last executing test programs: 58.093014953s ago: executing program 1 (id=1200): r0 = socket$inet(0x2, 0x3, 0x6) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @private=0xa010102}, {0x1, @local}, 0x4a, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3a}}}) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000b40)=""/119, 0x77}], 0x1, 0x4000ffe, 0x0) 50.339450911s ago: executing program 1 (id=1202): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x0, 0x400000, 0x1000000000000}) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) timer_settime(r1, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 38.32254007s ago: executing program 0 (id=1203): readv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000140)=""/222, 0xde}], 0x1) r0 = fsopen(&(0x7f0000002200)='ramfs\x00', 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000002640)='mode\x00\xbf+\xb1O\x85I5_Qj\xebIw\x1d\x800\xfc\xed\xf2\xe7=\a\x80W\x17\xe9\x80\x00$S\xce\xf3\x9b\xee$\xa0\x12\xe34m\x17`\x80Z\x16\x9ba\f\xd1\xfaAm+sUh\xae\xf1}G\xb1E\x8e8\xf5\x19\\\xbb\xd9\x83*Ly\x99\xac\x95O\f\xff\xff\x00\x00\x00\x00\x00\x00v', &(0x7f0000000400)='7', 0x0) 33.05482779s ago: executing program 1 (id=1204): r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)=""/178, 0xb2}], 0x1}, 0x2}], 0x1, 0x40000022, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4089, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f0000000540)=""/158, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 29.565818596s ago: executing program 0 (id=1205): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000100000007"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 22.393702463s ago: executing program 1 (id=1206): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000380)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$sock(r1, &(0x7f0000000940)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000400)="0231124dd58c3e6afdb5e752ce972c59c50440c0ada185b974883ee21c8d77b2f7a633f7cb05e1345b429d41469320c4868d0e5fc36947286f30e834374d49c19c4536392e082ffa2c", 0x49}], 0x1}}], 0x1, 0x805) 20.020695108s ago: executing program 0 (id=1207): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='hugetlb.1GB.failcnt\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x100000000) 16.634540793s ago: executing program 0 (id=1208): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x5, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x2, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r1}, 0x38) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r1, &(0x7f0000000140), 0x0}, 0x20) 12.57534496s ago: executing program 1 (id=1209): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f0000000100)=0x4000200, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c) syz_emit_ethernet(0xfdef, &(0x7f0000000280)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0xc, 0x6, "370c89", 0x0, 0x2c, 0x0, @dev={0xfe, 0x80, '\x00', 0x25}, @mcast2}}}}, 0x0) 7.694171403s ago: executing program 1 (id=1210): r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000772904202404019957c2010203010902240001000010000904430002317d5500090502020002020000090582020002"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$uac3(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="0017160000000b234d85aa"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac3(r0, &(0x7f00000001c0)={0x14, &(0x7f0000000080)={0x40, 0xe, 0x2, {0x2, 0x4}}, &(0x7f0000000180)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x426}}}, &(0x7f00000005c0)={0x44, &(0x7f0000000280)={0x40, 0xe, 0x4b, "295c2a7d21830464c3cf2f7f1d36374fa665f6bad2f288b637bf41f89e2c10e16779d9590c5a1cbdd8b91f666c683906aaf4aa5f261d1e892bc76a43ae0f68f1b6bdee8ce2a52f9f0bff9a"}, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x83, 0x1, '\b'}, &(0x7f0000000540)={0x20, 0x84, 0x3, "f08b0d"}, &(0x7f0000000580)={0x20, 0x85, 0x3, "34fd9a"}}) 6.434465527s ago: executing program 0 (id=1211): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000300)={@fallback=r0, r0, 0x2f}, 0x20) r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@cgroup=r0, r1, 0x2f, 0x8, 0x4, @void, @value=r1}, 0x20) 0s ago: executing program 0 (id=1212): r0 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x80000) r1 = socket(0x2, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) ioctl$NBD_SET_SOCK(r0, 0xab08, r1) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:26800' (ED25519) to the list of known hosts. syzkaller login: [ 483.025993][ T3187] cgroup: Unknown subsys name 'net' [ 483.917213][ T3187] cgroup: Unknown subsys name 'cpuset' [ 484.112308][ T3187] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 566.446631][ T3187] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 713.824619][ T3196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 714.027448][ T3196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 718.572301][ T3195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 718.752471][ T3195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 735.602294][ T3196] hsr_slave_0: entered promiscuous mode [ 735.627225][ T3196] hsr_slave_1: entered promiscuous mode [ 737.376008][ T3195] hsr_slave_0: entered promiscuous mode [ 737.409726][ T3195] hsr_slave_1: entered promiscuous mode [ 737.423423][ T3195] debugfs: 'hsr0' already exists in 'hsr' [ 737.426909][ T3195] Cannot create hsr debugfs directory [ 748.735364][ T3196] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 748.956762][ T3196] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 749.127933][ T3196] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 749.870291][ T3196] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 752.063094][ T3195] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 752.463375][ T3195] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 752.786602][ T3195] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 753.115117][ T3195] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 771.545147][ T3196] 8021q: adding VLAN 0 to HW filter on device bond0 [ 772.517496][ T3195] 8021q: adding VLAN 0 to HW filter on device bond0 [ 840.997594][ T3196] veth0_vlan: entered promiscuous mode [ 842.649053][ T3195] veth0_vlan: entered promiscuous mode [ 843.057990][ T3196] veth1_vlan: entered promiscuous mode [ 844.388998][ T3195] veth1_vlan: entered promiscuous mode [ 846.963963][ T3196] veth0_macvtap: entered promiscuous mode [ 847.625532][ T3196] veth1_macvtap: entered promiscuous mode [ 848.802139][ T3195] veth0_macvtap: entered promiscuous mode [ 849.272709][ T3195] veth1_macvtap: entered promiscuous mode [ 852.071378][ T3266] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 852.153696][ T3266] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 852.156118][ T3266] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 852.157887][ T3266] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 855.131584][ T3290] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 855.382984][ T3290] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 855.485501][ T3440] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 855.618669][ T3440] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 858.037640][ T3196] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 917.629826][ T3850] pim6reg99999999: entered allmulticast mode [ 943.501081][ T3874] netlink: 332 bytes leftover after parsing attributes in process `syz.1.22'. [ 948.991035][ T3878] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 1061.965919][ T3948] netlink: 60 bytes leftover after parsing attributes in process `syz.0.55'. [ 1094.030131][ T3968] mmap: syz.1.64 (3968): VmData 28991488 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 1141.502835][ T4002] binder: 4001:4002 unknown command 224 [ 1141.505861][ T4002] binder: 4001:4002 ioctl c0306201 200000000080 returned -22 [ 1164.624367][ T4015] netlink: 8 bytes leftover after parsing attributes in process `syz.1.85'. [ 1218.506585][ T4049] capability: warning: `syz.1.101' uses deprecated v2 capabilities in a way that may be insecure [ 1248.370936][ T3995] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 1248.621055][ T3995] usb 1-1: Using ep0 maxpacket: 16 [ 1248.756426][ T3995] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1248.760088][ T3995] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1248.762161][ T3995] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 1248.763660][ T3995] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1248.969264][ T3995] usb 1-1: config 0 descriptor?? [ 1251.587396][ T3995] konepure 0003:1E7D:2DB4.0001: item fetching failed at offset 1/4 [ 1251.627026][ T3995] konepure 0003:1E7D:2DB4.0001: parse failed [ 1251.650453][ T3995] konepure 0003:1E7D:2DB4.0001: probe with driver konepure failed with error -22 [ 1252.185079][ T3995] usb 1-1: USB disconnect, device number 2 [ 1329.570478][ T3813] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 1329.860316][ T3813] usb 2-1: Using ep0 maxpacket: 32 [ 1331.182580][ T3813] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1331.185183][ T3813] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1331.187661][ T3813] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 1331.195333][ T3813] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1331.661163][ T3813] usb 2-1: config 0 descriptor?? [ 1334.565403][ T3813] koneplus 0003:1E7D:2D51.0002: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.1-1/input0 [ 1334.626442][ T3813] koneplus 0003:1E7D:2D51.0002: couldn't init struct koneplus_device [ 1334.643544][ T3813] koneplus 0003:1E7D:2D51.0002: couldn't install mouse [ 1334.920242][ T3813] koneplus 0003:1E7D:2D51.0002: probe with driver koneplus failed with error -71 [ 1335.297858][ T3813] usb 2-1: USB disconnect, device number 2 [ 1360.614541][ T4176] netlink: 8 bytes leftover after parsing attributes in process `syz.0.144'. [ 1379.865540][ T4190] binder_alloc: binder_alloc_mmap_handler: 4189 200000ffc000-200000fff000 already mapped failed -16 [ 1406.724695][ T4208] xt_hashlimit: size too large, truncated to 1048576 [ 1462.846979][ T4245] Driver unsupported XDP return value 0 on prog (id 13) dev N/A, expect packet loss! [ 1501.893641][ T4270] sch_tbf: burst 0 is lower than device macvtap0 mtu (1514) ! [ 1541.076477][ T4288] UHID_CREATE from different security context by process 205 (syz.1.194), this is not allowed. [ 1556.816470][ T4296] netlink: 4 bytes leftover after parsing attributes in process `syz.1.198'. [ 1577.524953][ T4304] gretap0: entered promiscuous mode [ 1577.634653][ T4304] macvlan2: entered promiscuous mode [ 1578.355479][ T4304] gretap0: left promiscuous mode [ 1668.446039][ T4360] netlink: 32 bytes leftover after parsing attributes in process `syz.1.225'. [ 1671.864877][ T4362] Zero length message leads to an empty skb [ 1698.211180][ T4373] tmpfs: Too few inodes for current use [ 1709.844230][ T4380] veth0: entered promiscuous mode [ 1710.014345][ T4379] veth0: left promiscuous mode [ 1745.363783][ T4398] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 1757.030792][ T4201] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 1757.413325][ T4201] usb 1-1: Using ep0 maxpacket: 16 [ 1757.845081][ T4201] usb 1-1: config 0 has an invalid interface number: 34 but max is 0 [ 1757.846699][ T4201] usb 1-1: config 0 has no interface number 0 [ 1757.849270][ T4201] usb 1-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023 [ 1757.851053][ T4201] usb 1-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80 [ 1758.002379][ T4201] usb 1-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73 [ 1758.004170][ T4201] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1758.005478][ T4201] usb 1-1: Product: syz [ 1758.006544][ T4201] usb 1-1: Manufacturer: syz [ 1758.007633][ T4201] usb 1-1: SerialNumber: syz [ 1758.425132][ T4201] usb 1-1: config 0 descriptor?? [ 1758.495086][ T4405] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1758.554499][ T4405] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1760.043887][ T4405] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1760.065917][ T4405] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1760.473787][ T4201] asix 1-1:0.34 (unnamed net_device) (uninitialized): invalid hw address, using random [ 1760.825208][ T4201] asix 1-1:0.34 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1760.906923][ T4201] asix 1-1:0.34 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 1760.956049][ T4201] asix 1-1:0.34: probe with driver asix failed with error -71 [ 1761.731317][ T4201] usb 1-1: USB disconnect, device number 3 [ 1982.647432][ T4538] syz.1.296 uses obsolete (PF_INET,SOCK_PACKET) [ 1988.345484][ T4540] block nbd0: not configured, cannot reconfigure [ 2001.853960][ T4546] netlink: 8 bytes leftover after parsing attributes in process `syz.1.300'. [ 2002.765456][ T4546] netlink: 8 bytes leftover after parsing attributes in process `syz.1.300'. [ 2032.766953][ T4569] fuse: Bad value for 'group_id' [ 2032.821520][ T4569] fuse: Bad value for 'group_id' [ 2050.770311][ T4578] netlink: 'syz.0.313': attribute type 12 has an invalid length. [ 2090.973555][ T4474] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 2091.882321][ T4474] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 2091.885565][ T4474] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 2091.907731][ T4474] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 2091.923256][ T4474] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2093.342463][ T31] audit: type=1800 audit(2091.970:2): pid=4610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.323" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 2096.257682][ T4474] aiptek 1-1:17.0: Aiptek using 400 ms programming speed [ 2096.754449][ T4474] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input0 [ 2096.893508][ T4474] input: failed to attach handler kbd to device input0, error: -5 [ 2097.704393][ T4474] usb 1-1: USB disconnect, device number 4 [ 2117.785342][ T31] audit: type=1326 audit(2116.380:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4632 comm="syz.1.326" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0x7fff85733992 code=0x0 [ 2192.226605][ T4682] netlink: 8 bytes leftover after parsing attributes in process `syz.1.346'. [ 2192.260071][ T4682] netlink: 4 bytes leftover after parsing attributes in process `syz.1.346'. [ 2193.350060][ T3756] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 2193.400745][ T3756] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 2193.403176][ T3756] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 2193.405237][ T3756] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 2270.303594][ T4732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.366'. [ 2270.305990][ T4732] netlink: 'syz.1.366': attribute type 15 has an invalid length. [ 2270.317491][ T4732] netlink: 'syz.1.366': attribute type 25 has an invalid length. [ 2270.417711][ T4732] netlink: 4 bytes leftover after parsing attributes in process `syz.1.366'. [ 2285.913872][ T4740] faux_driver vgem: [drm] Unknown color mode 13; guessing buffer size. [ 2458.031686][ T4856] netlink: 12 bytes leftover after parsing attributes in process `syz.1.411'. [ 2462.825834][ T4856] netlink: 12 bytes leftover after parsing attributes in process `syz.1.411'. [ 2466.497137][ T4860] netlink: 76 bytes leftover after parsing attributes in process `syz.0.412'. [ 2512.307297][ T4890] binder: 4888:4890 ioctl 541b 0 returned -22 [ 2564.903080][ T805] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 2565.375775][ T805] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 135, changing to 11 [ 2565.392043][ T805] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24844, setting to 1024 [ 2565.394867][ T805] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 2565.397545][ T805] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2566.140730][ T805] usb 1-1: config 0 descriptor?? [ 2568.362825][ T805] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x4 [ 2568.364963][ T805] cm6533_jd 0003:0D8C:0022.0003: item fetching failed at offset 4/5 [ 2568.551777][ T805] cm6533_jd 0003:0D8C:0022.0003: parse failed [ 2568.555198][ T805] cm6533_jd 0003:0D8C:0022.0003: probe with driver cm6533_jd failed with error -22 [ 2569.474989][ T805] usb 1-1: USB disconnect, device number 5 [ 2668.051507][ T4999] mmap: syz.1.461 (4999) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 2703.482163][ T5026] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526 [ 2743.256571][ T5052] netlink: 'syz.1.481': attribute type 32 has an invalid length. [ 2743.323323][ T5052] netlink: 24 bytes leftover after parsing attributes in process `syz.1.481'. [ 2743.325931][ T5052] bond0: option coupled_control: mode dependency failed, not supported in mode balance-rr(0) [ 2804.565329][ T5090] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 2853.387776][ T5127] netlink: 4 bytes leftover after parsing attributes in process `syz.0.508'. [ 2892.260903][ T5151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.519'. [ 2893.537075][ T5156] netlink: 8 bytes leftover after parsing attributes in process `syz.1.519'. [ 2915.705043][ T31] audit: type=1326 audit(2914.290:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5165 comm="syz.0.525" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0x7fffa1b33992 code=0x7fc00000 [ 2996.957132][ T5225] syz.1.548 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 3045.694385][ T5258] can0: slcan on ttyS3. [ 3047.936017][ T5258] can0 (unregistered): slcan off ttyS3. [ 3067.670733][ T5280] syz_tun: entered allmulticast mode [ 3067.814465][ T5280] syz_tun: left allmulticast mode [ 3088.121985][ T5292] veth0_to_team: entered promiscuous mode [ 3088.493621][ T5292] gretap0: entered promiscuous mode [ 3106.743459][ T5306] netlink: 'syz.1.570': attribute type 4 has an invalid length. [ 3122.356567][ T5314] netlink: 32 bytes leftover after parsing attributes in process `syz.1.575'. [ 3163.103634][ T5338] netlink: 20 bytes leftover after parsing attributes in process `syz.1.587'. [ 3251.546196][ T5399] input: syz0 as /devices/virtual/input/input2 [ 3280.175024][ T5419] block nbd0: server does not support multiple connections per device. [ 3280.225992][ T5419] block nbd0: shutting down sockets [ 3296.922765][ T4668] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 3297.381617][ T4668] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 3297.387311][ T4668] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 3297.401683][ T4668] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 3297.404010][ T4668] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3297.634572][ T4668] usb 1-1: config 0 descriptor?? [ 3300.449375][ T4668] usbhid 1-1:0.0: can't add hid device: -71 [ 3300.453606][ T4668] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 3300.655385][ T4668] usb 1-1: USB disconnect, device number 6 [ 3447.120023][ T5521] netlink: 28 bytes leftover after parsing attributes in process `syz.0.657'. [ 3447.153600][ T5521] netlink: 28 bytes leftover after parsing attributes in process `syz.0.657'. [ 3447.484510][ T5521] netlink: 28 bytes leftover after parsing attributes in process `syz.0.657'. [ 3447.486999][ T5521] netlink: 28 bytes leftover after parsing attributes in process `syz.0.657'. [ 3447.562820][ T5521] netlink: 28 bytes leftover after parsing attributes in process `syz.0.657'. [ 3447.566617][ T5521] netlink: 28 bytes leftover after parsing attributes in process `syz.0.657'. [ 3448.706014][ T5522] netlink: 8 bytes leftover after parsing attributes in process `syz.1.658'. [ 3448.720991][ T5522] netem: unknown loss type 0 [ 3448.724651][ T5522] netem: change failed [ 3465.376160][ T4668] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 3465.832567][ T4668] usb 1-1: Using ep0 maxpacket: 32 [ 3465.975438][ T4668] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 3465.977920][ T4668] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 3465.995702][ T4668] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 3465.997792][ T4668] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3466.493455][ T4668] usb 1-1: config 0 descriptor?? [ 3466.692237][ T4668] hub 1-1:0.0: USB hub found [ 3468.786261][ T4668] hub 1-1:0.0: 3 ports detected [ 3469.281345][ T4668] hub 1-1:0.0: hub_hub_status failed (err = -71) [ 3469.284496][ T4668] hub 1-1:0.0: config failed, can't get hub status (err -71) [ 3469.736178][ T4668] usbhid 1-1:0.0: can't add hid device: -71 [ 3469.756148][ T4668] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 3470.160730][ T4668] usb 1-1: USB disconnect, device number 7 [ 3526.031170][ T5586] netlink: 132 bytes leftover after parsing attributes in process `syz.1.679'. [ 3529.213872][ T5588] ptrace attach of "/syz-executor exec"[3196] was attempted by " Ðÿ ð¥ Àÿ Àÿ Ðÿ àÿ ðÿ °ÿ Àÿ ÿÿÿÿ    ÿÿÿÿ   ÿÿÿÿ  [ 3553.513598][ T5604] netlink: 44 bytes leftover after parsing attributes in process `syz.0.686'. [ 3568.379712][ T5610] binder: 5609:5610 ioctl c018620c 200000000000 returned -1 [ 3582.947844][ T5625] netlink: 4 bytes leftover after parsing attributes in process `syz.0.694'. [ 3583.231992][ T5622] hub 1-0:1.0: USB hub found [ 3583.275183][ T5622] hub 1-0:1.0: 1 port detected [ 3673.366510][ T5681] trusted_key: encrypted_key: key user:syz not found [ 3723.972598][ T5716] process 'syz.1.728' launched '/dev/fd/3' with NULL argv: empty string added [ 3738.745564][ T5722] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 3784.313098][ T5748] ubi31: attaching mtd0 [ 3814.496264][ T31] audit: type=1326 audit(3813.160:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5765 comm="syz.1.748" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0x7fff85733992 code=0x0 [ 3823.443956][ T5770] netlink: 16 bytes leftover after parsing attributes in process `syz.1.749'. [ 3823.605835][ T5770] netlink: 12 bytes leftover after parsing attributes in process `syz.1.749'. [ 3823.626714][ T5770] netlink: 12 bytes leftover after parsing attributes in process `syz.1.749'. [ 3923.257966][ T5834] input: syz0 as /devices/virtual/input/input3 [ 3948.937998][ T5852] random: crng reseeded on system resumption [ 3997.967505][ T5878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.795'. [ 3998.072153][ T5878] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 3998.199362][ T5878] netlink: 44 bytes leftover after parsing attributes in process `syz.0.795'. [ 3998.202110][ T5878] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 4005.291212][ T5882] netlink: 332 bytes leftover after parsing attributes in process `syz.0.797'. [ 4005.296122][ T5882] netlink: 196 bytes leftover after parsing attributes in process `syz.0.797'. [ 4011.203577][ T5884] block nbd1: shutting down sockets [ 4056.007423][ T5912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.811'. [ 4056.706619][ T5912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.811'. [ 4077.923416][ T5927] netlink: 16 bytes leftover after parsing attributes in process `syz.1.818'. [ 4078.586002][ T5929] input: syz1 as /devices/virtual/input/input4 [ 4132.199559][ T5971] netlink: 48 bytes leftover after parsing attributes in process `syz.0.836'. [ 4190.447787][ T6010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.849'. [ 4191.110828][ T6010] netlink: 'syz.1.849': attribute type 2 has an invalid length. [ 4235.810098][ T6035] binder: 6034:6035 ioctl c0306201 200000000100 returned -14 [ 4284.797220][ T6070] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 4300.354549][ T6080] vxcan1: tx address claim with dlc 0 [ 4306.306557][ C0] vcan0: j1939_tp_rxtimer: 0xffffaf801a070800: rx timeout, send abort [ 4306.811289][ C0] vcan0: j1939_tp_rxtimer: 0xffffaf801a070800: abort rx timeout. Force session deactivation [ 4318.619197][ T6096] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 4319.098968][ T6097] ªªªªªª: renamed from vlan0 (while UP) [ 4399.514396][ T6147] input: syz0 as /devices/virtual/input/input5 [ 4450.503271][ T6185] netlink: 'syz.1.925': attribute type 8 has an invalid length. [ 4500.001978][ T5350] usb 1-1: new low-speed USB device number 8 using dummy_hcd [ 4501.974437][ T5350] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 4501.980039][ T5350] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 4501.981971][ T5350] usb 1-1: config 0 has no interface number 0 [ 4501.983292][ T5350] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 4501.984949][ T5350] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 4501.986608][ T5350] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 4502.250016][ T5350] usb 1-1: config 0 descriptor?? [ 4503.377089][ T6221] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 4507.686200][ T5350] input: USB Keyspan Remote 06cd:0202 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.21/input/input6 [ 4508.352479][ T5013] usb 1-1: USB disconnect, device number 8 [ 4508.353499][ C0] keyspan_remote 1-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19 [ 4572.136203][ T6277] netlink: 44 bytes leftover after parsing attributes in process `syz.1.954'. [ 4575.815923][ T6279] binder: 6278:6279 ioctl c0306201 200000000640 returned -22 [ 4727.361698][ T866] block nbd0: Receive control failed (result -32) [ 4727.372965][ T866] block nbd0: Receive control failed (result -32) [ 4727.503716][ T6369] nbd0: detected capacity change from 0 to 63 [ 4750.275730][ T31] audit: type=1326 audit(4748.900:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.0.999" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0x7fffa1b33992 code=0x7ffc0000 [ 4750.306404][ T31] audit: type=1326 audit(4748.980:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.0.999" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0x7fffa1b33992 code=0x7ffc0000 [ 4750.727632][ T31] audit: type=1326 audit(4749.400:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.0.999" exe="/syz-executor" sig=0 arch=c00000f3 syscall=280 compat=0 ip=0x7fffa1b33992 code=0x7ffc0000 [ 4750.814778][ T31] audit: type=1326 audit(4749.490:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.0.999" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0x7fffa1b33992 code=0x7ffc0000 [ 4750.844455][ T31] audit: type=1326 audit(4749.520:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.0.999" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0x7fffa1b33992 code=0x7ffc0000 [ 4751.210579][ T31] audit: type=1326 audit(4749.830:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.0.999" exe="/syz-executor" sig=0 arch=c00000f3 syscall=277 compat=0 ip=0x7fffa1b33992 code=0x7ffc0000 [ 4751.286279][ T31] audit: type=1326 audit(4749.890:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.0.999" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0x7fffa1b33992 code=0x50000 [ 4751.356874][ T31] audit: type=1326 audit(4750.020:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.0.999" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0x7fffa1b33992 code=0x50000 [ 4751.365676][ T31] audit: type=1326 audit(4750.030:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.0.999" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0x7fffa1b33992 code=0x50000 [ 4751.406378][ T31] audit: type=1326 audit(4750.030:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.0.999" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0x7fffa1b33992 code=0x50000 [ 4784.356169][ C1] vcan0: j1939_tp_rxtimer: 0xffffaf801eb6b000: Timeout. Failed to send simple message. [ 4795.955353][ T6415] batadv_slave_1: entered promiscuous mode [ 4796.167076][ T6415] batadv_slave_1: left promiscuous mode [ 4895.065506][ T6469] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1029'. [ 4895.097269][ T6469] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1029'. [ 4914.209231][ T6485] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1034'. [ 4916.283402][ T6487] xt_hashlimit: size too large, truncated to 1048576 [ 4983.692854][ T6524] input: syz1 as /devices/virtual/input/input7 [ 5192.834329][ T6671] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1112'. [ 5228.120056][ T6698] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1121'. [ 5260.162756][ T6720] [U] ©„ [ 5396.035396][ T6762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5396.300605][ T6762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5434.810628][ T6762] hsr_slave_0: entered promiscuous mode [ 5435.053590][ T6762] hsr_slave_1: entered promiscuous mode [ 5435.127028][ T6762] debugfs: 'hsr0' already exists in 'hsr' [ 5435.130180][ T6762] Cannot create hsr debugfs directory [ 5449.986380][ T6762] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 5450.013072][ T6762] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5451.697836][ T6762] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 5451.711449][ T6762] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5453.817329][ T6762] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 5453.847038][ T6762] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5455.986312][ T6762] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 5456.047195][ T6762] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5459.946712][ T6762] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 5460.126646][ T6762] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 5460.294276][ T6762] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 5460.786051][ T6762] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 5488.076708][ T6762] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5571.710261][ T6762] veth0_vlan: entered promiscuous mode [ 5573.437970][ T6762] veth1_vlan: entered promiscuous mode [ 5576.142451][ T6762] veth0_macvtap: entered promiscuous mode [ 5576.963021][ T6762] veth1_macvtap: entered promiscuous mode [ 5579.623723][ T4862] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 5579.625703][ T4862] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 5579.627193][ T4862] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 5579.772226][ T4862] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 5586.383236][ T7148] netlink: 'syz.0.1172': attribute type 2 has an invalid length. [ 5586.385311][ T7148] netlink: 'syz.0.1172': attribute type 1 has an invalid length. [ 5586.386578][ T7148] netlink: 2704 bytes leftover after parsing attributes in process `syz.0.1172'. [ 5689.831257][ T7205] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1196'. [ 5705.257258][ T7218] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1201'. [ 5705.941689][ T7218] bond0: entered promiscuous mode [ 5705.980639][ T7218] bond_slave_0: entered promiscuous mode [ 5705.987209][ T7218] bond_slave_1: entered promiscuous mode [ 5706.276571][ T7218] bond0: left promiscuous mode [ 5706.277772][ T7218] bond_slave_0: left promiscuous mode [ 5706.333570][ T7218] bond_slave_1: left promiscuous mode [ 5757.598506][ T7250] [ 5757.599644][ T7250] ====================================================== [ 5757.600676][ T7250] WARNING: possible circular locking dependency detected [ 5757.602835][ T7250] syzkaller #0 Tainted: G L [ 5757.603997][ T7250] ------------------------------------------------------ [ 5757.604994][ T7250] syz.0.1212/7250 is trying to acquire lock: [ 5757.605998][ T7250] ffffaf801f4ef070 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_queue_rq+0x372/0xe44 [ 5757.609275][ T7250] [ 5757.609275][ T7250] but task is already holding lock: [ 5757.610322][ T7250] ffffaf8035118180 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc4/0xe44 [ 5757.612851][ T7250] [ 5757.612851][ T7250] which lock already depends on the new lock. [ 5757.612851][ T7250] [ 5757.614022][ T7250] [ 5757.614022][ T7250] the existing dependency chain (in reverse order) is: [ 5757.615171][ T7250] [ 5757.615171][ T7250] -> #6 (&cmd->lock){+.+.}-{4:4}: [ 5757.617671][ T7250] lock_acquire+0x24a/0x504 [ 5757.619431][ T7250] __mutex_lock+0x164/0x1890 [ 5757.620823][ T7250] mutex_lock_nested+0x14/0x1c [ 5757.622180][ T7250] nbd_queue_rq+0xc4/0xe44 [ 5757.623316][ T7250] blk_mq_dispatch_rq_list+0x3cc/0x1ac0 [ 5757.624696][ T7250] __blk_mq_sched_dispatch_requests+0xe12/0x13cc [ 5757.626186][ T7250] blk_mq_sched_dispatch_requests+0xb2/0x174 [ 5757.627689][ T7250] blk_mq_run_hw_queue+0x274/0x6ec [ 5757.628927][ T7250] blk_mq_dispatch_list+0x53e/0x1430 [ 5757.630214][ T7250] blk_mq_flush_plug_list+0x114/0x55c [ 5757.631550][ T7250] __blk_flush_plug+0x270/0x464 [ 5757.632813][ T7250] __submit_bio+0x42e/0x504 [ 5757.633977][ T7250] submit_bio_noacct_nocheck+0x458/0xdf4 [ 5757.635279][ T7250] submit_bio_noacct+0x6fe/0x2170 [ 5757.636529][ T7250] submit_bio+0xb6/0x5b8 [ 5757.637707][ T7250] submit_bh_wbc+0x428/0x5c0 [ 5757.639069][ T7250] block_read_full_folio+0x396/0x788 [ 5757.640473][ T7250] blkdev_read_folio+0x26/0x30 [ 5757.641692][ T7250] filemap_read_folio+0xc2/0x270 [ 5757.643021][ T7250] do_read_cache_folio+0x22e/0x518 [ 5757.644362][ T7250] read_cache_folio+0x4e/0x68 [ 5757.645718][ T7250] read_part_sector+0xbc/0x408 [ 5757.646841][ T7250] read_lba+0x1b6/0x32c [ 5757.648032][ T7250] find_valid_gpt.constprop.0+0x212/0x21ec [ 5757.649294][ T7250] efi_partition+0xfe/0x9e0 [ 5757.650442][ T7250] bdev_disk_changed+0x5a0/0x1180 [ 5757.651652][ T7250] blkdev_get_whole+0x168/0x25c [ 5757.652811][ T7250] bdev_open+0x288/0xcc4 [ 5757.653922][ T7250] blkdev_open+0x2ec/0x454 [ 5757.655134][ T7250] do_dentry_open+0x418/0x1170 [ 5757.656225][ T7250] vfs_open+0xba/0x3a8 [ 5757.657287][ T7250] path_openat+0x144e/0x2f28 [ 5757.658678][ T7250] do_file_open+0x1ae/0x398 [ 5757.660050][ T7250] do_sys_openat2+0xfe/0x1c0 [ 5757.661198][ T7250] __riscv_sys_openat+0x122/0x1e4 [ 5757.662401][ T7250] syscall_handler+0x92/0x114 [ 5757.663663][ T7250] do_trap_ecall_u+0x402/0x680 [ 5757.664863][ T7250] handle_exception+0x15e/0x16a [ 5757.666242][ T7250] [ 5757.666242][ T7250] -> #5 (set->srcu){.+.+}-{0:0}: [ 5757.668320][ T7250] lock_sync+0xea/0x1cc [ 5757.669433][ T7250] __synchronize_srcu+0xd4/0x24c [ 5757.670741][ T7250] synchronize_srcu+0x14c/0x3fc [ 5757.672121][ T7250] blk_mq_quiesce_queue+0x124/0x194 [ 5757.673303][ T7250] elevator_switch+0x16a/0x4e4 [ 5757.674602][ T7250] elevator_change+0x2f4/0x4ac [ 5757.675936][ T7250] elevator_set_default+0x280/0x370 [ 5757.677254][ T7250] blk_register_queue+0x3a8/0x50c [ 5757.678563][ T7250] __add_disk+0x69a/0xda4 [ 5757.679655][ T7250] add_disk_fwnode+0xe8/0x48c [ 5757.680763][ T7250] device_add_disk+0x28/0x38 [ 5757.681856][ T7250] nbd_dev_add+0x692/0xaec [ 5757.683359][ T7250] nbd_init+0x3d4/0x3f8 [ 5757.684509][ T7250] do_one_initcall+0x18c/0xcdc [ 5757.685603][ T7250] kernel_init_freeable+0x6ca/0x7b4 [ 5757.686830][ T7250] kernel_init+0x28/0x240 [ 5757.688140][ T7250] ret_from_fork_kernel+0x94/0xef8 [ 5757.689335][ T7250] ret_from_fork_kernel_asm+0x16/0x18 [ 5757.690636][ T7250] [ 5757.690636][ T7250] -> #4 (&q->elevator_lock){+.+.}-{4:4}: [ 5757.692635][ T7250] lock_acquire+0x24a/0x504 [ 5757.693760][ T7250] __mutex_lock+0x164/0x1890 [ 5757.695115][ T7250] mutex_lock_nested+0x14/0x1c [ 5757.696435][ T7250] elevator_change+0x192/0x4ac [ 5757.697702][ T7250] elevator_set_none+0xa8/0x120 [ 5757.699037][ T7250] blk_mq_update_nr_hw_queues+0x43a/0x13a0 [ 5757.700346][ T7250] nbd_start_device+0x156/0xb74 [ 5757.701430][ T7250] nbd_genl_connect+0xe74/0x1a4c [ 5757.702504][ T7250] genl_family_rcv_msg_doit+0x1f6/0x2d8 [ 5757.703995][ T7250] genl_rcv_msg+0x4b2/0x73c [ 5757.705045][ T7250] netlink_rcv_skb+0x1e8/0x394 [ 5757.706393][ T7250] genl_rcv+0x32/0x4c [ 5757.707709][ T7250] netlink_unicast+0x50c/0x7d8 [ 5757.709035][ T7250] netlink_sendmsg+0x7e0/0xd64 [ 5757.710348][ T7250] __sock_sendmsg+0xca/0x160 [ 5757.711708][ T7250] ____sys_sendmsg+0x636/0x794 [ 5757.713054][ T7250] ___sys_sendmsg+0x1a4/0x1e8 [ 5757.714407][ T7250] __sys_sendmsg+0x18e/0x234 [ 5757.715542][ T7250] __riscv_sys_sendmsg+0x70/0xa4 [ 5757.716634][ T7250] syscall_handler+0x92/0x114 [ 5757.717812][ T7250] do_trap_ecall_u+0x402/0x680 [ 5757.719060][ T7250] handle_exception+0x15e/0x16a [ 5757.720254][ T7250] [ 5757.720254][ T7250] -> #3 (&q->q_usage_counter(io)#19){++++}-{0:0}: [ 5757.722645][ T7250] lock_acquire+0x24a/0x504 [ 5757.723972][ T7250] blk_alloc_queue+0x5b4/0x6f4 [ 5757.725248][ T7250] blk_mq_alloc_queue+0x15e/0x250 [ 5757.726509][ T7250] __blk_mq_alloc_disk+0x2a/0xd8 [ 5757.727783][ T7250] nbd_dev_add+0x426/0xaec [ 5757.729123][ T7250] nbd_init+0x3d4/0x3f8 [ 5757.730225][ T7250] do_one_initcall+0x18c/0xcdc [ 5757.731338][ T7250] kernel_init_freeable+0x6ca/0x7b4 [ 5757.732618][ T7250] kernel_init+0x28/0x240 [ 5757.733845][ T7250] ret_from_fork_kernel+0x94/0xef8 [ 5757.735103][ T7250] ret_from_fork_kernel_asm+0x16/0x18 [ 5757.736354][ T7250] [ 5757.736354][ T7250] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 5757.738354][ T7250] lock_acquire+0x24a/0x504 [ 5757.739525][ T7250] fs_reclaim_acquire+0xc6/0x100 [ 5757.740815][ T7250] kmem_cache_alloc_node_noprof+0x40/0x6e8 [ 5757.742019][ T7250] __alloc_skb+0x17c/0x778 [ 5757.743120][ T7250] tcp_stream_alloc_skb+0x2e/0x4d8 [ 5757.744434][ T7250] tcp_sendmsg_locked+0xe16/0x408c [ 5757.745711][ T7250] tcp_sendmsg+0x32/0x50 [ 5757.746860][ T7250] inet_sendmsg+0x9a/0xd8 [ 5757.747959][ T7250] __sock_sendmsg+0xca/0x160 [ 5757.749295][ T7250] sock_write_iter+0x298/0x3e8 [ 5757.750595][ T7250] vfs_write+0x648/0xd08 [ 5757.751800][ T7250] ksys_write+0x1f4/0x244 [ 5757.752989][ T7250] __riscv_sys_write+0x6e/0xa0 [ 5757.754229][ T7250] syscall_handler+0x92/0x114 [ 5757.755516][ T7250] do_trap_ecall_u+0x402/0x680 [ 5757.756724][ T7250] handle_exception+0x15e/0x16a [ 5757.758005][ T7250] [ 5757.758005][ T7250] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 5757.760064][ T7250] lock_acquire+0x24a/0x504 [ 5757.761235][ T7250] lock_sock_nested+0x38/0xf8 [ 5757.762561][ T7250] inet_shutdown+0x68/0x3c0 [ 5757.764596][ T7250] kernel_sock_shutdown+0x58/0x7c [ 5757.765928][ T7250] nbd_mark_nsock_dead+0xaa/0x510 [ 5757.767315][ T7250] sock_shutdown+0x144/0x238 [ 5757.768768][ T7250] nbd_ioctl+0x22c/0xbd4 [ 5757.769830][ T7250] blkdev_ioctl+0x4cc/0x12e4 [ 5757.771262][ T7250] __riscv_sys_ioctl+0x17c/0x1e4 [ 5757.772428][ T7250] syscall_handler+0x92/0x114 [ 5757.773663][ T7250] do_trap_ecall_u+0x402/0x680 [ 5757.774923][ T7250] handle_exception+0x15e/0x16a [ 5757.776078][ T7250] [ 5757.776078][ T7250] -> #0 (&nsock->tx_lock){+.+.}-{4:4}: [ 5757.778049][ T7250] check_noncircular+0x138/0x14c [ 5757.779259][ T7250] __lock_acquire+0xe9c/0x25ac [ 5757.780379][ T7250] lock_acquire+0x24a/0x504 [ 5757.781499][ T7250] __mutex_lock+0x164/0x1890 [ 5757.782823][ T7250] mutex_lock_nested+0x14/0x1c [ 5757.784210][ T7250] nbd_queue_rq+0x372/0xe44 [ 5757.785276][ T7250] blk_mq_dispatch_rq_list+0x3cc/0x1ac0 [ 5757.786631][ T7250] __blk_mq_sched_dispatch_requests+0xe12/0x13cc [ 5757.788242][ T7250] blk_mq_sched_dispatch_requests+0xb2/0x174 [ 5757.789742][ T7250] blk_mq_run_hw_queue+0x274/0x6ec [ 5757.790978][ T7250] blk_mq_dispatch_list+0x53e/0x1430 [ 5757.792219][ T7250] blk_mq_flush_plug_list+0x114/0x55c [ 5757.793429][ T7250] __blk_flush_plug+0x270/0x464 [ 5757.794555][ T7250] __submit_bio+0x42e/0x504 [ 5757.795688][ T7250] submit_bio_noacct_nocheck+0x458/0xdf4 [ 5757.796895][ T7250] submit_bio_noacct+0x6fe/0x2170 [ 5757.798152][ T7250] submit_bio+0xb6/0x5b8 [ 5757.799285][ T7250] submit_bh_wbc+0x428/0x5c0 [ 5757.800451][ T7250] block_read_full_folio+0x396/0x788 [ 5757.801741][ T7250] blkdev_read_folio+0x26/0x30 [ 5757.803053][ T7250] filemap_read_folio+0xc2/0x270 [ 5757.804289][ T7250] do_read_cache_folio+0x22e/0x518 [ 5757.805569][ T7250] read_cache_folio+0x4e/0x68 [ 5757.806793][ T7250] read_part_sector+0xbc/0x408 [ 5757.808026][ T7250] read_lba+0x1b6/0x32c [ 5757.809226][ T7250] find_valid_gpt.constprop.0+0x212/0x21ec [ 5757.810472][ T7250] efi_partition+0xfe/0x9e0 [ 5757.811629][ T7250] bdev_disk_changed+0x5a0/0x1180 [ 5757.812773][ T7250] blkdev_get_whole+0x168/0x25c [ 5757.813885][ T7250] bdev_open+0x288/0xcc4 [ 5757.815140][ T7250] blkdev_open+0x2ec/0x454 [ 5757.816266][ T7250] do_dentry_open+0x418/0x1170 [ 5757.817322][ T7250] vfs_open+0xba/0x3a8 [ 5757.818398][ T7250] path_openat+0x144e/0x2f28 [ 5757.819692][ T7250] do_file_open+0x1ae/0x398 [ 5757.820971][ T7250] do_sys_openat2+0xfe/0x1c0 [ 5757.822108][ T7250] __riscv_sys_openat+0x122/0x1e4 [ 5757.823309][ T7250] syscall_handler+0x92/0x114 [ 5757.824481][ T7250] do_trap_ecall_u+0x402/0x680 [ 5757.825622][ T7250] handle_exception+0x15e/0x16a [ 5757.826778][ T7250] [ 5757.826778][ T7250] other info that might help us debug this: [ 5757.826778][ T7250] [ 5757.827938][ T7250] Chain exists of: [ 5757.827938][ T7250] &nsock->tx_lock --> set->srcu --> &cmd->lock [ 5757.827938][ T7250] [ 5757.830486][ T7250] Possible unsafe locking scenario: [ 5757.830486][ T7250] [ 5757.831429][ T7250] CPU0 CPU1 [ 5757.832226][ T7250] ---- ---- [ 5757.833037][ T7250] lock(&cmd->lock); [ 5757.834198][ T7250] lock(set->srcu); [ 5757.835541][ T7250] lock(&cmd->lock); [ 5757.836858][ T7250] lock(&nsock->tx_lock); [ 5757.838119][ T7250] [ 5757.838119][ T7250] *** DEADLOCK *** [ 5757.838119][ T7250] [ 5757.839161][ T7250] 3 locks held by syz.0.1212/7250: [ 5757.840120][ T7250] #0: ffffaf801a97a358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x3c4/0xcc4 [ 5757.842867][ T7250] #1: ffffaf80195d9a18 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x22c/0x6ec [ 5757.845574][ T7250] #2: ffffaf8035118180 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc4/0xe44 [ 5757.848227][ T7250] [ 5757.848227][ T7250] stack backtrace: [ 5757.849941][ T7250] CPU: 0 UID: 0 PID: 7250 Comm: syz.0.1212 Tainted: G L syzkaller #0 PREEMPT [ 5757.850746][ T7250] Tainted: [L]=SOFTLOCKUP [ 5757.851031][ T7250] Hardware name: riscv-virtio,qemu (DT) [ 5757.851641][ T7250] Call Trace: [ 5757.851923][ T7250] [] dump_backtrace+0x2e/0x3c [ 5757.852664][ T7250] [] show_stack+0x30/0x3c [ 5757.853202][ T7250] [] dump_stack_lvl+0x114/0x1ac [ 5757.853979][ T7250] [] dump_stack+0x1c/0x28 [ 5757.854714][ T7250] [] print_circular_bug+0x250/0x29c [ 5757.855306][ T7250] [] check_noncircular+0x138/0x14c [ 5757.855847][ T7250] [] __lock_acquire+0xe9c/0x25ac [ 5757.856382][ T7250] [] lock_acquire+0x24a/0x504 [ 5757.856923][ T7250] [] __mutex_lock+0x164/0x1890 [ 5757.857624][ T7250] [] mutex_lock_nested+0x14/0x1c [ 5757.858383][ T7250] [] nbd_queue_rq+0x372/0xe44 [ 5757.858863][ T7250] [] blk_mq_dispatch_rq_list+0x3cc/0x1ac0 [ 5757.859534][ T7250] [] __blk_mq_sched_dispatch_requests+0xe12/0x13cc [ 5757.860314][ T7250] [] blk_mq_sched_dispatch_requests+0xb2/0x174 [ 5757.861056][ T7250] [] blk_mq_run_hw_queue+0x274/0x6ec [ 5757.861617][ T7250] [] blk_mq_dispatch_list+0x53e/0x1430 [ 5757.862229][ T7250] [] blk_mq_flush_plug_list+0x114/0x55c [ 5757.862834][ T7250] [] __blk_flush_plug+0x270/0x464 [ 5757.863454][ T7250] [] __submit_bio+0x42e/0x504 [ 5757.864046][ T7250] [] submit_bio_noacct_nocheck+0x458/0xdf4 [ 5757.864663][ T7250] [] submit_bio_noacct+0x6fe/0x2170 [ 5757.865265][ T7250] [] submit_bio+0xb6/0x5b8 [ 5757.865814][ T7250] [] submit_bh_wbc+0x428/0x5c0 [ 5757.866415][ T7250] [] block_read_full_folio+0x396/0x788 [ 5757.867120][ T7250] [] blkdev_read_folio+0x26/0x30 [ 5757.867682][ T7250] [] filemap_read_folio+0xc2/0x270 [ 5757.868334][ T7250] [] do_read_cache_folio+0x22e/0x518 [ 5757.869024][ T7250] [] read_cache_folio+0x4e/0x68 [ 5757.869696][ T7250] [] read_part_sector+0xbc/0x408 [ 5757.870261][ T7250] [] read_lba+0x1b6/0x32c [ 5757.870793][ T7250] [] find_valid_gpt.constprop.0+0x212/0x21ec [ 5757.871433][ T7250] [] efi_partition+0xfe/0x9e0 [ 5757.871971][ T7250] [] bdev_disk_changed+0x5a0/0x1180 [ 5757.872533][ T7250] [] blkdev_get_whole+0x168/0x25c [ 5757.873101][ T7250] [] bdev_open+0x288/0xcc4 [ 5757.873611][ T7250] [] blkdev_open+0x2ec/0x454 [ 5757.874193][ T7250] [] do_dentry_open+0x418/0x1170 [ 5757.874694][ T7250] [] vfs_open+0xba/0x3a8 [ 5757.875259][ T7250] [] path_openat+0x144e/0x2f28 [ 5757.875969][ T7250] [] do_file_open+0x1ae/0x398 [ 5757.876661][ T7250] [] do_sys_openat2+0xfe/0x1c0 [ 5757.877216][ T7250] [] __riscv_sys_openat+0x122/0x1e4 [ 5757.877779][ T7250] [] syscall_handler+0x92/0x114 [ 5757.878376][ T7250] [] do_trap_ecall_u+0x402/0x680 [ 5757.878992][ T7250] [] handle_exception+0x15e/0x16a [ 5757.992391][ T7250] block nbd0: Dead connection, failed to find a fallback [ 5757.994350][ T7250] block nbd0: shutting down sockets [ 5757.996519][ T7250] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 5758.061128][ T7250] Buffer I/O error on dev nbd0, logical block 0, async page read [ 5758.065083][ T7250] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 5758.067257][ T7250] Buffer I/O error on dev nbd0, logical block 1, async page read [ 5758.115182][ T7250] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 5758.117486][ T7250] Buffer I/O error on dev nbd0, logical block 2, async page read [ 5758.164412][ T7250] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 5758.166729][ T7250] Buffer I/O error on dev nbd0, logical block 3, async page read [ 5758.303222][ T7250] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 5758.305521][ T7250] Buffer I/O error on dev nbd0, logical block 0, async page read [ 5758.381076][ T7250] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 5758.383411][ T7250] Buffer I/O error on dev nbd0, logical block 1, async page read [ 5758.444168][ T7250] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 5758.446434][ T7250] Buffer I/O error on dev nbd0, logical block 2, async page read [ 5758.496022][ T7250] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 5758.556964][ T7250] Buffer I/O error on dev nbd0, logical block 3, async page read [ 5758.586287][ T7250] nbd0: unable to read partition table [ 5760.741603][ T7250] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 5760.991979][ T7250] block nbd0: NBD_DISCONNECT [ 5760.994702][ T7250] block nbd0: Send disconnect failed -32 [ 5760.996317][ T7250] block nbd0: Send disconnect failed -32 [ 5782.476592][ T5979] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5783.326515][ T5979] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5784.083312][ T5979] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5785.061490][ T5979] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0