ T823] usb 2-1: config 0 descriptor?? [ 153.783771][ T6810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.385'. [ 153.903819][ T823] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 153.903855][ T823] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 154.113480][ T823] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71 [ 154.113513][ T823] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71 [ 154.113531][ T823] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 154.113784][ T823] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71 [ 154.118063][ T6812] netlink: 4 bytes leftover after parsing attributes in process `syz.4.386'. [ 154.196489][ T823] usb 2-1: USB disconnect, device number 4 [ 154.236206][ T6812] netlink: 16 bytes leftover after parsing attributes in process `syz.4.386'. [ 154.457658][ T4926] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 154.693575][ T6827] syz.2.392 uses obsolete (PF_INET,SOCK_PACKET) [ 155.996570][ T6862] capability: warning: `syz.0.404' uses 32-bit capabilities (legacy support in use) [ 156.330635][ T1422] Bluetooth: hci5: Frame reassembly failed (-84) [ 156.623888][ T6883] netlink: 128 bytes leftover after parsing attributes in process `syz.4.413'. [ 157.902620][ T6907] netlink: 'syz.2.418': attribute type 2 has an invalid length. [ 157.902642][ T6907] netlink: 16 bytes leftover after parsing attributes in process `syz.2.418'. [ 158.297520][ T5616] Bluetooth: hci5: command 0x1003 tx timeout [ 158.297708][ T4926] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 159.454198][ T6952] netlink: 4 bytes leftover after parsing attributes in process `syz.2.444'. [ 159.507629][ T6954] netlink: 168 bytes leftover after parsing attributes in process `syz.1.443'. [ 159.620353][ T823] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 159.767337][ T823] usb 4-1: Using ep0 maxpacket: 16 [ 159.789646][ T823] usb 4-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 159.789676][ T823] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 159.789697][ T823] usb 4-1: Product: syz [ 159.789711][ T823] usb 4-1: Manufacturer: syz [ 159.789726][ T823] usb 4-1: SerialNumber: syz [ 159.838144][ T823] usb 4-1: config 0 descriptor?? [ 159.872015][ T823] ssu100 4-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 160.604060][ T5730] kernel read not supported for file /vcsa (pid: 5730 comm: kworker/0:4) [ 160.896273][ T823] ssu100 4-1:0.0: probe with driver ssu100 failed with error -71 [ 160.984258][ T823] usb 4-1: USB disconnect, device number 2 [ 162.037842][ T5746] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 162.207526][ T5746] usb 2-1: Using ep0 maxpacket: 8 [ 162.224382][ T5746] usb 2-1: unable to get BOS descriptor or descriptor too short [ 162.262559][ T5746] usb 2-1: string descriptor 0 read error: -22 [ 162.262713][ T5746] usb 2-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 0.40 [ 162.262739][ T5746] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.673283][ T5746] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 162.739808][ T5746] snd-usb-audio 2-1:1.1: probe with driver snd-usb-audio failed with error -22 [ 163.909137][ T5614] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 164.088867][ T5614] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 164.088947][ T5614] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8 [ 164.088973][ T5614] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 164.135984][ T5614] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 164.136016][ T5614] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.136038][ T5614] usb 3-1: Product: syz [ 164.136053][ T5614] usb 3-1: Manufacturer: syz [ 164.136067][ T5614] usb 3-1: SerialNumber: syz [ 164.399646][ T7055] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input7 [ 164.684489][ T7050] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 165.303153][ T7050] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 165.510836][ T5614] cdc_ncm 3-1:1.0: bind() failure [ 165.696071][ T5614] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71 [ 165.719069][ T5614] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71 [ 165.751492][ T5614] usbtest 3-1:1.1: probe with driver usbtest failed with error -71 [ 165.787463][ T5614] usb 3-1: USB disconnect, device number 2 [ 165.789807][ T5746] snd-usb-audio 2-1:1.2: probe with driver snd-usb-audio failed with error -22 [ 165.793954][ T5746] usb 2-1: USB disconnect, device number 5 [ 167.253618][ T7103] netlink: 'syz.3.504': attribute type 4 has an invalid length. [ 168.344967][ T7133] syzkaller1: entered promiscuous mode [ 168.344993][ T7133] syzkaller1: entered allmulticast mode [ 168.457718][ T7139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.521'. [ 168.457744][ T7139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.521'. [ 169.061090][ T5744] kernel write not supported for file [eventfd] (pid: 5744 comm: kworker/0:6) [ 169.678022][ T5744] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 169.830755][ T5744] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 169.830788][ T5744] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 169.830808][ T5744] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 169.830858][ T5744] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 169.830885][ T5744] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 169.836918][ T5744] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 169.836952][ T5744] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 169.836974][ T5744] usb 3-1: Product: syz [ 169.836990][ T5744] usb 3-1: Manufacturer: syz [ 169.956834][ T5744] cdc_wdm 3-1:1.0: skipping garbage [ 169.956856][ T5744] cdc_wdm 3-1:1.0: skipping garbage [ 169.975358][ T5744] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 169.975398][ T5744] cdc_wdm 3-1:1.0: Unknown control protocol [ 170.830611][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -EPIPE [ 171.031313][ T5730] usb 3-1: USB disconnect, device number 3 [ 173.092966][ T7257] input input8: cannot allocate more than FF_MAX_EFFECTS effects [ 173.616850][ T37] audit: type=1800 audit(1777370854.860:3): pid=7276 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.577" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 174.126870][ T5746] kernel read not supported for file /usbmon6 (pid: 5746 comm: kworker/1:6) [ 174.556245][ T5730] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 174.714667][ T5730] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 174.714728][ T5730] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 174.714757][ T5730] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 174.714801][ T5730] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 174.714825][ T5730] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.876657][ T5730] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 174.888017][ T5730] usb 2-1: invalid MIDI out EP 0 [ 175.139534][ T7309] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.140194][ T7309] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.193992][ T7311] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 175.193992][ T7311] The task syz.0.590 (7311) triggered the difference, watch for misbehavior. [ 175.751895][ T7324] Invalid ELF header len 8 [ 175.889761][ T7327] netlink: 12 bytes leftover after parsing attributes in process `syz.3.599'. [ 175.889792][ T7327] netlink: 12 bytes leftover after parsing attributes in process `syz.3.599'. [ 176.477094][ T7334] netlink: 36 bytes leftover after parsing attributes in process `syz.0.604'. [ 176.477119][ T7334] netlink: 24 bytes leftover after parsing attributes in process `syz.0.604'. [ 176.870733][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 177.079150][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024 [ 177.079202][ T9] usb 5-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00 [ 177.079226][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.157927][ T9] usb 5-1: config 0 descriptor?? [ 177.159655][ T7339] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 177.730336][ T9] logitech-djreceiver 0003:046D:C71F.0002: unknown main item tag 0x0 [ 177.730382][ T9] logitech-djreceiver 0003:046D:C71F.0002: unknown main item tag 0x0 [ 177.730433][ T9] logitech-djreceiver 0003:046D:C71F.0002: unknown main item tag 0x0 [ 177.730461][ T9] logitech-djreceiver 0003:046D:C71F.0002: unknown main item tag 0x0 [ 177.730488][ T9] logitech-djreceiver 0003:046D:C71F.0002: unknown main item tag 0x0 [ 177.730515][ T9] logitech-djreceiver 0003:046D:C71F.0002: unknown main item tag 0x0 [ 177.730594][ T9] logitech-djreceiver 0003:046D:C71F.0002: unknown main item tag 0x0 [ 177.730621][ T9] logitech-djreceiver 0003:046D:C71F.0002: unknown main item tag 0x0 [ 177.730649][ T9] logitech-djreceiver 0003:046D:C71F.0002: unknown main item tag 0x0 [ 177.730677][ T9] logitech-djreceiver 0003:046D:C71F.0002: unknown main item tag 0x0 [ 177.733502][ T5730] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 178.049721][ T5730] usb 2-1: USB disconnect, device number 6 [ 178.174608][ T9] usb 5-1: USB disconnect, device number 5 [ 178.410885][ T5730] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 178.578766][ T5730] usb 2-1: Using ep0 maxpacket: 8 [ 178.581110][ T5730] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 178.585269][ T5730] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 178.585299][ T5730] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 178.585321][ T5730] usb 2-1: Product: syz [ 178.585335][ T5730] usb 2-1: Manufacturer: syz [ 178.585349][ T5730] usb 2-1: SerialNumber: syz [ 179.064408][ T5730] usb 2-1: Handspring Visor / Palm OS: No valid connect info available [ 179.064433][ T5730] usb 2-1: Handspring Visor / Palm OS: port 0, is for HotSync use [ 179.064455][ T5730] usb 2-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 179.064474][ T5730] usb 2-1: Handspring Visor / Palm OS: Number of ports: 2 [ 179.144423][ T7390] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 179.242421][ T7390] batadv_slave_0: entered promiscuous mode [ 179.278934][ T5730] usb 2-1: palm_os_3_probe - error -71 getting bytes available request [ 179.279007][ T5730] visor 2-1:1.0: Handspring Visor / Palm OS converter detected [ 179.486600][ T5730] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 179.533364][ T5730] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 179.723581][ T5730] usb 2-1: USB disconnect, device number 7 [ 180.068764][ T5730] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 180.235255][ T5730] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 180.338118][ T5730] visor 2-1:1.0: device disconnected [ 181.167725][ T5704] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 181.332214][ T5704] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.332249][ T5704] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 181.332272][ T5704] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 181.332313][ T5704] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 181.332333][ T5704] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.435492][ T5704] usb 1-1: config 0 descriptor?? [ 181.539814][ T7447] netlink: 'syz.3.649': attribute type 64 has an invalid length. [ 181.547217][ T7447] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.606514][ T7447] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.501016][ T7471] netlink: 'syz.1.657': attribute type 3 has an invalid length. [ 182.749453][ T5704] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 182.858746][ T5704] usb 1-1: USB disconnect, device number 5 [ 183.091790][ T7485] netlink: 34 bytes leftover after parsing attributes in process `syz.0.661'. [ 183.422631][ T7495] loop5: detected capacity change from 0 to 7 [ 183.489048][ T7495] Dev loop5: unable to read RDB block 7 [ 183.489080][ T7495] loop5: AHDI p1 p2 [ 183.489123][ T7495] loop5: partition table partially beyond EOD, truncated [ 183.523235][ T7495] loop5: p1 size 150995456 extends beyond EOD, truncated [ 183.656451][ T7508] serio: Serial port ptm0 [ 184.278429][ T5926] udevd[5926]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 185.094324][ T7543] batadv_slave_1: entered promiscuous mode [ 185.105615][ T7542] batadv_slave_1: left promiscuous mode [ 185.117382][ T5704] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 185.147412][ T838] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 185.298714][ T838] usb 5-1: Using ep0 maxpacket: 8 [ 185.328075][ T5704] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 185.328461][ T5704] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 185.328479][ T5704] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 185.328510][ T5704] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 185.328527][ T5704] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.455560][ T838] usb 5-1: unable to get BOS descriptor or descriptor too short [ 185.467689][ T838] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 185.467728][ T838] usb 5-1: can't read configurations, error -71 [ 185.544228][ T5704] usb 1-1: config 0 descriptor?? [ 185.648799][ T7552] input: syz1 as /devices/virtual/input/input9 [ 185.649987][ T7552] input: failed to attach handler leds to device input9, error: -6 [ 185.772400][ T7554] netlink: 104 bytes leftover after parsing attributes in process `syz.3.690'. [ 186.109084][ T5704] hid_parser_main: 477 callbacks suppressed [ 186.109111][ T5704] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 186.109142][ T5704] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 186.109169][ T5704] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 186.109196][ T5704] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 186.109223][ T5704] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 186.256232][ T5704] microsoft 0003:045E:07DA.0004: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 186.256268][ T5704] microsoft 0003:045E:07DA.0004: no inputs found [ 186.256283][ T5704] microsoft 0003:045E:07DA.0004: could not initialize ff, continuing anyway [ 186.316514][ T5704] usb 1-1: USB disconnect, device number 6 [ 186.582629][ T7561] fido_id[7561]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 186.877426][ T838] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 187.032395][ T838] usb 3-1: config 0 has an invalid interface number: 41 but max is 0 [ 187.032426][ T838] usb 3-1: config 0 has no interface number 0 [ 187.032476][ T838] usb 3-1: config 0 interface 41 has no altsetting 0 [ 187.083222][ T838] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 187.083256][ T838] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 187.083278][ T838] usb 3-1: Product: syz [ 187.083293][ T838] usb 3-1: Manufacturer: syz [ 187.083309][ T838] usb 3-1: SerialNumber: syz [ 187.272590][ T838] usb 3-1: config 0 descriptor?? [ 187.877406][ T5746] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 188.051355][ T5746] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.051391][ T5746] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.051432][ T5746] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.01 [ 188.051457][ T5746] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.121921][ T5746] usb 2-1: config 0 descriptor?? [ 188.154942][ T838] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9 [ 188.182803][ T838] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -71 [ 188.278545][ T838] usb 3-1: USB disconnect, device number 4 [ 188.551848][ T37] audit: type=1326 audit(1777370869.830:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7606 comm="syz.3.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2a20cdd9 code=0x7ffc0000 [ 188.551904][ T37] audit: type=1326 audit(1777370869.830:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7606 comm="syz.3.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2a20cdd9 code=0x7ffc0000 [ 188.553588][ T37] audit: type=1326 audit(1777370869.830:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7606 comm="syz.3.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2a20cdd9 code=0x7ffc0000 [ 188.553639][ T37] audit: type=1326 audit(1777370869.830:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7606 comm="syz.3.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2a20cdd9 code=0x7ffc0000 [ 188.553684][ T37] audit: type=1326 audit(1777370869.830:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7606 comm="syz.3.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f4f2a20cdd9 code=0x7ffc0000 [ 188.553736][ T37] audit: type=1326 audit(1777370869.830:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7606 comm="syz.3.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2a20cdd9 code=0x7ffc0000 [ 188.553780][ T37] audit: type=1326 audit(1777370869.830:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7606 comm="syz.3.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2a20cdd9 code=0x7ffc0000 [ 188.553822][ T37] audit: type=1326 audit(1777370869.830:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7606 comm="syz.3.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2a20cdd9 code=0x7ffc0000 [ 188.568372][ T37] audit: type=1326 audit(1777370869.830:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7606 comm="syz.3.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f4f2a20cdd9 code=0x7ffc0000 [ 188.764848][ T5746] arvo 0003:1E7D:30D4.0005: item fetching failed at offset 3/7 [ 188.765756][ T5746] arvo 0003:1E7D:30D4.0005: parse failed [ 188.765948][ T5746] arvo 0003:1E7D:30D4.0005: probe with driver arvo failed with error -22 [ 188.796754][ T37] audit: type=1326 audit(1777370869.830:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7606 comm="syz.3.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2a20cdd9 code=0x7ffc0000 [ 188.859541][ T5746] usb 2-1: USB disconnect, device number 8 [ 189.026920][ T7609] pim6reg: entered allmulticast mode [ 189.033685][ T7608] pim6reg: left allmulticast mode [ 190.041069][ T7640] netlink: 20 bytes leftover after parsing attributes in process `syz.4.725'. [ 193.694709][ T7748] binder: 7746:7748 ioctl c0306201 2000000001c0 returned -14 [ 193.991002][ T7754] [ 193.991015][ T7754] ====================================================== [ 193.991024][ T7754] WARNING: possible circular locking dependency detected [ 193.991043][ T7754] syzkaller #0 Tainted: G L [ 193.991055][ T7754] ------------------------------------------------------ [ 193.991071][ T7754] syz.4.771/7754 is trying to acquire lock: [ 193.991083][ T7754] ffff88803ae8d218 (sk_lock-AF_INET){+.+.}-{0:0}, at: inet_shutdown+0x6a/0x390 [ 193.991141][ T7754] [ 193.991141][ T7754] but task is already holding lock: [ 193.991148][ T7754] ffff88802faa8a60 (&nsock->tx_lock){+.+.}-{4:4}, at: sock_shutdown+0x14f/0x260 [ 193.991195][ T7754] [ 193.991195][ T7754] which lock already depends on the new lock. [ 193.991195][ T7754] [ 193.991203][ T7754] [ 193.991203][ T7754] the existing dependency chain (in reverse order) is: [ 193.991211][ T7754] [ 193.991211][ T7754] -> #6 (&nsock->tx_lock){+.+.}-{4:4}: [ 193.991241][ T7754] mutex_lock_nested+0x5a/0x1d0 [ 193.991268][ T7754] nbd_queue_rq+0x37b/0x1100 [ 193.991287][ T7754] blk_mq_dispatch_rq_list+0xa77/0x1910 [ 193.991317][ T7754] __blk_mq_sched_dispatch_requests+0xddb/0x1610 [ 193.991350][ T7754] blk_mq_sched_dispatch_requests+0xda/0x1a0 [ 193.991380][ T7754] blk_mq_run_hw_queue+0x368/0x520 [ 193.991406][ T7754] blk_mq_dispatch_list+0xd1f/0xe20 [ 193.991435][ T7754] blk_mq_flush_plug_list+0x48d/0x570 [ 193.991462][ T7754] __blk_flush_plug+0x3ed/0x4d0 [ 193.991490][ T7754] __submit_bio+0x28d/0x580 [ 193.991518][ T7754] submit_bio_noacct_nocheck+0x2f4/0xa40 [ 193.991545][ T7754] block_read_full_folio+0x7b7/0x830 [ 193.991574][ T7754] filemap_read_folio+0x137/0x3b0 [ 193.991596][ T7754] do_read_cache_folio+0x2bf/0x560 [ 193.991619][ T7754] read_part_sector+0xb8/0x2b0 [ 193.991645][ T7754] adfspart_check_ICS+0xb1/0x960 [ 193.991673][ T7754] bdev_disk_changed+0x817/0x1770 [ 193.991700][ T7754] blkdev_get_whole+0x2e5/0x480 [ 193.991728][ T7754] bdev_open+0x31e/0xcc0 [ 193.991753][ T7754] blkdev_open+0x485/0x620 [ 193.991782][ T7754] do_dentry_open+0x83d/0x13e0 [ 193.991811][ T7754] vfs_open+0x3b/0x350 [ 193.991838][ T7754] path_openat+0x2e43/0x38a0 [ 193.991859][ T7754] do_file_open+0x23e/0x4a0 [ 193.991879][ T7754] do_sys_openat2+0x113/0x200 [ 193.991909][ T7754] __x64_sys_openat+0x138/0x170 [ 193.991939][ T7754] do_syscall_64+0x15f/0xf80 [ 193.991957][ T7754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.991978][ T7754] [ 193.991978][ T7754] -> #5 (&cmd->lock){+.+.}-{4:4}: [ 193.992008][ T7754] mutex_lock_nested+0x5a/0x1d0 [ 193.992033][ T7754] nbd_queue_rq+0xc6/0x1100 [ 193.992052][ T7754] blk_mq_dispatch_rq_list+0xa77/0x1910 [ 193.992088][ T7754] __blk_mq_sched_dispatch_requests+0xddb/0x1610 [ 193.992119][ T7754] blk_mq_sched_dispatch_requests+0xda/0x1a0 [ 193.992148][ T7754] blk_mq_run_hw_queue+0x368/0x520 [ 193.992173][ T7754] blk_mq_dispatch_list+0xd1f/0xe20 [ 193.992200][ T7754] blk_mq_flush_plug_list+0x48d/0x570 [ 193.992229][ T7754] __blk_flush_plug+0x3ed/0x4d0 [ 193.992256][ T7754] __submit_bio+0x28d/0x580 [ 193.992284][ T7754] submit_bio_noacct_nocheck+0x2f4/0xa40 [ 193.992311][ T7754] block_read_full_folio+0x7b7/0x830 [ 193.992338][ T7754] filemap_read_folio+0x137/0x3b0 [ 193.992360][ T7754] do_read_cache_folio+0x2bf/0x560 [ 193.992382][ T7754] read_part_sector+0xb8/0x2b0 [ 193.992408][ T7754] adfspart_check_ICS+0xb1/0x960 [ 193.992435][ T7754] bdev_disk_changed+0x817/0x1770 [ 193.992462][ T7754] blkdev_get_whole+0x2e5/0x480 [ 193.992489][ T7754] bdev_open+0x31e/0xcc0 [ 193.992515][ T7754] blkdev_open+0x485/0x620 [ 193.992542][ T7754] do_dentry_open+0x83d/0x13e0 [ 193.992570][ T7754] vfs_open+0x3b/0x350 [ 193.992597][ T7754] path_openat+0x2e43/0x38a0 [ 193.992618][ T7754] do_file_open+0x23e/0x4a0 [ 193.992638][ T7754] do_sys_openat2+0x113/0x200 [ 193.992666][ T7754] __x64_sys_openat+0x138/0x170 [ 193.992694][ T7754] do_syscall_64+0x15f/0xf80 [ 193.992712][ T7754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.992731][ T7754] [ 193.992731][ T7754] -> #4 (set->srcu){.+.+}-{0:0}: [ 193.992760][ T7754] __synchronize_srcu+0xca/0x300 [ 193.992785][ T7754] elevator_switch+0x1e8/0x7a0 [ 193.992810][ T7754] elevator_change+0x2cc/0x450 [ 193.992835][ T7754] elevator_set_default+0x36c/0x430 [ 193.992859][ T7754] blk_register_queue+0x3e9/0x4e0 [ 193.992886][ T7754] __add_disk+0x677/0xd50 [ 193.992903][ T7754] add_disk_fwnode+0xfb/0x480 [ 193.992919][ T7754] nbd_dev_add+0x72c/0xb50 [ 193.992935][ T7754] nbd_init+0x168/0x1f0 [ 193.992964][ T7754] do_one_initcall+0x250/0x870 [ 193.992986][ T7754] do_initcall_level+0x104/0x190 [ 193.993003][ T7754] do_initcalls+0x59/0xa0 [ 193.993019][ T7754] kernel_init_freeable+0x2a6/0x3e0 [ 193.993049][ T7754] kernel_init+0x1d/0x1d0 [ 193.993082][ T7754] ret_from_fork+0x514/0xb70 [ 193.993102][ T7754] ret_from_fork_asm+0x1a/0x30 [ 193.993125][ T7754] [ 193.993125][ T7754] -> #3 (&q->elevator_lock){+.+.}-{4:4}: [ 193.993154][ T7754] mutex_lock_nested+0x5a/0x1d0 [ 193.993178][ T7754] elevator_change+0x1b3/0x450 [ 193.993202][ T7754] elevator_set_none+0xb5/0x140 [ 193.993227][ T7754] blk_mq_update_nr_hw_queues+0x607/0x1a80 [ 193.993259][ T7754] nbd_start_device+0x17f/0xb20 [ 193.993277][ T7754] nbd_genl_connect+0x1651/0x1c80 [ 193.993308][ T7754] genl_family_rcv_msg_doit+0x22a/0x330 [ 193.993337][ T7754] genl_rcv_msg+0x61c/0x7a0 [ 193.993362][ T7754] netlink_rcv_skb+0x232/0x4b0 [ 193.993381][ T7754] genl_rcv+0x28/0x40 [ 193.993405][ T7754] netlink_unicast+0x780/0x920 [ 193.993435][ T7754] netlink_sendmsg+0x813/0xb40 [ 193.993456][ T7754] ____sys_sendmsg+0x94c/0x9c0 [ 193.993478][ T7754] ___sys_sendmsg+0x2a5/0x360 [ 193.993500][ T7754] __x64_sys_sendmsg+0x1c3/0x2a0 [ 193.993522][ T7754] do_syscall_64+0x15f/0xf80 [ 193.993539][ T7754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.993558][ T7754] [ 193.993558][ T7754] -> #2 (&q->q_usage_counter(io)#49){++++}-{0:0}: [ 193.993594][ T7754] blk_alloc_queue+0x54e/0x690 [ 193.993619][ T7754] __blk_mq_alloc_disk+0x197/0x390 [ 193.993696][ T7754] nbd_dev_add+0x499/0xb50 [ 193.993712][ T7754] nbd_init+0x168/0x1f0 [ 193.993743][ T7754] do_one_initcall+0x250/0x870 [ 193.993765][ T7754] do_initcall_level+0x104/0x190 [ 193.993783][ T7754] do_initcalls+0x59/0xa0 [ 193.993838][ T7754] kernel_init_freeable+0x2a6/0x3e0 [ 193.993871][ T7754] kernel_init+0x1d/0x1d0 [ 193.993894][ T7754] ret_from_fork+0x514/0xb70 [ 193.993913][ T7754] ret_from_fork_asm+0x1a/0x30 [ 193.993939][ T7754] [ 193.993939][ T7754] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 193.993969][ T7754] fs_reclaim_acquire+0x71/0x100 [ 193.993995][ T7754] kmem_cache_alloc_node_noprof+0x4b/0x6e0 [ 193.994017][ T7754] __alloc_skb+0x1d0/0x7d0 [ 193.994035][ T7754] tcp_stream_alloc_skb+0x3f/0x5c0 [ 193.994067][ T7754] tcp_sendmsg_locked+0x134b/0x5370 [ 193.994092][ T7754] tcp_sendmsg+0x2f/0x50 [ 193.994115][ T7754] sock_write_iter+0x40c/0x4f0 [ 193.994139][ T7754] vfs_write+0x629/0xba0 [ 193.994158][ T7754] ksys_write+0x156/0x270 [ 193.994178][ T7754] do_syscall_64+0x15f/0xf80 [ 193.994194][ T7754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.994214][ T7754] [ 193.994214][ T7754] -> #0 (sk_lock-AF_INET){+.+.}-{0:0}: [ 193.994243][ T7754] __lock_acquire+0x15a5/0x2cf0 [ 193.994271][ T7754] lock_acquire+0x106/0x350 [ 193.994297][ T7754] lock_sock_nested+0x41/0x130 [ 193.994326][ T7754] inet_shutdown+0x6a/0x390 [ 193.994346][ T7754] nbd_mark_nsock_dead+0x2e9/0x560 [ 193.994366][ T7754] sock_shutdown+0x15e/0x260 [ 193.994384][ T7754] nbd_clear_sock+0x24/0x170 [ 193.994403][ T7754] nbd_ioctl+0x337/0xe40 [ 193.994421][ T7754] blkdev_ioctl+0x5e6/0x750 [ 193.994451][ T7754] __se_sys_ioctl+0xff/0x170 [ 193.994474][ T7754] do_syscall_64+0x15f/0xf80 [ 193.994491][ T7754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.994511][ T7754] [ 193.994511][ T7754] other info that might help us debug this: [ 193.994511][ T7754] [ 193.994519][ T7754] Chain exists of: [ 193.994519][ T7754] sk_lock-AF_INET --> &cmd->lock --> &nsock->tx_lock [ 193.994519][ T7754] [ 193.994553][ T7754] Possible unsafe locking scenario: [ 193.994553][ T7754] [ 193.994560][ T7754] CPU0 CPU1 [ 193.994566][ T7754] ---- ---- [ 193.994573][ T7754] lock(&nsock->tx_lock); [ 193.994587][ T7754] lock(&cmd->lock); [ 193.994602][ T7754] lock(&nsock->tx_lock); [ 193.994618][ T7754] lock(sk_lock-AF_INET); [ 193.994632][ T7754] [ 193.994632][ T7754] *** DEADLOCK *** [ 193.994632][ T7754] [ 193.994650][ T7754] 2 locks held by syz.4.771/7754: [ 193.994663][ T7754] #0: ffff888026923248 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x133/0xe40 [ 193.994714][ T7754] #1: ffff88802faa8a60 (&nsock->tx_lock){+.+.}-{4:4}, at: sock_shutdown+0x14f/0x260 [ 193.994765][ T7754] [ 193.994765][ T7754] stack backtrace: [ 193.994793][ T7754] CPU: 1 UID: 0 PID: 7754 Comm: syz.4.771 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 193.994823][ T7754] Tainted: [L]=SOFTLOCKUP [ 193.994831][ T7754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 193.994852][ T7754] Call Trace: [ 193.994861][ T7754] [ 193.994870][ T7754] dump_stack_lvl+0xe8/0x150 [ 193.994896][ T7754] print_circular_bug+0x2e1/0x300 [ 193.994938][ T7754] check_noncircular+0x12e/0x150 [ 193.994975][ T7754] __lock_acquire+0x15a5/0x2cf0 [ 193.995017][ T7754] ? inet_shutdown+0x6a/0x390 [ 193.995038][ T7754] lock_acquire+0x106/0x350 [ 193.995074][ T7754] ? inet_shutdown+0x6a/0x390 [ 193.995099][ T7754] ? do_raw_spin_lock+0x12b/0x2f0 [ 193.995127][ T7754] lock_sock_nested+0x41/0x130 [ 193.995156][ T7754] ? inet_shutdown+0x6a/0x390 [ 193.995177][ T7754] inet_shutdown+0x6a/0x390 [ 193.995200][ T7754] nbd_mark_nsock_dead+0x2e9/0x560 [ 193.995224][ T7754] sock_shutdown+0x15e/0x260 [ 193.995246][ T7754] nbd_clear_sock+0x24/0x170 [ 193.995266][ T7754] nbd_ioctl+0x337/0xe40 [ 193.995288][ T7754] ? __pfx_nbd_ioctl+0x10/0x10 [ 193.995307][ T7754] ? __asan_memset+0x22/0x50 [ 193.995340][ T7754] ? smack_file_ioctl+0x263/0x360 [ 193.995368][ T7754] ? __pfx_smack_file_ioctl+0x10/0x10 [ 193.995393][ T7754] ? __pfx_nbd_ioctl+0x10/0x10 [ 193.995416][ T7754] blkdev_ioctl+0x5e6/0x750 [ 193.995447][ T7754] ? __pfx_blkdev_ioctl+0x10/0x10 [ 193.995476][ T7754] ? __fget_files+0x2a/0x420 [ 193.995508][ T7754] ? bpf_lsm_file_ioctl+0x9/0x20 [ 193.995531][ T7754] ? __pfx_blkdev_ioctl+0x10/0x10 [ 193.995561][ T7754] __se_sys_ioctl+0xff/0x170 [ 193.995583][ T7754] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.995604][ T7754] do_syscall_64+0x15f/0xf80 [ 193.995622][ T7754] ? trace_irq_disable+0x3b/0x140 [ 193.995646][ T7754] ? clear_bhb_loop+0x40/0x90 [ 193.995670][ T7754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.995691][ T7754] RIP: 0033:0x7f26b6afcdd9 [ 193.995710][ T7754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 193.995729][ T7754] RSP: 002b:00007f26b4d2d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 193.995751][ T7754] RAX: ffffffffffffffda RBX: 00007f26b6d76090 RCX: 00007f26b6afcdd9 [ 193.995768][ T7754] RDX: 0000000000000000 RSI: 000000000000ab04 RDI: 0000000000000004 [ 193.995781][ T7754] RBP: 00007f26b6b92d69 R08: 0000000000000000 R09: 0000000000000000 [ 193.995793][ T7754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 193.995805][ T7754] R13: 00007f26b6d76128 R14: 00007f26b6d76090 R15: 00007ffd6910dfb8 [ 193.995829][ T7754] [ 193.997344][ T7754] block nbd4: shutting down sockets [ 194.458930][ T1337] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.459070][ T1337] ieee802154 phy1 wpan1: encryption failed: -22