last executing test programs: 6.566049851s ago: executing program 2 (id=1171): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000006, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) getrlimit(0xf, &(0x7f00000002c0)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000380), 0x4, 0x4200) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) socket$inet(0x2, 0x6, 0x0) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r2 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fchdir(r2) r3 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0xc0) getdents(r3, &(0x7f00000002c0)=""/31, 0x1f) getdents(r3, &(0x7f00000000c0)=""/201, 0xc9) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) 5.654858122s ago: executing program 2 (id=1175): r0 = signalfd(0xffffffffffffffff, &(0x7f0000000200)={[0x1, 0x217]}, 0x8) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'syztnl1\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x0, 0x1, 0x7, 0x6, 0x21, @private2, @loopback, 0x7, 0x40, 0x10, 0xe}}) r1 = socket$inet_sctp(0x2, 0x1, 0x84) r2 = openat$random(0xffffff9c, &(0x7f00000000c0), 0x200, 0x0) readv(r2, &(0x7f0000001240)=[{&(0x7f0000000100)=""/140, 0x8c}], 0x1) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000040)={0x0, 0x3}, 0x8) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6) write(r3, &(0x7f0000000000)="2e000300010000", 0x7) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000080000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000000000850000002a000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x4, 0x8, &(0x7f00000002c0)="b8000005", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r6 = socket(0x11, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r8 = openat$pfkey(0xffffff9c, &(0x7f00000006c0), 0x20400, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000700)={{0x1, 0x1, 0x18, r8, {0x9}}, './file0\x00'}) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070f000000000000000007000000", @ANYRES32=r7, @ANYBLOB="80008f000a000200b2aaaaaaaa1c0000"], 0x28}}, 0x0) sendto$inet(r1, &(0x7f00000004c0)="ab1dd3f0801dd9c6f4a69d9cb300145ddb30da0e3c2cb412590b7fed6df3516e6c05f6aacec38a09015a5e1a37aa43c7cf707e021c64539b419d6dda9efa208c0e19f08ddd7593af991c0b6c10c5830e9a0b488dd270890a8ffa3c0f675db3d0148e16d528a04304c2185bd3439dfacdbe0cda5568f95fe26c39205a3726f4c2951fbbdc297a0abe3807050400000000000000d0275df771e4bea273f0c1dbc2222f0104510b5e0b1632a643d4138d86fbd0d08d4b49540b93c6c785abc0ffb5c7932c92c42a6fdd81ec7225b2d6ab70f7c1857af4d89d161057663bc4129b5970746d176edfcbc64c8adc44383a4a0423b92be00500000000000000b3fbaa30c85db87b3eea6011eeb8ab9bc322316c75ac7d34e9a74688e852b249c162df6c01cea2d208a725e9da1dd43c244d75d5666727e8defb8659423295645122964edf9fc640c0e633d40000000000000000f136fa566ba7571cb5389476360f78cc22195c2c4a72b0541eeea7", 0x16b, 0x24000814, &(0x7f0000000640)={0x2, 0x4e22, @local}, 0x10) 4.569085367s ago: executing program 2 (id=1179): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd, 0x3]}, 0x0, 0x8) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0xfffffffd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0x4d}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x810) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f00000001c0)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getresuid(&(0x7f00000002c0), &(0x7f0000000080), &(0x7f00000000c0)) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56) connect$inet(r4, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4) close(r4) 4.232258596s ago: executing program 3 (id=1182): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="05d6b818f4abfaed5008dd3ccd3a30908add8c"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @sched_cls=0x2e, 0xffffffffffffffff, 0x19, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/anycast6\x00') r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r3, 0xc05c6104, &(0x7f00000000c0)={"fbffffff", 0x0, 0x6, 0x4, 0x1, 0x0, "000000ff00070000000900", '\x00', "05030400", "e859ad33", ['\x00', "00000008000906000000da00", "0c000004dd372a9000"]}) syz_usb_connect(0x6, 0x36, &(0x7f00000005c0)=ANY=[], 0x0) close_range(r2, 0xffffffffffffffff, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x78}}, 0x0) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="015e5021dbda9000000000000000000000909db9e3050d3ba1caeff44426c200000000"], 0x1c}}, 0x0) bind$packet(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r0, 0x0, 0x25, 0xb, @void}, 0x10) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) setpriority(0x2, 0x0, 0x4) 3.841953369s ago: executing program 1 (id=1183): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f0000000680)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r4 = openat$dsp(0xffffffffffffff9c, 0x0, 0x2c2fc2, 0x0) ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000180)=0x6) r5 = socket$key(0xf, 0x3, 0x2) recvfrom$packet(r5, 0x0, 0x0, 0x1, 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1) r6 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000)={0x9, @remote}, 0x0, 0x800) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x3bc, 0x1ac, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x2f4, 0x20a, 0x278, 0x2f4, 0x278, 0x3, 0x0, {[{{@uncond, 0x0, 0x188, 0x1ac, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x1}}]}, @common=@inet=@TCPMSS={0x24}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'veth0_virt_wifi\x00'}, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@limit={{0x3c}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x418) r8 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$apparmor_current(r8, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r6, @ANYRESOCT=r2, @ANYRES16=r2, @ANYRESOCT=r2, @ANYRESHEX=r0, @ANYRESDEC=r7], 0x17) 3.477648599s ago: executing program 2 (id=1184): openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = socket(0x1e, 0x1, 0x0) shutdown(r2, 0x2) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socket$kcm(0x2, 0xa, 0x2) r3 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000180)=0x0, &(0x7f0000000380)) syz_open_procfs(0xffffffffffffffff, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, 0x0) rseq(0x0, 0x0, 0x0, 0x0) rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) epoll_create1(0x0) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r3, 0x381b, 0x0, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0) 3.249730218s ago: executing program 0 (id=1185): r0 = socket(0x8000000010, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_setup(0x118, &(0x7f0000000100)={0x0, 0x2, 0x10, 0xfffffffc, 0x3a6}, &(0x7f0000000000), 0x0) r4 = socket(0x10, 0x80003, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="1800000016000119"], 0x78}}, 0x0) write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4b", 0xbd) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r5, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}}) 3.247253169s ago: executing program 3 (id=1186): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000006, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) getrlimit(0xf, &(0x7f00000002c0)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000380), 0x4, 0x4200) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) socket$inet(0x2, 0x6, 0x0) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r2 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fchdir(r2) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0xc0) getdents(r3, &(0x7f00000002c0)=""/31, 0x1f) getdents(r3, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) 2.548126562s ago: executing program 2 (id=1187): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) dup(r1) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/meminfo\x00', 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$swradio(&(0x7f0000002440), 0x1, 0x2) r5 = syz_io_uring_setup(0x117, &(0x7f0000000300), &(0x7f0000000280)=0x0, &(0x7f0000000200)=0x0) syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc}) io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0) 2.546545633s ago: executing program 1 (id=1195): openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = socket(0x1e, 0x1, 0x0) shutdown(r2, 0x2) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r4 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000180)=0x0, &(0x7f0000000380)) syz_open_procfs(0xffffffffffffffff, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, 0x0) rseq(0x0, 0x0, 0x0, 0x0) rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) epoll_create1(0x0) syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r4, 0x381b, 0x0, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0) 2.29828429s ago: executing program 0 (id=1188): r0 = signalfd(0xffffffffffffffff, &(0x7f0000000200)={[0x1, 0x217]}, 0x8) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'syztnl1\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x0, 0x1, 0x7, 0x6, 0x21, @private2, @loopback, 0x7, 0x40, 0x10, 0xe}}) r1 = socket$inet_sctp(0x2, 0x1, 0x84) r2 = openat$random(0xffffff9c, &(0x7f00000000c0), 0x200, 0x0) readv(r2, &(0x7f0000001240)=[{&(0x7f0000000100)=""/140, 0x8c}], 0x1) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000040)={0x0, 0x3}, 0x8) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6) write(r3, &(0x7f0000000000)="2e000300010000", 0x7) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000080000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000000000850000002a000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x4, 0x8, &(0x7f00000002c0)="b8000005", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r6 = socket(0x11, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r8 = openat$pfkey(0xffffff9c, &(0x7f00000006c0), 0x20400, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000700)={{0x1, 0x1, 0x18, r8, {0x9}}, './file0\x00'}) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070f000000000000000007000000", @ANYRES32=r7, @ANYBLOB="80008f000a000200b2aaaaaaaa1c0000"], 0x28}}, 0x0) sendto$inet(r1, &(0x7f00000004c0)="ab1dd3f0801dd9c6f4a69d9cb300145ddb30da0e3c2cb412590b7fed6df3516e6c05f6aacec38a09015a5e1a37aa43c7cf707e021c64539b419d6dda9efa208c0e19f08ddd7593af991c0b6c10c5830e9a0b488dd270890a8ffa3c0f675db3d0148e16d528a04304c2185bd3439dfacdbe0cda5568f95fe26c39205a3726f4c2951fbbdc297a0abe3807050400000000000000d0275df771e4bea273f0c1dbc2222f0104510b5e0b1632a643d4138d86fbd0d08d4b49540b93c6c785abc0ffb5c7932c92c42a6fdd81ec7225b2d6ab70f7c1857af4d89d161057663bc4129b5970746d176edfcbc64c8adc44383a4a0423b92be00500000000000000b3fbaa30c85db87b3eea6011eeb8ab9bc322316c75ac7d34e9a74688e852b249c162df6c01cea2d208a725e9da1dd43c244d75d5666727e8defb8659423295645122964edf9fc640c0e633d40000000000000000f136fa566ba7571cb5389476360f78cc22195c2c4a72b0541eeea7", 0x16b, 0x24000814, &(0x7f0000000640)={0x2, 0x4e22, @local}, 0x10) 2.198939324s ago: executing program 3 (id=1189): r0 = getpid() r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000250000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008b00", @ANYRES32=r0, @ANYBLOB="6cff7f000000000000d9d7b3ffc6fd6a88ea07730b41758de6fa73a26c932a33014ec236243bb86fc347cb6be604792621ed0732c9c474bd5e21054cc4ada1c9f3ec294ac8553f508515cadb9f146efe692216677df2780c5285"], 0x3c}}, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r1) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) socket$inet_udp(0x2, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}}) r6 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x20}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x70}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x1, 0x7, 0x2261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 2.198530166s ago: executing program 0 (id=1190): openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0) msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x4000, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000003e00), 0x0, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO(r1, 0x541b, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socket$inet6_mptcp(0xa, 0x1, 0x106) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) unshare(0x68060200) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r4, &(0x7f0000000000)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, 0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}}, 0x1c) getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)={'filter\x00', 0x0, 0x0, 0x0, [0xfffffffc, 0x0, 0xed, 0x6]}, &(0x7f0000000080)=0x50) getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f00000003c0)={'nat\x00', 0x0, 0x3, 0x0, [0x5, 0x9, 0xfa, 0x6, 0x10000, 0x8001], 0x0, 0x0, 0x0}, &(0x7f0000000440)=0x78) 1.928457789s ago: executing program 3 (id=1191): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mknodat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x200, 0x0) r3 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x810) r5 = socket$l2tp6(0xa, 0x2, 0x73) ioctl$sock_ifreq(r5, 0x8923, &(0x7f0000000040)={'lo\x00', @ifru_hwaddr=@multicast}) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="010000000000000008001b"], 0x28}}, 0x0) 1.527778573s ago: executing program 1 (id=1192): r0 = signalfd(0xffffffffffffffff, &(0x7f0000000200)={[0x1, 0x217]}, 0x8) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'syztnl1\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x0, 0x1, 0x7, 0x6, 0x21, @private2, @loopback, 0x7, 0x40, 0x10, 0xe}}) r1 = socket$inet_sctp(0x2, 0x1, 0x84) r2 = openat$random(0xffffff9c, &(0x7f00000000c0), 0x200, 0x0) readv(r2, &(0x7f0000001240)=[{&(0x7f0000000100)=""/140, 0x8c}], 0x1) bind$inet(r1, 0x0, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000040)={0x0, 0x3}, 0x8) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6) write(r3, &(0x7f0000000000)="2e000300010000", 0x7) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x4}, 0x8) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000080000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000000000850000002a000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x4, 0x8, &(0x7f00000002c0)="b8000005", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r6 = socket(0x11, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r8 = openat$pfkey(0xffffff9c, &(0x7f00000006c0), 0x20400, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000700)={{0x1, 0x1, 0x18, r8, {0x9}}, './file0\x00'}) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070f000000000000000007000000", @ANYRES32=r7, @ANYBLOB="80008f000a000200b2aaaaaaaa1c0000"], 0x28}}, 0x0) sendto$inet(r1, &(0x7f00000004c0)="ab1dd3f0801dd9c6f4a69d9cb300145ddb30da0e3c2cb412590b7fed6df3516e6c05f6aacec38a09015a5e1a37aa43c7cf707e021c64539b419d6dda9efa208c0e19f08ddd7593af991c0b6c10c5830e9a0b488dd270890a8ffa3c0f675db3d0148e16d528a04304c2185bd3439dfacdbe0cda5568f95fe26c39205a3726f4c2951fbbdc297a0abe3807050400000000000000d0275df771e4bea273f0c1dbc2222f0104510b5e0b1632a643d4138d86fbd0d08d4b49540b93c6c785abc0ffb5c7932c92c42a6fdd81ec7225b2d6ab70f7c1857af4d89d161057663bc4129b5970746d176edfcbc64c8adc44383a4a0423b92be00500000000000000b3fbaa30c85db87b3eea6011eeb8ab9bc322316c75ac7d34e9a74688e852b249c162df6c01cea2d208a725e9da1dd43c244d75d5666727e8defb8659423295645122964edf9fc640c0e633d40000000000000000f136fa566ba7571cb5389476360f78cc22195c2c4a72b0541eeea7", 0x16b, 0x24000814, &(0x7f0000000640)={0x2, 0x4e22, @local}, 0x10) 1.429018203s ago: executing program 1 (id=1193): syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r0, 0xc00864c0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r1, 0xc00864c0, &(0x7f00000003c0)) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f00000000c0)) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000240)) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(0xffffffffffffffff, 0xc01064c5, &(0x7f0000000340)={&(0x7f0000000300)}) ioctl$SNDRV_PCM_IOCTL_LINK(r1, 0x40044160, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) timer_settime(0x0, 0x1, &(0x7f000006b000)={{0x77359400}, {0x0, 0x989680}}, 0x0) r4 = accept4(r3, 0x0, 0x0, 0x0) ioctl$int_in(r4, 0x5452, &(0x7f0000000000)=0x5) recvmmsg(r4, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0) 1.206221522s ago: executing program 0 (id=1194): openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) shutdown(0xffffffffffffffff, 0x2) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socket$kcm(0x2, 0xa, 0x2) r3 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000180)=0x0, &(0x7f0000000380)) syz_open_procfs(0xffffffffffffffff, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, 0x0) rseq(0x0, 0x0, 0x0, 0x0) rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) epoll_create1(0x0) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r3, 0x381b, 0x0, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0) 1.025678875s ago: executing program 3 (id=1196): openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = socket(0x1e, 0x1, 0x0) shutdown(r2, 0x2) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socket$kcm(0x2, 0xa, 0x2) r3 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000180)=0x0, &(0x7f0000000380)) syz_open_procfs(0xffffffffffffffff, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, 0x0) rseq(0x0, 0x0, 0x0, 0x0) rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) epoll_create1(0x0) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r3, 0x381b, 0x0, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0) 744.683219ms ago: executing program 2 (id=1197): r0 = socket(0x8000000010, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_setup(0x118, &(0x7f0000000100)={0x0, 0x2, 0x10, 0xfffffffc, 0x3a6}, &(0x7f0000000000), 0x0) r4 = socket(0x10, 0x80003, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="1800000016000119"], 0x78}}, 0x0) write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4b", 0xbd) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r5, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}}) 199.139412ms ago: executing program 0 (id=1198): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000980), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000040)={'ip6gre0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x2f}}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000007940)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000008}, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r6) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r7, 0x0) syz_emit_ethernet(0x5a, &(0x7f0000000180)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x24, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@add_addr={0x1e, 0x10, 0x2, 0x10, 0x0, @dev={0xac, 0x3}, 0x0, "20f0ddf9a66a"}]}}}}}}}}, 0x0) sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x34, r4, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg0\x00'}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002ac0)=@delchain={0xf8, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_route={{0xa}, {0xb8, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0xac, 0x6, [@m_nat={0x7c, 0x0, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @rand_addr, @loopback}}, @TCA_NAT_PARMS={0x28, 0x1, {{}, @rand_addr, @broadcast}}]}, {0x4}, {0xc}, {0xc}}}, @m_bpf={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0xf8}}, 0x0) r8 = socket(0x10, 0x803, 0x0) sendto(r8, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r8, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x7b}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="3943000000000000000001000000316168ff1f5db9b25ebe9312bff8dd6630502a0a9f88e6d98842eebb8eacd7de6bedf16a817ff133694f7781bc1d8cdf851c40d240a673460690db9c8cff9809565cccc580b52387691b48f2"], 0x14}}, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x400d840}, 0x20008080) recvmsg(r0, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0) 198.950534ms ago: executing program 1 (id=1199): socket$packet(0x11, 0x3, 0x300) bind$packet(0xffffffffffffffff, 0x0, 0x0) socket(0x1, 0x803, 0x0) socket$phonet_pipe(0x23, 0x5, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = syz_open_dev$usbmon(&(0x7f0000000000), 0x81, 0x101000) ioctl$AUTOFS_IOC_PROTOVER(r1, 0x9204, 0x0) r2 = dup(r0) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) mount(&(0x7f0000000140)=@sr0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='minix\x00', 0x221005d, 0x0) r3 = syz_open_dev$swradio(0x0, 0x0, 0x2) ioctl$VIDIOC_STREAMOFF(r3, 0x40045613, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r4, 0x6804, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) syz_open_dev$MSR(0x0, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RELOAD(r5, 0x0, 0x80) socket$inet(0x2b, 0x5, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000040000000400000022bf000000000000", @ANYRES32, @ANYBLOB="0000000000000000000003000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000001800"/20], 0x48) 151.568781ms ago: executing program 3 (id=1200): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd, 0x3]}, 0x0, 0x8) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0xfffffffd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0x4d}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x810) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getresuid(&(0x7f00000002c0), &(0x7f0000000080), &(0x7f00000000c0)) r3 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56) connect$inet(r3, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4) close(r3) 145.386104ms ago: executing program 0 (id=1201): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) chdir(&(0x7f0000000100)='./file0\x00') r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000000000001000004080000000000000002000000200000000000000000000009030000000000000000000004"], 0x0, 0x4a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000100)=0x2) recvmmsg(r4, &(0x7f0000002f40)=[{{&(0x7f0000000180)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/153, 0x99}, {0x0}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/83, 0x53}, {&(0x7f0000001700)=""/200, 0xc8}], 0x5, &(0x7f0000001800)=""/225, 0xe1}, 0x5fd}, {{&(0x7f0000001900)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f0000001ec0)}, 0x80000000}], 0x2, 0x100, &(0x7f0000002f80)={0x77359400}) syz_emit_ethernet(0x82, &(0x7f0000000300)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @local, @val={@val={0x88a8, 0x3, 0x1, 0x1}, {0x8100, 0x0, 0x0, 0x4}}, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "0961d3", 0x44, 0x2f, 0xff, @private1={0xfc, 0x1, '\x00', 0x1}, @loopback, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x3}, {0x1}, {0x0, 0x0, 0x1, 0x1}, {0x8, 0x88be, 0x1, {{0x6, 0x1, 0x8, 0x3, 0x0, 0x0, 0x3, 0x2}, 0x1, {0x9}}}, {0x8, 0x22eb, 0x4, {{0x1, 0x2, 0x1, 0x3, 0x1, 0x3, 0x7, 0x6}, 0x2, {0x9, 0xe, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1}}}}}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x4, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0) 0s ago: executing program 1 (id=1202): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000006, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) getrlimit(0xf, &(0x7f00000002c0)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000380), 0x4, 0x4200) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) socket$inet(0x2, 0x6, 0x0) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r2 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fchdir(r2) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0xc0) getdents(r3, 0x0, 0x0) getdents(r3, &(0x7f00000000c0)=""/201, 0xc9) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) kernel console output (not intermixed with test programs): port of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.849469][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.856032][ T5942] team0: Port device team_slave_0 added [ 45.858872][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.875074][ T5942] team0: Port device team_slave_1 added [ 45.898927][ T5947] team0: Port device team_slave_0 added [ 45.926561][ T5941] hsr_slave_0: entered promiscuous mode [ 45.928750][ T5941] hsr_slave_1: entered promiscuous mode [ 45.931942][ T5947] team0: Port device team_slave_1 added [ 45.933943][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.936578][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.944541][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.981090][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.983135][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.990648][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.998382][ T5951] hsr_slave_0: entered promiscuous mode [ 46.000524][ T5951] hsr_slave_1: entered promiscuous mode [ 46.002747][ T5951] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.007114][ T5951] Cannot create hsr debugfs directory [ 46.019033][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.021041][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.028724][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.055216][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.057230][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.064766][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.090160][ T5942] hsr_slave_0: entered promiscuous mode [ 46.092175][ T5942] hsr_slave_1: entered promiscuous mode [ 46.094083][ T5942] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.097344][ T5942] Cannot create hsr debugfs directory [ 46.145606][ T5947] hsr_slave_0: entered promiscuous mode [ 46.147695][ T5947] hsr_slave_1: entered promiscuous mode [ 46.149584][ T5947] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.151797][ T5947] Cannot create hsr debugfs directory [ 46.296466][ T5941] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.305951][ T5941] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.314183][ T5941] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.318761][ T5941] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 46.338395][ T5951] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.343251][ T5951] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.348399][ T5951] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.353185][ T5951] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.372815][ T5942] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 46.377717][ T5942] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 46.380918][ T5942] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 46.394216][ T5942] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 46.421303][ T5947] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 46.424597][ T5947] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 46.427998][ T5947] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 46.431448][ T5947] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 46.452881][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.462752][ T5941] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.490046][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.492222][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.512813][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.515009][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.520705][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.526049][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.529270][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.541402][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.550840][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.556774][ T5951] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.563135][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.565865][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.578963][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.581692][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.587548][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.590195][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.593871][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.596545][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.603831][ T76] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.606522][ T76] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.617072][ T70] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.619240][ T70] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.727718][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.745727][ T5941] veth0_vlan: entered promiscuous mode [ 46.753089][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.758047][ T5941] veth1_vlan: entered promiscuous mode [ 46.766486][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.771614][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.786956][ T5941] veth0_macvtap: entered promiscuous mode [ 46.798022][ T5941] veth1_macvtap: entered promiscuous mode [ 46.813507][ T5947] veth0_vlan: entered promiscuous mode [ 46.825260][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.828401][ T5947] veth1_vlan: entered promiscuous mode [ 46.836060][ T5942] veth0_vlan: entered promiscuous mode [ 46.843150][ T5951] veth0_vlan: entered promiscuous mode [ 46.846539][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.852639][ T5941] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.856992][ T5941] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.860365][ T5941] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.863769][ T5941] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.872983][ T5942] veth1_vlan: entered promiscuous mode [ 46.880767][ T5951] veth1_vlan: entered promiscuous mode [ 46.896290][ T5947] veth0_macvtap: entered promiscuous mode [ 46.902262][ T5947] veth1_macvtap: entered promiscuous mode [ 46.931318][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.933837][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.945675][ T5942] veth0_macvtap: entered promiscuous mode [ 46.950553][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.953637][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.957184][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.959743][ T5951] veth0_macvtap: entered promiscuous mode [ 46.963599][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.965117][ T5951] veth1_macvtap: entered promiscuous mode [ 46.967227][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.970174][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.975302][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.980194][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.982942][ T5942] veth1_macvtap: entered promiscuous mode [ 46.991373][ T5947] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.995178][ T5947] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.998408][ T5947] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.000941][ T5947] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.013446][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.018613][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.020526][ T5941] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.022279][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.022289][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.022860][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.043196][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.047476][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.051088][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.055176][ T5297] Bluetooth: hci0: command tx timeout [ 47.057343][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.060932][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.064939][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.070188][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.075496][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.078608][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.081496][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.085083][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.088661][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.091881][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.097904][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.101773][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.106347][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.109961][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.112989][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.117050][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.128754][ T5297] Bluetooth: hci3: command tx timeout [ 47.128782][ T5944] Bluetooth: hci1: command tx timeout [ 47.130863][ T5950] Bluetooth: hci2: command tx timeout [ 47.139537][ T5951] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.142857][ T5951] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.145684][ T5951] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.148863][ T5951] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.155366][ T5942] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.158909][ T5942] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.161472][ T5942] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.163980][ T5942] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.184446][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.186706][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.208529][ T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.210967][ T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.211607][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.215883][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.232087][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.236694][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.248006][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.253829][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.266389][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.268660][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.374458][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 47.424867][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 47.429328][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 47.432344][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 47.594637][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.367963][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 48.414519][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.414643][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.417095][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.419362][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.421679][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.706059][ T6013] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 48.760064][ T6027] kAFS: No cell specified [ 49.134512][ T5950] Bluetooth: hci0: command tx timeout [ 49.236710][ T5950] Bluetooth: hci1: command tx timeout [ 49.236743][ T5944] Bluetooth: hci3: command tx timeout [ 49.238960][ T5950] Bluetooth: hci2: command tx timeout [ 49.571616][ T6041] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9'. [ 50.443609][ T6056] [U]  [ 50.472810][ T6054] syz.3.14: attempt to access beyond end of device [ 50.472810][ T6054] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 50.477455][ T6054] XFS (nbd3): SB validate failed with error -5. [ 51.124591][ T5983] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 51.204486][ T5950] Bluetooth: hci0: command tx timeout [ 51.274492][ T5983] usb 7-1: Using ep0 maxpacket: 16 [ 51.278346][ T5983] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 51.281515][ T5983] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 51.285325][ T5983] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 51.285451][ T5950] Bluetooth: hci2: command tx timeout [ 51.285667][ T5297] Bluetooth: hci3: command tx timeout [ 51.285690][ T5297] Bluetooth: hci1: command tx timeout [ 51.288110][ T5983] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.290054][ T5983] usb 7-1: config 0 descriptor?? [ 51.298427][ T6067] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 51.476004][ T6078] program syz.1.17 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 51.713268][ T5983] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.0002/input/input5 [ 51.781414][ T5983] appleir 0003:05AC:8241.0002: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0 [ 51.834199][ T6080] netlink: 20 bytes leftover after parsing attributes in process `syz.0.18'. [ 51.839493][ T6080] geneve0: entered allmulticast mode [ 53.284687][ T5950] Bluetooth: hci0: command tx timeout [ 53.364550][ T5944] Bluetooth: hci1: command tx timeout [ 53.366725][ T5297] Bluetooth: hci3: command tx timeout [ 53.368875][ T5950] Bluetooth: hci2: command tx timeout [ 54.588200][ T5981] usb 7-1: USB disconnect, device number 2 [ 55.423973][ T6126] block device autoloading is deprecated and will be removed. [ 55.445241][ T5950] Bluetooth: hci3: command tx timeout [ 55.500171][ T6129] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.585484][ T6129] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 55.897693][ T6133] infiniband syz1: set down [ 55.901213][ T6133] infiniband syz1: added ipvlan0 [ 55.950480][ T6133] RDS/IB: syz1: added [ 55.957483][ T6133] smc: adding ib device syz1 with port count 1 [ 55.960085][ T6133] smc: ib device syz1 port 1 has pnetid [ 56.384913][ T6139] netlink: 4 bytes leftover after parsing attributes in process `syz.2.33'. [ 56.481743][ T6147] Cannot find add_set index 3 as target [ 56.861668][ C0] vkms_vblank_simulate: vblank timer overrun [ 56.954905][ C0] vkms_vblank_simulate: vblank timer overrun [ 57.062409][ C0] vkms_vblank_simulate: vblank timer overrun [ 57.284849][ T5950] Bluetooth: hci2: command tx timeout [ 57.346706][ T6150] netlink: zone id is out of range [ 57.555723][ T6138] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 57.674993][ T6150] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.678169][ T6150] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.983020][ T6052] IPVS: starting estimator thread 0... [ 58.074730][ T6165] IPVS: using max 38 ests per chain, 91200 per kthread [ 58.894391][ C0] vkms_vblank_simulate: vblank timer overrun [ 59.737375][ T6197] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 59.806641][ T6198] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 60.371708][ T39] audit: type=1800 audit(1737434228.140:2): pid=6201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.47" name="bus" dev="overlay" ino=87 res=0 errno=0 [ 61.331449][ T6221] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 62.416603][ T6236] netlink: 12 bytes leftover after parsing attributes in process `syz.2.56'. [ 62.646165][ T6245] netlink: 'syz.3.58': attribute type 39 has an invalid length. [ 62.707719][ T6244] ======================================================= [ 62.707719][ T6244] WARNING: The mand mount option has been deprecated and [ 62.707719][ T6244] and is ignored by this kernel. Remove the mand [ 62.707719][ T6244] option from the mount to silence this warning. [ 62.707719][ T6244] ======================================================= [ 62.909325][ T6257] Zero length message leads to an empty skb [ 62.966611][ T6262] ptrace attach of "/syz-executor exec"[5947] was attempted by "/syz-executor exec"[6262] [ 62.984627][ T6263] netlink: 12 bytes leftover after parsing attributes in process `syz.1.60'. [ 62.988291][ T6263] netlink: 'syz.1.60': attribute type 30 has an invalid length. [ 63.386987][ T6273] syz.2.63 uses obsolete (PF_INET,SOCK_PACKET) [ 64.778822][ T6316] netlink: 'syz.0.69': attribute type 1 has an invalid length. [ 64.846971][ T6316] vlan2: entered promiscuous mode [ 65.399417][ T6327] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3738224872 (478492783616 ns) > initial count (91121186304 ns). Using initial count to start timer. [ 65.885935][ T6342] can0: slcan on pts0. [ 65.993667][ T6345] syz.2.74: attempt to access beyond end of device [ 65.993667][ T6345] nbd2: rw=0, sector=64, nr_sectors = 1 limit=0 [ 65.998219][ T6345] syz.2.74: attempt to access beyond end of device [ 65.998219][ T6345] nbd2: rw=0, sector=256, nr_sectors = 1 limit=0 [ 66.001892][ T6345] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 66.005492][ T6342] can0 (unregistered): slcan off pts0. [ 66.005591][ T6345] syz.2.74: attempt to access beyond end of device [ 66.005591][ T6345] nbd2: rw=0, sector=512, nr_sectors = 1 limit=0 [ 66.010839][ T6345] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 66.014316][ T6345] syz.2.74: attempt to access beyond end of device [ 66.014316][ T6345] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0 [ 66.018091][ T6345] syz.2.74: attempt to access beyond end of device [ 66.018091][ T6345] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0 [ 66.021714][ T6345] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 66.024551][ T6345] syz.2.74: attempt to access beyond end of device [ 66.024551][ T6345] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 66.028188][ T6345] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 66.030953][ T6345] syz.2.74: attempt to access beyond end of device [ 66.030953][ T6345] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0 [ 66.034651][ T6345] syz.2.74: attempt to access beyond end of device [ 66.034651][ T6345] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 66.043509][ T6345] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 66.047473][ T6345] syz.2.74: attempt to access beyond end of device [ 66.047473][ T6345] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 66.051310][ T6345] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 66.053156][ T6341] block nbd2: shutting down sockets [ 66.054411][ T6345] syz.2.74: attempt to access beyond end of device [ 66.054411][ T6345] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0 [ 66.059559][ T6345] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 66.062665][ T6345] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 66.066019][ T6345] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 66.749427][ T6359] netlink: 28 bytes leftover after parsing attributes in process `syz.0.78'. [ 66.752038][ T6359] netlink: 8 bytes leftover after parsing attributes in process `syz.0.78'. [ 66.801349][ T6361] netlink: 4 bytes leftover after parsing attributes in process `syz.0.79'. [ 67.608966][ T6369] netlink: 36 bytes leftover after parsing attributes in process `syz.2.81'. [ 68.056878][ T6390] netlink: 24 bytes leftover after parsing attributes in process `syz.2.85'. [ 68.474952][ T6401] netlink: 4 bytes leftover after parsing attributes in process `syz.3.86'. [ 68.478221][ T6401] netlink: 12 bytes leftover after parsing attributes in process `syz.3.86'. [ 68.763202][ T6406] 9pnet_fd: Insufficient options for proto=fd [ 69.834640][ T6074] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 70.224966][ T6074] usb 5-1: Using ep0 maxpacket: 8 [ 70.256093][ T6074] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 70.259454][ T6074] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 70.263206][ T6074] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.268198][ T6074] usb 5-1: config 0 descriptor?? [ 70.479322][ T6074] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 70.807167][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.834461][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.338660][ T57] usb 5-1: USB disconnect, device number 2 [ 72.319197][ T25] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 72.346500][ T6469] bond0: entered promiscuous mode [ 72.348353][ T6469] bond_slave_0: entered promiscuous mode [ 72.350517][ T6469] bond_slave_1: entered promiscuous mode [ 72.744180][ T6497] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 74.003344][ T6527] netlink: 'syz.2.107': attribute type 10 has an invalid length. [ 74.012011][ T6527] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.018666][ T6527] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 80.225811][ T6074] hid (null): unknown global tag 0xe [ 80.227475][ T6074] hid (null): unknown global tag 0xe [ 80.229437][ T6074] hid (null): unknown global tag 0xc [ 80.231171][ T6074] hid (null): unknown global tag 0xd [ 80.235873][ T6074] hid-generic 0000:0004:00A9.0003: unknown main item tag 0x0 [ 80.238107][ T6074] hid-generic 0000:0004:00A9.0003: unknown global tag 0xe [ 80.240138][ T6074] hid-generic 0000:0004:00A9.0003: item 0 2 1 14 parsing failed [ 80.242611][ T6074] hid-generic 0000:0004:00A9.0003: probe with driver hid-generic failed with error -22 [ 81.048002][ T835] cfg80211: failed to load regulatory.db [ 81.205583][ T6585] netlink: 40 bytes leftover after parsing attributes in process `syz.0.116'. [ 81.210546][ T6585] netlink: 40 bytes leftover after parsing attributes in process `syz.0.116'. [ 81.473193][ T6594] netlink: 'syz.0.120': attribute type 1 has an invalid length. [ 81.482098][ T6594] 8021q: adding VLAN 0 to HW filter on device bond1 [ 81.499491][ T6594] bond1: (slave gretap1): making interface the new active one [ 81.536385][ T6594] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 83.614496][ T5950] Bluetooth: hci1: command 0x0406 tx timeout [ 84.856611][ T6647] macvtap1: entered promiscuous mode [ 84.858653][ T6647] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 84.861295][ T6647] macvtap1: entered allmulticast mode [ 84.863234][ T6647] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 84.874522][ T6647] mac80211_hwsim hwsim2 wlan0: left allmulticast mode [ 84.877146][ T6647] mac80211_hwsim hwsim2 wlan0: left promiscuous mode [ 85.517121][ T6656] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.845192][ T6656] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.014770][ T6656] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.077395][ T6656] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.191361][ T6656] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.627373][ T6656] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.653792][ T6656] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.665518][ T6656] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.754184][ T6673] Bluetooth: MGMT ver 1.23 [ 87.158123][ T6680] warning: `syz.3.139' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 87.814569][ T8] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 87.996017][ T8] usb 6-1: config index 0 descriptor too short (expected 103, got 72) [ 88.002332][ T8] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 88.007430][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 88.012941][ T8] usb 6-1: Product: syz [ 88.017028][ T8] usb 6-1: Manufacturer: syz [ 88.019054][ T8] usb 6-1: SerialNumber: syz [ 88.036419][ T8] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 88.075030][ T8] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 89.005832][ T5982] usb 6-1: USB disconnect, device number 2 [ 89.101733][ T6701] Set syz1 is full, maxelem 65536 reached [ 89.124693][ T8] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 89.127045][ T8] ath9k_htc: Failed to initialize the device [ 89.131471][ T5982] usb 6-1: ath9k_htc: USB layer deinitialized [ 89.438582][ T6716] xt_TCPMSS: Only works on TCP SYN packets [ 89.904522][ T6713] overlayfs: missing 'lowerdir' [ 90.163618][ T6726] tipc: Started in network mode [ 90.165343][ T6726] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 90.167643][ T6726] tipc: Enabled bearer , priority 0 [ 91.306338][ T5984] tipc: Node number set to 11578026 [ 92.192558][ T6783] ptrace attach of "/syz-executor exec"[5951] was attempted by "/syz-executor exec"[6783] [ 92.804414][ T6804] tipc: Started in network mode [ 92.806073][ T6804] tipc: Node identity 10000, cluster identity 4711 [ 92.808383][ T6804] tipc: Node number set to 65536 [ 93.141337][ T6808] netlink: 9286 bytes leftover after parsing attributes in process `syz.0.160'. [ 93.414765][ T6811] netlink: 'syz.1.161': attribute type 2 has an invalid length. [ 93.417053][ T6811] netlink: 'syz.1.161': attribute type 8 has an invalid length. [ 93.419284][ T6811] netlink: 132 bytes leftover after parsing attributes in process `syz.1.161'. [ 95.400929][ T6840] macvtap1: entered promiscuous mode [ 95.402962][ T6840] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 95.406291][ T6840] macvtap1: entered allmulticast mode [ 95.408214][ T6840] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 95.412263][ T6840] mac80211_hwsim hwsim4 wlan0: left allmulticast mode [ 95.424558][ T6840] mac80211_hwsim hwsim4 wlan0: left promiscuous mode [ 95.643098][ T6836] netlink: 36 bytes leftover after parsing attributes in process `syz.0.168'. [ 96.145099][ T6850] xt_TCPMSS: Only works on TCP SYN packets [ 96.287403][ T5944] Bluetooth: hci3: link tx timeout [ 96.289404][ T5944] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 96.586529][ T6858] netlink: 'syz.3.172': attribute type 2 has an invalid length. [ 96.589935][ T6858] netlink: 'syz.3.172': attribute type 8 has an invalid length. [ 96.592158][ T6858] netlink: 132 bytes leftover after parsing attributes in process `syz.3.172'. [ 97.689061][ T6871] netlink: 'syz.0.176': attribute type 10 has an invalid length. [ 97.709268][ T6871] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.715680][ T6871] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 98.324477][ T5950] Bluetooth: hci3: command 0x0406 tx timeout [ 98.433627][ T6882] syz.0.187[6882] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.433675][ T6882] syz.0.187[6882] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.440470][ T6882] syz.0.187[6882] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.451008][ T6882] random: crng reseeded on system resumption [ 98.963117][ T6876] syz.1.185 (6876) used greatest stack depth: 20896 bytes left [ 99.052942][ T6892] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.132623][ T6892] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.146002][ T6894] netlink: 'syz.1.181': attribute type 1 has an invalid length. [ 99.154746][ T6894] 8021q: adding VLAN 0 to HW filter on device bond1 [ 99.171357][ T6894] bond1: (slave gretap1): making interface the new active one [ 99.174492][ T6894] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 99.216309][ T6892] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.286372][ T6892] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.361453][ T6892] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.421096][ T6892] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.429068][ T6892] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.445087][ T6892] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.587753][ T6904] netlink: 'syz.0.184': attribute type 2 has an invalid length. [ 99.589964][ T6904] netlink: 'syz.0.184': attribute type 8 has an invalid length. [ 99.592045][ T6904] netlink: 132 bytes leftover after parsing attributes in process `syz.0.184'. [ 101.515358][ T39] audit: type=1800 audit(1737434269.290:3): pid=6931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.199" name="/" dev="9p" ino=2 res=0 errno=0 [ 101.738528][ T39] audit: type=1800 audit(1737434269.510:4): pid=6939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.202" name="/" dev="9p" ino=2 res=0 errno=0 [ 101.754637][ T6934] netlink: 36 bytes leftover after parsing attributes in process `syz.1.190'. [ 102.243830][ T6951] netlink: 'syz.1.193': attribute type 10 has an invalid length. [ 102.253618][ T6951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.260179][ T6951] batadv0: entered promiscuous mode [ 102.262611][ T6951] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 102.603448][ T6954] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.676628][ T6954] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.782964][ T6954] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.940787][ T6954] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 103.083827][ T6954] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.089972][ T6954] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.101360][ T6954] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.123869][ T6954] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.812826][ T6990] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 105.718104][ T7013] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.801266][ T7013] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.900270][ T7013] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.984268][ T7013] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.106003][ T7013] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.124889][ T7013] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.167851][ T7013] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.189069][ T7013] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.567101][ T7069] fuse: Unknown parameter 'grou00000000000000000000' [ 108.578620][ T39] audit: type=1800 audit(1737434276.340:5): pid=7069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.226" name="/" dev="9p" ino=2 res=0 errno=0 [ 109.496536][ T7084] netlink: 'syz.0.225': attribute type 12 has an invalid length. [ 109.512783][ T39] audit: type=1800 audit(1737434277.280:6): pid=7086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.231" name="/" dev="9p" ino=2 res=0 errno=0 [ 110.268567][ T7106] fuse: Unknown parameter 'grou00000000000000000000' [ 110.818370][ T7120] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.959728][ T7120] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.965930][ T39] audit: type=1800 audit(1737434278.740:7): pid=7123 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.241" name="/" dev="9p" ino=2 res=0 errno=0 [ 111.101243][ T7120] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.168647][ T7120] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.262069][ T7120] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.277044][ T7120] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.294793][ T7120] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.300271][ T7120] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.417487][ T7116] syz.0.237 (7116) used greatest stack depth: 20688 bytes left [ 111.549173][ T7138] netlink: 'syz.2.243': attribute type 12 has an invalid length. [ 111.649413][ T7139] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.651966][ T7139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.654307][ T7139] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.656363][ T7139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.663609][ T7139] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 112.800001][ T39] audit: type=1800 audit(1737434280.570:8): pid=7161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.250" name="/" dev="9p" ino=2 res=0 errno=0 [ 112.915413][ T7164] netlink: 'syz.0.255': attribute type 12 has an invalid length. [ 113.136307][ T7170] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.194307][ T7170] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.288319][ T7170] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.372124][ T7170] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.531632][ T7170] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.553350][ T7170] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.569413][ T7170] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.583599][ T7170] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.594011][ T7181] netlink: 'syz.3.257': attribute type 12 has an invalid length. [ 114.022729][ T7187] netlink: 'syz.0.266': attribute type 12 has an invalid length. [ 114.087985][ T39] audit: type=1800 audit(1737434281.860:9): pid=7192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.260" name="/" dev="9p" ino=2 res=0 errno=0 [ 114.100760][ T7188] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 114.394728][ T7200] ptrace attach of "/syz-executor exec"[5947] was attempted by "/syz-executor exec"[7200] [ 114.706224][ T7208] netlink: 'syz.0.262': attribute type 12 has an invalid length. [ 115.414475][ T7217] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.485985][ T7217] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.626342][ T7217] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.701482][ T7219] netlink: 'syz.0.269': attribute type 12 has an invalid length. [ 115.762807][ T7217] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.861266][ T7230] netlink: 'syz.2.271': attribute type 12 has an invalid length. [ 116.025282][ T7217] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.030178][ T7217] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.036392][ T7217] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.041888][ T7217] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.154219][ T7232] bond0: left promiscuous mode [ 116.155839][ T7232] bond_slave_0: left promiscuous mode [ 116.157628][ T7232] bond_slave_1: left promiscuous mode [ 116.159416][ T7232] batadv0: left promiscuous mode [ 116.162441][ T7232] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.167376][ T7232] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 116.972251][ T7253] netlink: 'syz.3.278': attribute type 12 has an invalid length. [ 117.124416][ T5984] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 117.198879][ T7259] netlink: 'syz.0.281': attribute type 12 has an invalid length. [ 117.275730][ T5984] usb 7-1: config index 0 descriptor too short (expected 103, got 72) [ 117.280103][ T5984] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 117.282725][ T5984] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.291569][ T5984] usb 7-1: Product: syz [ 117.292793][ T5984] usb 7-1: Manufacturer: syz [ 117.294146][ T5984] usb 7-1: SerialNumber: syz [ 117.299296][ T5984] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 117.313639][ T5984] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 117.841744][ T63] usb 7-1: USB disconnect, device number 3 [ 117.949238][ T7270] netlink: 'syz.1.284': attribute type 12 has an invalid length. [ 118.324436][ T5984] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 118.327135][ T5984] ath9k_htc: Failed to initialize the device [ 118.330059][ T63] usb 7-1: ath9k_htc: USB layer deinitialized [ 119.129843][ T7288] netlink: 'syz.1.296': attribute type 12 has an invalid length. [ 119.902683][ T7300] netlink: 'syz.2.290': attribute type 12 has an invalid length. [ 120.981384][ T7319] netlink: 'syz.3.291': attribute type 10 has an invalid length. [ 120.986929][ T7319] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 120.990913][ T7319] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 121.496803][ T7314] netlink: 'syz.0.301': attribute type 12 has an invalid length. [ 122.575663][ T7348] netlink: 'syz.1.306': attribute type 12 has an invalid length. [ 122.870575][ T7355] netlink: 9286 bytes leftover after parsing attributes in process `syz.2.308'. [ 123.348362][ T7361] tipc: Started in network mode [ 123.369030][ T7361] tipc: Node identity 10000, cluster identity 4711 [ 123.380595][ T7361] tipc: Node number set to 65536 [ 123.924411][ T7363] netlink: 'syz.1.311': attribute type 12 has an invalid length. [ 124.072024][ T7370] netlink: 4 bytes leftover after parsing attributes in process `syz.0.310'. [ 125.695426][ T7399] netlink: 'syz.3.321': attribute type 1 has an invalid length. [ 125.713715][ T7399] 8021q: adding VLAN 0 to HW filter on device bond1 [ 125.732828][ T7399] bond1: (slave gretap1): making interface the new active one [ 125.738390][ T7399] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 127.924543][ T5950] Bluetooth: hci3: command 0x0406 tx timeout [ 128.076361][ T7442] netlink: 4 bytes leftover after parsing attributes in process `syz.2.329'. [ 128.882976][ T7478] fuse: Bad value for 'fd' [ 128.891074][ T39] audit: type=1800 audit(1737434296.660:10): pid=7478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.334" name="/" dev="9p" ino=2 res=0 errno=0 [ 130.568031][ T7516] netlink: 20 bytes leftover after parsing attributes in process `syz.1.343'. [ 130.578932][ T7516] geneve0: entered allmulticast mode [ 131.795806][ T7525] netlink: 4 bytes leftover after parsing attributes in process `syz.1.344'. [ 132.258496][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.261066][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.483211][ T7522] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 132.656982][ T5950] Bluetooth: hci2: command 0x0406 tx timeout [ 133.478267][ T7544] netlink: 'syz.1.348': attribute type 10 has an invalid length. [ 133.482286][ T7544] netlink: 'syz.1.348': attribute type 10 has an invalid length. [ 133.639757][ T7543] netlink: 4 bytes leftover after parsing attributes in process `syz.3.345'. [ 134.123639][ T8] IPVS: starting estimator thread 0... [ 134.230317][ T7562] netlink: 4 bytes leftover after parsing attributes in process `syz.0.350'. [ 134.244541][ T7550] IPVS: using max 39 ests per chain, 93600 per kthread [ 134.279712][ T7560] vlan2: entered allmulticast mode [ 134.281591][ T7560] bond0: entered allmulticast mode [ 134.283115][ T7560] bond_slave_0: entered allmulticast mode [ 134.285252][ T7560] bond_slave_1: entered allmulticast mode [ 134.287060][ T7560] batadv0: entered allmulticast mode [ 134.290236][ T7560] bond0: left allmulticast mode [ 134.291738][ T7560] bond_slave_0: left allmulticast mode [ 134.293381][ T7560] bond_slave_1: left allmulticast mode [ 134.297239][ T7560] batadv0: left allmulticast mode [ 134.378880][ T7570] hub 9-0:1.0: USB hub found [ 134.380492][ T7570] hub 9-0:1.0: 1 port detected [ 135.117861][ T7594] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 135.121197][ T7594] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 135.124783][ T7594] vhci_hcd vhci_hcd.0: Device attached [ 135.714516][ T5981] vhci_hcd: vhci_device speed not set [ 135.774420][ T5981] usb 41-1: new full-speed USB device number 2 using vhci_hcd [ 136.259248][ T7595] vhci_hcd: connection reset by peer [ 136.263635][ T11] vhci_hcd: stop threads [ 136.266211][ T11] vhci_hcd: release socket [ 136.269359][ T11] vhci_hcd: disconnect device [ 137.610097][ T7622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.362'. [ 138.405125][ T5950] Bluetooth: hci0: command 0x0406 tx timeout [ 138.561334][ T7632] netlink: 4 bytes leftover after parsing attributes in process `syz.1.366'. [ 138.796659][ T7636] netlink: 4 bytes leftover after parsing attributes in process `syz.0.374'. [ 139.170462][ T7642] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 139.172384][ T7642] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 139.175568][ T7642] vhci_hcd vhci_hcd.0: Device attached [ 139.354468][ T25] vhci_hcd: vhci_device speed not set [ 139.415169][ T25] usb 43-1: new full-speed USB device number 2 using vhci_hcd [ 139.785310][ T7653] block device autoloading is deprecated and will be removed. [ 140.855005][ T7643] vhci_hcd: connection reset by peer [ 140.860797][ T76] vhci_hcd: stop threads [ 140.862231][ T76] vhci_hcd: release socket [ 140.863747][ T76] vhci_hcd: disconnect device [ 140.894453][ T5981] vhci_hcd: vhci_device speed not set [ 141.512259][ T7676] netlink: 'syz.1.373': attribute type 12 has an invalid length. [ 141.723291][ T7678] input: syz1 as /devices/virtual/input/input6 [ 141.871721][ T5983] IPVS: starting estimator thread 0... [ 141.964457][ T7683] IPVS: using max 39 ests per chain, 93600 per kthread [ 142.251098][ T7690] netlink: 'syz.0.386': attribute type 12 has an invalid length. [ 142.812428][ T7697] vlan2: entered allmulticast mode [ 142.814255][ T7697] bond0: entered allmulticast mode [ 142.819497][ T7697] bond_slave_0: entered allmulticast mode [ 142.821317][ T7697] bond_slave_1: entered allmulticast mode [ 142.822976][ T7697] batadv0: entered allmulticast mode [ 142.884324][ T7697] bond0: left allmulticast mode [ 142.886033][ T7697] bond_slave_0: left allmulticast mode [ 142.887616][ T7697] bond_slave_1: left allmulticast mode [ 142.889298][ T7697] batadv0: left allmulticast mode [ 142.938871][ T7699] hub 9-0:1.0: USB hub found [ 142.942489][ T7699] hub 9-0:1.0: 1 port detected [ 144.119661][ T7722] fuse: Unknown parameter 'group_i00000000000000000000' [ 144.127191][ T39] audit: type=1800 audit(1737434311.900:11): pid=7722 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.387" name="/" dev="9p" ino=2 res=0 errno=0 [ 144.158649][ T7720] evm: overlay not supported [ 144.316399][ T7729] fuse: Unknown parameter 'group_i00000000000000000000' [ 144.336641][ T39] audit: type=1800 audit(1737434312.110:12): pid=7729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.399" name="/" dev="9p" ino=2 res=0 errno=0 [ 144.554825][ T25] vhci_hcd: vhci_device speed not set [ 144.674202][ T7731] netlink: 'syz.2.390': attribute type 12 has an invalid length. [ 145.061595][ T63] IPVS: starting estimator thread 0... [ 145.158920][ T7740] IPVS: using max 39 ests per chain, 93600 per kthread [ 145.197951][ T7745] loop7: detected capacity change from 0 to 16384 [ 146.659550][ T7768] netlink: 44 bytes leftover after parsing attributes in process `syz.0.407'. [ 146.663195][ T7768] netlink: 59 bytes leftover after parsing attributes in process `syz.0.407'. [ 147.950147][ T7789] netlink: 'syz.0.404': attribute type 12 has an invalid length. [ 149.597562][ T7822] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 149.758936][ T7826] process 'syz.0.413' launched '/dev/fd/7' with NULL argv: empty string added [ 150.798447][ T7839] netlink: 'syz.0.417': attribute type 12 has an invalid length. [ 151.503244][ T7855] fuse: Unknown parameter 'group_id00000000000000000000' [ 151.516284][ T39] audit: type=1800 audit(1737434319.280:13): pid=7855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.423" name="/" dev="9p" ino=2 res=0 errno=0 [ 151.924530][ T5950] Bluetooth: hci3: command 0x0406 tx timeout [ 153.574597][ T7890] netlink: 'syz.1.430': attribute type 12 has an invalid length. [ 155.366454][ T7920] binder: 7916:7920 ioctl c0306201 0 returned -14 [ 155.836943][ T7923] fuse: Bad value for 'user_id' [ 155.838839][ T7923] fuse: Bad value for 'user_id' [ 155.849585][ T39] audit: type=1800 audit(1737434323.620:14): pid=7923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.439" name="/" dev="9p" ino=2 res=0 errno=0 [ 156.064689][ T7928] netlink: 4 bytes leftover after parsing attributes in process `syz.0.441'. [ 156.067664][ T7928] netlink: 4 bytes leftover after parsing attributes in process `syz.0.441'. [ 156.070240][ T7928] netlink: 4 bytes leftover after parsing attributes in process `syz.0.441'. [ 156.218578][ T7933] netlink: 'syz.3.440': attribute type 12 has an invalid length. [ 156.968640][ T7943] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 156.970594][ T7943] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 156.973197][ T7943] vhci_hcd vhci_hcd.0: Device attached [ 157.225097][ T5983] vhci_hcd: vhci_device speed not set [ 157.284503][ T5983] usb 39-1: new full-speed USB device number 2 using vhci_hcd [ 157.942817][ T7965] ptrace attach of "/syz-executor exec"[5951] was attempted by "/syz-executor exec"[7965] [ 158.578484][ T7946] vhci_hcd: connection reset by peer [ 158.583780][ T70] vhci_hcd: stop threads [ 158.587427][ T70] vhci_hcd: release socket [ 158.589505][ T70] vhci_hcd: disconnect device [ 159.908407][ T7997] fuse: Bad value for 'fd' [ 159.915156][ T39] audit: type=1800 audit(1737434840.691:15): pid=7997 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.459" name="/" dev="9p" ino=2 res=0 errno=0 [ 160.639745][ T8015] netlink: 'syz.1.463': attribute type 12 has an invalid length. [ 160.684404][ T35] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 160.874411][ T35] usb 7-1: Using ep0 maxpacket: 16 [ 160.885085][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 160.888194][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 160.890954][ T35] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 160.893525][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.905502][ T35] usb 7-1: config 0 descriptor?? [ 161.317469][ T35] appleir 0003:05AC:8241.0004: unknown main item tag 0x0 [ 161.319557][ T35] appleir 0003:05AC:8241.0004: unknown main item tag 0x0 [ 161.321573][ T35] appleir 0003:05AC:8241.0004: unknown main item tag 0x0 [ 161.326535][ T35] appleir 0003:05AC:8241.0004: unknown main item tag 0x0 [ 161.334437][ T35] appleir 0003:05AC:8241.0004: unknown main item tag 0x0 [ 161.336681][ T35] appleir 0003:05AC:8241.0004: No inputs registered, leaving [ 161.404650][ T35] appleir 0003:05AC:8241.0004: hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0 [ 161.677217][ T25] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 161.696491][ T8029] bond0: entered promiscuous mode [ 161.698038][ T8029] bond_slave_0: entered promiscuous mode [ 161.700015][ T8029] bond_slave_1: entered promiscuous mode [ 161.703152][ T8029] batadv0: entered promiscuous mode [ 161.978776][ T8049] fuse: Bad value for 'fd' [ 161.984672][ T39] audit: type=1800 audit(1737434842.751:16): pid=8049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.468" name="/" dev="9p" ino=2 res=0 errno=0 [ 162.104506][ T8055] 9pnet_fd: Insufficient options for proto=fd [ 162.110936][ T8055] netlink: 'syz.1.470': attribute type 1 has an invalid length. [ 162.121333][ T8055] 8021q: adding VLAN 0 to HW filter on device bond2 [ 162.140900][ T8055] 8021q: adding VLAN 0 to HW filter on device bond2 [ 162.144566][ T8055] bond2: (slave vcan1): The slave device specified does not support setting the MAC address [ 162.148086][ T8055] bond2: (slave vcan1): Error -95 calling set_mac_address [ 162.243916][ T8061] netlink: 284 bytes leftover after parsing attributes in process `syz.3.472'. [ 162.394496][ T5983] vhci_hcd: vhci_device speed not set [ 162.834476][ T5984] usb 7-1: reset high-speed USB device number 4 using dummy_hcd [ 163.203155][ T8074] netlink: 20 bytes leftover after parsing attributes in process `syz.3.476'. [ 163.208109][ T8074] geneve0: entered allmulticast mode [ 163.224259][ T8075] netlink: 'syz.0.475': attribute type 12 has an invalid length. [ 164.267455][ T35] usb 7-1: USB disconnect, device number 4 [ 172.141804][ T8101] netlink: 4 bytes leftover after parsing attributes in process `syz.0.477'. [ 172.671941][ T8113] siw: device registration error -23 [ 172.714487][ T57] usb 8-1: new full-speed USB device number 2 using dummy_hcd [ 172.849313][ T39] audit: type=1326 audit(1737434853.621:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.485" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f68579 code=0x0 [ 172.905999][ T57] usb 8-1: not running at top speed; connect to a high speed hub [ 172.909058][ T57] usb 8-1: config 1 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 911, setting to 64 [ 172.912130][ T57] usb 8-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 172.916020][ T57] usb 8-1: config 1 interface 0 has no altsetting 0 [ 172.919732][ T57] usb 8-1: New USB device found, idVendor=056a, idProduct=010f, bcdDevice= 0.40 [ 172.922369][ T57] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.924820][ T57] usb 8-1: Product: syz [ 172.926040][ T57] usb 8-1: Manufacturer: syz [ 172.927379][ T57] usb 8-1: SerialNumber: syz [ 172.935867][ T8106] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 173.110804][ T8128] netlink: 'syz.2.487': attribute type 12 has an invalid length. [ 173.704937][ T63] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 173.764496][ T5983] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 173.767454][ T8140] bond0: entered promiscuous mode [ 173.769609][ T8140] bond_slave_0: entered promiscuous mode [ 173.771982][ T8140] bond_slave_1: entered promiscuous mode [ 173.774540][ T8140] batadv0: entered promiscuous mode [ 173.915377][ T5983] usb 7-1: Using ep0 maxpacket: 16 [ 173.918916][ T5983] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.923308][ T5983] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 173.927477][ T5983] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 173.931047][ T5983] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.935610][ T5983] usb 7-1: config 0 descriptor?? [ 174.345211][ T5983] appleir 0003:05AC:8241.0005: unknown main item tag 0x0 [ 174.347318][ T5983] appleir 0003:05AC:8241.0005: unknown main item tag 0x0 [ 174.349481][ T5983] appleir 0003:05AC:8241.0005: unknown main item tag 0x0 [ 174.351599][ T5983] appleir 0003:05AC:8241.0005: unknown main item tag 0x0 [ 174.353677][ T5983] appleir 0003:05AC:8241.0005: unknown main item tag 0x0 [ 174.356488][ T5983] appleir 0003:05AC:8241.0005: No inputs registered, leaving [ 174.361941][ T5983] appleir 0003:05AC:8241.0005: hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0 [ 174.494900][ T5944] Bluetooth: hci2: command 0x0406 tx timeout [ 174.974405][ T57] usbhid 8-1:1.0: can't add hid device: -71 [ 174.976377][ T57] usbhid 8-1:1.0: probe with driver usbhid failed with error -71 [ 174.982053][ T57] usb 8-1: USB disconnect, device number 2 [ 175.682445][ T8172] netlink: 4 bytes leftover after parsing attributes in process `syz.1.493'. [ 175.794427][ T835] usb 7-1: reset high-speed USB device number 5 using dummy_hcd [ 176.422485][ T8183] netlink: 'syz.2.496': attribute type 12 has an invalid length. [ 177.076720][ T5984] usb 7-1: USB disconnect, device number 5 [ 183.982246][ T8208] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 183.984936][ T8208] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 183.988897][ T8208] vhci_hcd vhci_hcd.0: Device attached [ 184.274758][ T8217] siw: device registration error -23 [ 184.472005][ T835] vhci_hcd: vhci_device speed not set [ 184.534420][ T835] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 185.676897][ T8209] vhci_hcd: connection reset by peer [ 185.694555][ T70] vhci_hcd: stop threads [ 185.695875][ T70] vhci_hcd: release socket [ 185.697264][ T70] vhci_hcd: disconnect device [ 185.844433][ T8244] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 185.847244][ T8244] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 185.849898][ T8244] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 186.065953][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.508'. [ 186.069905][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.508'. [ 186.072836][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.508'. [ 186.075820][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.508'. [ 186.078662][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.508'. [ 186.081520][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.508'. [ 186.084501][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.508'. [ 186.087333][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.508'. [ 186.090285][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.508'. [ 186.093103][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.508'. [ 187.026011][ T8268] netlink: 'syz.3.512': attribute type 1 has an invalid length. [ 187.048671][ T8268] bond2: entered promiscuous mode [ 187.050587][ T8268] 8021q: adding VLAN 0 to HW filter on device bond2 [ 187.090767][ T8268] 8021q: adding VLAN 0 to HW filter on device bond3 [ 187.094415][ T8268] bond2: (slave bond3): making interface the new active one [ 187.096967][ T8268] bond3: entered promiscuous mode [ 187.098856][ T8268] bond2: (slave bond3): Enslaving as an active interface with an up link [ 187.146476][ T8268] netlink: 'syz.3.512': attribute type 2 has an invalid length. [ 189.276616][ T8314] binder: 8303:8314 ioctl c0306201 0 returned -14 [ 189.662417][ T8322] ntfs3(nullb0): Primary boot signature is not NTFS. [ 189.664763][ T8322] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00 [ 189.666073][ T39] audit: type=1800 audit(1737434870.441:18): pid=8320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.523" name="/" dev="9p" ino=2 res=0 errno=0 [ 189.702839][ T835] vhci_hcd: vhci_device speed not set [ 191.874803][ T8363] binder: 8361:8363 ioctl c0306201 0 returned -14 [ 193.686328][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.694682][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.046853][ T8407] netlink: 'syz.2.543': attribute type 12 has an invalid length. [ 196.700677][ T8449] netlink: 'syz.1.550': attribute type 12 has an invalid length. [ 197.762420][ T8468] overlayfs: empty lowerdir [ 197.884681][ T8474] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 197.887084][ T8474] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 197.890117][ T8474] vhci_hcd vhci_hcd.0: Device attached [ 198.074545][ T35] vhci_hcd: vhci_device speed not set [ 198.134475][ T35] usb 43-1: new full-speed USB device number 3 using vhci_hcd [ 198.154899][ T8468] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.793653][ T8491] ubi0: attaching mtd0 [ 198.798180][ T8491] ubi0: scanning is finished [ 198.800085][ T8491] ubi0: empty MTD device detected [ 198.812161][ T8492] netlink: 'syz.0.564': attribute type 12 has an invalid length. [ 198.888944][ T8475] vhci_hcd: connection reset by peer [ 198.891683][ T70] vhci_hcd: stop threads [ 198.893507][ T70] vhci_hcd: release socket [ 198.895557][ T70] vhci_hcd: disconnect device [ 198.983028][ T8491] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 198.985626][ T8491] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 198.988100][ T8491] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 198.990168][ T8491] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 198.992371][ T8491] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 198.994440][ T8491] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 198.997372][ T8491] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2765498802 [ 199.002411][ T8491] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 199.005990][ T8493] ubi0: background thread "ubi_bgt0d" started, PID 8493 [ 199.009508][ T8495] fuse: Unknown parameter 'user_i00000000000000000000' [ 199.016033][ T39] audit: type=1800 audit(1737434879.791:19): pid=8495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.566" name="/" dev="9p" ino=2 res=0 errno=0 [ 199.478080][ T8506] __nla_validate_parse: 27 callbacks suppressed [ 199.478091][ T8506] netlink: 4 bytes leftover after parsing attributes in process `syz.2.568'. [ 199.482458][ T8506] netlink: 4 bytes leftover after parsing attributes in process `syz.2.568'. [ 199.683268][ T8511] 9pnet_fd: Insufficient options for proto=fd [ 200.126406][ T8519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'. [ 200.130064][ T8519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'. [ 200.133010][ T8519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'. [ 200.135938][ T8519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'. [ 200.138898][ T8519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'. [ 200.141750][ T8519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'. [ 200.144777][ T8519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'. [ 200.147720][ T8519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'. [ 201.298423][ T8533] fuse: Unknown parameter 'user_i00000000000000000000' [ 201.303176][ T39] audit: type=1800 audit(1737434882.071:20): pid=8533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.576" name="/" dev="9p" ino=2 res=0 errno=0 [ 201.497474][ T8542] netlink: 'syz.3.578': attribute type 12 has an invalid length. [ 201.925132][ T8549] block device autoloading is deprecated and will be removed. [ 201.995811][ T8548] md2: using deprecated bitmap file support [ 201.997676][ T8548] md2: error: bitmap file must be a regular file [ 202.852508][ T8570] binder_alloc: 8568: binder_alloc_buf size 4096 failed, no address space [ 202.855287][ T8570] binder_alloc: allocated: 8 (num: 1 largest: 8), free: 4088 (num: 1 largest: 4088) [ 203.284485][ T35] vhci_hcd: vhci_device speed not set [ 203.463961][ T8575] netlink: 'syz.2.587': attribute type 12 has an invalid length. [ 204.517253][ T8586] netlink: 'syz.3.589': attribute type 12 has an invalid length. [ 205.055089][ T8598] loop2: detected capacity change from 0 to 524287999 [ 205.811485][ T8616] netlink: 'syz.3.598': attribute type 12 has an invalid length. [ 207.804838][ T8659] netlink: 'syz.2.610': attribute type 12 has an invalid length. [ 208.498608][ T8670] ptrace attach of "/syz-executor exec"[5947] was attempted by "/syz-executor exec"[8670] [ 209.032184][ T8684] Bluetooth: MGMT ver 1.23 [ 209.039281][ T8684] __nla_validate_parse: 29 callbacks suppressed [ 209.039296][ T8684] netlink: 197276 bytes leftover after parsing attributes in process `syz.3.619'. [ 209.284584][ T35] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 209.441288][ T35] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 209.444460][ T35] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 209.447077][ T35] usb 8-1: config 0 interface 0 has no altsetting 0 [ 209.449820][ T35] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 209.452612][ T35] usb 8-1: config 0 interface 0 has no altsetting 0 [ 209.455500][ T35] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 209.458186][ T35] usb 8-1: config 0 interface 0 has no altsetting 0 [ 209.460922][ T35] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 209.467198][ T35] usb 8-1: config 0 interface 0 has no altsetting 0 [ 209.470480][ T35] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 209.473107][ T35] usb 8-1: config 0 interface 0 has no altsetting 0 [ 209.476149][ T35] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 209.478816][ T35] usb 8-1: config 0 interface 0 has no altsetting 0 [ 209.482333][ T35] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 209.485911][ T35] usb 8-1: config 0 interface 0 has no altsetting 0 [ 209.491965][ T35] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 209.495824][ T35] usb 8-1: config 0 interface 0 has no altsetting 0 [ 209.501125][ T35] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 209.504779][ T35] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 209.508066][ T35] usb 8-1: Product: syz [ 209.509749][ T35] usb 8-1: Manufacturer: syz [ 209.511543][ T35] usb 8-1: SerialNumber: syz [ 209.513818][ T35] usb 8-1: config 0 descriptor?? [ 209.522013][ T35] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 209.529936][ T8693] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 209.694469][ T63] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 209.731471][ T5981] usb 8-1: USB disconnect, device number 3 [ 209.742209][ T5981] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 209.844478][ T63] usb 6-1: Using ep0 maxpacket: 32 [ 209.847201][ T63] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 209.851576][ T63] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 209.855532][ T63] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 209.858090][ T63] usb 6-1: Product: syz [ 209.859320][ T63] usb 6-1: Manufacturer: syz [ 209.860674][ T63] usb 6-1: SerialNumber: syz [ 209.862870][ T63] usb 6-1: config 0 descriptor?? [ 209.864978][ T8690] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 210.075890][ T8690] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 210.080082][ T8690] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 210.190651][ T8702] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 210.194035][ T8702] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 210.399933][ T8702] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 210.406765][ T8702] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 210.415183][ T8702] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 210.418213][ T8702] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 210.427298][ T5981] usb 6-1: USB disconnect, device number 3 [ 210.615684][ T8710] bio_check_eod: 2 callbacks suppressed [ 210.615695][ T8710] syz.3.624: attempt to access beyond end of device [ 210.615695][ T8710] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 210.621148][ T8710] XFS (nbd3): SB validate failed with error -5. [ 210.924487][ T835] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 211.044486][ T5944] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 211.044504][ T5297] Bluetooth: hci0: command 0x0406 tx timeout [ 211.095587][ T835] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1023 [ 211.099884][ T835] usb 6-1: New USB device found, idVendor=1bc7, idProduct=1040, bcdDevice=b5.b1 [ 211.102465][ T835] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.105474][ T835] usb 6-1: Product: syz [ 211.106706][ T835] usb 6-1: Manufacturer: syz [ 211.108414][ T835] usb 6-1: SerialNumber: syz [ 211.110948][ T835] usb 6-1: config 0 descriptor?? [ 211.114512][ T8690] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 211.117586][ T835] option 6-1:0.0: GSM modem (1-port) converter detected [ 211.221446][ T8723] fuse: Bad value for 'fd' [ 211.228805][ T39] audit: type=1800 audit(1737434892.001:21): pid=8723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.629" name="/" dev="9p" ino=2 res=0 errno=0 [ 211.404629][ T57] usb 6-1: USB disconnect, device number 4 [ 211.423553][ T57] option 6-1:0.0: device disconnected [ 211.561502][ T8733] netlink: 4 bytes leftover after parsing attributes in process `syz.3.631'. [ 211.568117][ T8733] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 212.504407][ T834] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 212.654476][ T834] usb 6-1: Using ep0 maxpacket: 16 [ 212.667109][ T834] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 212.670210][ T834] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 212.672979][ T834] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 212.676011][ T834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.684823][ T834] usb 6-1: config 0 descriptor?? [ 213.140436][ T834] appleir 0003:05AC:8241.0006: unknown main item tag 0x0 [ 213.142477][ T834] appleir 0003:05AC:8241.0006: unknown main item tag 0x0 [ 213.144672][ T834] appleir 0003:05AC:8241.0006: unknown main item tag 0x0 [ 213.146710][ T834] appleir 0003:05AC:8241.0006: unknown main item tag 0x0 [ 213.148714][ T834] appleir 0003:05AC:8241.0006: unknown main item tag 0x0 [ 213.150928][ T834] appleir 0003:05AC:8241.0006: No inputs registered, leaving [ 213.154441][ T834] appleir 0003:05AC:8241.0006: hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0 [ 213.384830][ T8761] netlink: 'syz.0.638': attribute type 12 has an invalid length. [ 213.467480][ T57] usb 6-1: USB disconnect, device number 5 [ 213.874457][ T5983] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 214.036032][ T5983] usb 7-1: Using ep0 maxpacket: 32 [ 214.038731][ T5983] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 214.043114][ T5983] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 214.045993][ T5983] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 214.048323][ T5983] usb 7-1: Product: syz [ 214.049529][ T5983] usb 7-1: Manufacturer: syz [ 214.050865][ T5983] usb 7-1: SerialNumber: syz [ 214.054261][ T5983] usb 7-1: config 0 descriptor?? [ 214.057543][ T8768] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 214.288235][ T8768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 214.294673][ T8768] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 214.436975][ T8785] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 214.439996][ T8785] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 214.650513][ T8785] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 214.653706][ T8785] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 214.673161][ T8785] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 214.679056][ T8785] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 214.691929][ T63] usb 7-1: USB disconnect, device number 6 [ 215.294539][ T5981] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 215.386461][ T8796] netlink: 'syz.3.646': attribute type 12 has an invalid length. [ 215.515564][ T5981] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1023 [ 215.519822][ T5981] usb 7-1: New USB device found, idVendor=1bc7, idProduct=1040, bcdDevice=b5.b1 [ 215.522481][ T5981] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 215.524889][ T5981] usb 7-1: Product: syz [ 215.526116][ T5981] usb 7-1: Manufacturer: syz [ 215.527442][ T5981] usb 7-1: SerialNumber: syz [ 215.583658][ T5981] usb 7-1: config 0 descriptor?? [ 215.586522][ T8768] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 215.591758][ T5981] option 7-1:0.0: GSM modem (1-port) converter detected [ 215.796788][ T5981] usb 7-1: USB disconnect, device number 7 [ 215.799019][ T5981] option 7-1:0.0: device disconnected [ 216.614519][ T63] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 216.672139][ T8822] netlink: 'syz.1.653': attribute type 12 has an invalid length. [ 216.994571][ T63] usb 7-1: Using ep0 maxpacket: 16 [ 216.999694][ T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 217.004434][ T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 217.007774][ T63] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 217.012059][ T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.021051][ T63] usb 7-1: config 0 descriptor?? [ 217.430144][ T63] appleir 0003:05AC:8241.0007: unknown main item tag 0x0 [ 217.432176][ T63] appleir 0003:05AC:8241.0007: unknown main item tag 0x0 [ 217.434170][ T63] appleir 0003:05AC:8241.0007: unknown main item tag 0x0 [ 217.441275][ T63] appleir 0003:05AC:8241.0007: unknown main item tag 0x0 [ 217.443276][ T63] appleir 0003:05AC:8241.0007: unknown main item tag 0x0 [ 217.454687][ T63] appleir 0003:05AC:8241.0007: No inputs registered, leaving [ 217.469324][ T63] appleir 0003:05AC:8241.0007: hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0 [ 217.794438][ T5981] usb 7-1: USB disconnect, device number 8 [ 218.439733][ T8845] nvme_fabrics: missing parameter 'transport=%s' [ 218.441775][ T8845] nvme_fabrics: missing parameter 'nqn=%s' [ 218.900760][ T8858] netlink: 28 bytes leftover after parsing attributes in process `syz.1.662'. [ 219.128376][ T8860] netlink: 'syz.1.663': attribute type 12 has an invalid length. [ 219.743565][ T8870] netlink: 'syz.1.666': attribute type 12 has an invalid length. [ 220.284448][ T5983] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 220.444510][ T5983] usb 5-1: Using ep0 maxpacket: 16 [ 220.457277][ T5983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 220.460482][ T5983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 220.463253][ T5983] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 220.466597][ T5983] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.473273][ T5983] usb 5-1: config 0 descriptor?? [ 220.884194][ T5983] appleir 0003:05AC:8241.0008: unknown main item tag 0x0 [ 220.886446][ T5983] appleir 0003:05AC:8241.0008: unknown main item tag 0x0 [ 220.888607][ T5983] appleir 0003:05AC:8241.0008: unknown main item tag 0x0 [ 220.890718][ T5983] appleir 0003:05AC:8241.0008: unknown main item tag 0x0 [ 220.892966][ T5983] appleir 0003:05AC:8241.0008: unknown main item tag 0x0 [ 220.895658][ T5983] appleir 0003:05AC:8241.0008: No inputs registered, leaving [ 220.900140][ T5983] appleir 0003:05AC:8241.0008: hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0 [ 221.205560][ T63] usb 5-1: USB disconnect, device number 3 [ 221.512526][ T8907] netlink: 'syz.3.674': attribute type 12 has an invalid length. [ 222.094606][ T8916] netlink: 100 bytes leftover after parsing attributes in process `syz.2.678'. [ 222.141581][ T8916] syzkaller0: entered promiscuous mode [ 222.143728][ T8916] syzkaller0: entered allmulticast mode [ 222.295760][ C2] vcan0: j1939_xtp_rx_dat: no tx connection found [ 222.465239][ T8926] fuse: Unknown parameter 'fd0x0000000000000007' [ 223.048246][ C2] vcan0: j1939_tp_rxtimer: 0xffff888069b7e400: rx timeout, send abort [ 223.553122][ C2] vcan0: j1939_tp_rxtimer: 0xffff888069b7e400: abort rx timeout. Force session deactivation [ 225.668953][ T8958] netlink: 180 bytes leftover after parsing attributes in process `syz.3.691'. [ 225.697173][ T8958] netlink: 24 bytes leftover after parsing attributes in process `syz.3.691'. [ 225.700970][ T8958] netlink: 16 bytes leftover after parsing attributes in process `syz.3.691'. [ 225.704668][ T8958] netlink: 24 bytes leftover after parsing attributes in process `syz.3.691'. [ 226.695032][ T63] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 226.864483][ T63] usb 8-1: Using ep0 maxpacket: 32 [ 226.875122][ T63] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 226.886691][ T63] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 226.889386][ T63] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 226.891710][ T63] usb 8-1: Product: syz [ 226.892908][ T63] usb 8-1: Manufacturer: syz [ 226.894233][ T63] usb 8-1: SerialNumber: syz [ 226.896820][ T63] usb 8-1: config 0 descriptor?? [ 226.898649][ T8979] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 227.106376][ T8979] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 227.108937][ T8979] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 227.216155][ T8992] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 227.230387][ T8992] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 227.452869][ T8992] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 227.455350][ T8992] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 227.459266][ T8992] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 227.461481][ T8992] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 227.466860][ T63] usb 8-1: USB disconnect, device number 4 [ 227.964542][ T35] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 228.127767][ T35] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1023 [ 228.134320][ T35] usb 8-1: New USB device found, idVendor=1bc7, idProduct=1040, bcdDevice=b5.b1 [ 228.139176][ T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.142644][ T35] usb 8-1: Product: syz [ 228.144570][ T35] usb 8-1: Manufacturer: syz [ 228.146571][ T35] usb 8-1: SerialNumber: syz [ 228.151841][ T35] usb 8-1: config 0 descriptor?? [ 228.155330][ T8979] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 228.159725][ T35] option 8-1:0.0: GSM modem (1-port) converter detected [ 228.366156][ T57] usb 8-1: USB disconnect, device number 5 [ 228.368546][ T57] option 8-1:0.0: device disconnected [ 230.380310][ T9059] lo speed is unknown, defaulting to 1000 [ 230.385218][ T9059] lo speed is unknown, defaulting to 1000 [ 230.387828][ T9059] lo speed is unknown, defaulting to 1000 [ 230.432949][ T9059] infiniband syz0: set active [ 230.434721][ T63] lo speed is unknown, defaulting to 1000 [ 230.437133][ T9059] infiniband syz0: added lo [ 230.472985][ T9059] RDS/IB: syz0: added [ 230.475962][ T9059] smc: adding ib device syz0 with port count 1 [ 230.477847][ T9059] smc: ib device syz0 port 1 has pnetid [ 230.479637][ T35] lo speed is unknown, defaulting to 1000 [ 230.481898][ T9059] lo speed is unknown, defaulting to 1000 [ 230.520404][ T9059] lo speed is unknown, defaulting to 1000 [ 230.562976][ T9059] lo speed is unknown, defaulting to 1000 [ 230.596345][ T9065] ISOFS: Unable to identify CD-ROM format. [ 230.608691][ T9059] lo speed is unknown, defaulting to 1000 [ 230.657023][ T9065] Process accounting resumed [ 230.676969][ T9059] lo speed is unknown, defaulting to 1000 [ 231.611321][ T9078] bridge0: port 3(syz_tun) entered blocking state [ 231.614205][ T9078] bridge0: port 3(syz_tun) entered disabled state [ 231.617173][ T9078] syz_tun: entered allmulticast mode [ 231.622116][ T9078] syz_tun: entered promiscuous mode [ 231.625789][ T9078] bridge0: port 3(syz_tun) entered blocking state [ 231.628284][ T9078] bridge0: port 3(syz_tun) entered forwarding state [ 232.553880][ T39] audit: type=1800 audit(1737434913.321:22): pid=9093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.728" name="/" dev="9p" ino=2 res=0 errno=0 [ 233.470430][ T9107] block nbd3: NBD_DISCONNECT [ 233.473275][ T9107] block nbd3: Disconnected due to user request. [ 233.477290][ T9107] block nbd3: shutting down sockets [ 235.201628][ T9132] netlink: 'syz.3.738': attribute type 12 has an invalid length. [ 235.496210][ T9149] netlink: 'syz.1.742': attribute type 12 has an invalid length. [ 237.303522][ T9184] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 240.863376][ T9236] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 241.225466][ T9249] netlink: 4 bytes leftover after parsing attributes in process `syz.0.772'. [ 241.229002][ T9249] netlink: 4 bytes leftover after parsing attributes in process `syz.0.772'. [ 241.556493][ T9258] capability: warning: `syz.1.775' uses deprecated v2 capabilities in a way that may be insecure [ 241.795492][ T9265] netlink: 'syz.0.776': attribute type 12 has an invalid length. [ 243.405895][ T9308] loop9: detected capacity change from 0 to 8 [ 243.409570][ T9307] input: syz0 as /devices/virtual/input/input7 [ 243.411755][ T9308] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 243.421980][ T9308] loop9: partition table partially beyond EOD, truncated [ 243.428794][ T9308] loop9: p1 size 81768186 extends beyond EOD, truncated [ 244.444484][ T5944] Bluetooth: hci0: unexpected event for opcode 0x2040 [ 244.561699][ C0] vkms_vblank_simulate: vblank timer overrun [ 244.624376][ C0] vkms_vblank_simulate: vblank timer overrun [ 244.814381][ C0] vkms_vblank_simulate: vblank timer overrun [ 245.141548][ T9329] syz.1.789: attempt to access beyond end of device [ 245.141548][ T9329] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0 [ 245.164472][ T9325] nbd1: detected capacity change from 0 to 67108884 [ 245.223391][ T9329] block nbd1: Send control failed (result -89) [ 245.234788][ T9329] block nbd1: Request send failed, requeueing [ 245.243816][ T5944] block nbd1: Receive control failed (result -32) [ 245.253107][ T8264] block nbd1: Dead connection, failed to find a fallback [ 245.260967][ T7918] block nbd1: Dead connection, failed to find a fallback [ 245.265757][ T8264] block nbd1: shutting down sockets [ 245.265942][ T7918] I/O error, dev nbd1, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 245.273069][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 245.277509][ T8264] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 245.282090][ T8264] Buffer I/O error on dev nbd1, logical block 0, async page read [ 245.286690][ T9329] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 245.292491][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=0, location=0 [ 245.293265][ T8264] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 245.336671][ T8264] Buffer I/O error on dev nbd1, logical block 1, async page read [ 245.341982][ T8264] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 245.342006][ T9329] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 245.346719][ T8264] Buffer I/O error on dev nbd1, logical block 2, async page read [ 245.348961][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=1, location=1 [ 245.350250][ T8264] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 245.353691][ T9329] I/O error, dev nbd1, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 245.359847][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 245.366029][ T8264] Buffer I/O error on dev nbd1, logical block 3, async page read [ 245.368642][ T8264] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 245.371239][ T8264] Buffer I/O error on dev nbd1, logical block 0, async page read [ 245.373568][ T8264] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 245.376318][ T8264] Buffer I/O error on dev nbd1, logical block 1, async page read [ 245.378585][ T8264] Buffer I/O error on dev nbd1, logical block 2, async page read [ 245.380855][ T8264] Buffer I/O error on dev nbd1, logical block 3, async page read [ 245.384255][ T8264] Buffer I/O error on dev nbd1, logical block 0, async page read [ 245.389048][ T8264] Buffer I/O error on dev nbd1, logical block 1, async page read [ 245.392123][ T8264] ldm_validate_partition_table(): Disk read failed. [ 245.395406][ T8264] Dev nbd1: unable to read RDB block 0 [ 245.397669][ T8264] nbd1: unable to read partition table [ 245.401921][ T8264] ldm_validate_partition_table(): Disk read failed. [ 245.404403][ T8264] Dev nbd1: unable to read RDB block 0 [ 245.407312][ T8264] nbd1: unable to read partition table [ 245.492101][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 245.499399][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16777220, location=16777220 [ 245.507161][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16776964, location=16776964 [ 245.518916][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16777219, location=16777219 [ 245.526556][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16776963, location=16776963 [ 245.530659][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16777218, location=16777218 [ 245.537883][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16776962, location=16776962 [ 245.543494][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16777070, location=16777070 [ 245.549236][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16776814, location=16776814 [ 245.553140][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16777068, location=16777068 [ 245.559865][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16776812, location=16776812 [ 245.564674][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 245.585308][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 245.596673][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388609, location=8388609 [ 245.606012][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388353, location=8388353 [ 245.617821][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388608, location=8388608 [ 245.625730][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388352, location=8388352 [ 245.646517][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388607, location=8388607 [ 245.658585][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388351, location=8388351 [ 245.662259][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388459, location=8388459 [ 245.665500][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388203, location=8388203 [ 245.669701][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388457, location=8388457 [ 245.673990][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388201, location=8388201 [ 245.677749][ T9329] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 245.681263][ T9329] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 247.557110][ T9377] kAFS: unable to lookup cell '.,' [ 249.186627][ T9407] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 249.196982][ T9407] [U]  [ 250.378748][ T9417] netlink: 8 bytes leftover after parsing attributes in process `syz.3.815'. [ 251.059763][ T9436] overlayfs: failed to resolve './file0': -2 [ 251.244494][ T8829] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 251.409548][ T8829] usb 7-1: Using ep0 maxpacket: 16 [ 251.415367][ T8829] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 251.418315][ T8829] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 251.425960][ T8829] usb 7-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 251.428591][ T8829] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.430796][ T8829] usb 7-1: Product: syz [ 251.442286][ T8829] usb 7-1: Manufacturer: syz [ 251.443681][ T8829] usb 7-1: SerialNumber: syz [ 251.453351][ T8829] usb 7-1: config 0 descriptor?? [ 252.150017][ T57] usb 7-1: USB disconnect, device number 9 [ 252.396192][ T9460] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 254.260560][ T5944] Bluetooth: hci1: unexpected event for opcode 0x2010 [ 254.558516][ T9491] bridge0: port 4(hsr_slave_1) entered blocking state [ 254.563885][ T9491] bridge0: port 4(hsr_slave_1) entered disabled state [ 254.566411][ T9491] hsr_slave_1: entered allmulticast mode [ 254.568939][ T9491] hsr_slave_1: left allmulticast mode [ 254.655045][ T9500] netlink: 'syz.2.836': attribute type 7 has an invalid length. [ 255.125610][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.128015][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.494132][ T39] audit: type=1800 audit(1737434936.261:23): pid=9521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.841" name="bus" dev="overlay" ino=1216 res=0 errno=0 [ 255.915196][ T9530] veth1_macvtap: left promiscuous mode [ 255.916871][ T9530] macsec0: entered promiscuous mode [ 255.918490][ T9530] macsec0: entered allmulticast mode [ 257.324218][ T9553] [U]  [ 258.326433][ T5944] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 258.329007][ T5944] Bluetooth: hci1: Injecting HCI hardware error event [ 258.332377][ T5297] Bluetooth: hci1: hardware error 0x00 [ 258.468546][ T9570] trusted_key: syz.3.855 sent an empty control message without MSG_MORE. [ 259.120778][ T9578] syz.3.858: attempt to access beyond end of device [ 259.120778][ T9578] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0 [ 259.127020][ T9578] syz.3.858: attempt to access beyond end of device [ 259.127020][ T9578] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 259.177874][ T9578] net veth1_virt_wifi ÿÿÿÿÿÿ: renamed from virt_wifi0 [ 260.229541][ T9597] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.250806][ T9597] bond0: (slave rose0): Enslaving as an active interface with an up link [ 260.404502][ T5297] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 261.484493][ T9645] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 261.652660][ T9646] block device autoloading is deprecated and will be removed. [ 261.779482][ T9650] netlink: 'syz.3.872': attribute type 12 has an invalid length. [ 263.082090][ T9667] netlink: 4 bytes leftover after parsing attributes in process `syz.1.878'. [ 263.426294][ T9685] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.476299][ T9686] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 263.499809][ T9685] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.645951][ T9685] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.787343][ T9685] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.860905][ T9685] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.867368][ T9685] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.872368][ T9685] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.878683][ T9685] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.031210][ T39] audit: type=1800 audit(1737434944.801:24): pid=9693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.886" name="/" dev="9p" ino=2 res=0 errno=0 [ 264.040433][ T9695] netlink: 4 bytes leftover after parsing attributes in process `syz.2.885'. [ 264.046531][ T9695] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 264.999917][ T39] audit: type=1800 audit(1737434945.771:25): pid=9715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.891" name="bus" dev="overlay" ino=1170 res=0 errno=0 [ 265.194509][ T39] audit: type=1800 audit(1737434945.961:26): pid=9724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.895" name="/" dev="9p" ino=2 res=0 errno=0 [ 266.468794][ T9747] veth1_macvtap: left promiscuous mode [ 266.470431][ T9747] macsec0: entered promiscuous mode [ 266.471970][ T9747] macsec0: entered allmulticast mode [ 268.487049][ T8829] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 268.644501][ T8829] usb 7-1: Using ep0 maxpacket: 8 [ 268.648760][ T8829] usb 7-1: config 167 has too many interfaces: 202, using maximum allowed: 32 [ 268.652488][ T8829] usb 7-1: config 167 has 1 interface, different from the descriptor's value: 202 [ 268.660340][ T8829] usb 7-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29 [ 268.665340][ T8829] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.672392][ T8829] usb 7-1: Product: syz [ 268.674570][ T8829] usb 7-1: Manufacturer: syz [ 268.677979][ T8829] usb 7-1: SerialNumber: syz [ 268.685407][ T8829] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state. [ 268.689047][ T8829] dvb-usb: bulk message failed: -22 (3/0) [ 268.712883][ T8829] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 268.719604][ T8829] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author) [ 268.730440][ T8829] usb 7-1: media controller created [ 268.746484][ T8829] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 268.877000][ T8829] dvb-usb: bulk message failed: -22 (6/0) [ 268.883957][ T8829] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author' [ 268.892825][ T8829] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input8 [ 268.900670][ T8829] dvb-usb: schedule remote query interval to 150 msecs. [ 268.902871][ T8829] dvb-usb: bulk message failed: -22 (3/0) [ 268.947748][ T8829] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected. [ 269.064896][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 269.067443][ T8829] dvb-usb: error while querying for an remote control event. [ 269.234799][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 269.240795][ T8829] dvb-usb: error while querying for an remote control event. [ 269.405935][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 269.407629][ T8829] dvb-usb: error while querying for an remote control event. [ 269.783242][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 269.785039][ T8829] dvb-usb: error while querying for an remote control event. [ 269.944444][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 269.946636][ T8829] dvb-usb: error while querying for an remote control event. [ 270.106385][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 270.108353][ T8829] dvb-usb: error while querying for an remote control event. [ 270.209002][ T9804] syz_tun: left allmulticast mode [ 270.211029][ T9804] syz_tun: left promiscuous mode [ 270.213023][ T9804] bridge0: port 3(syz_tun) entered disabled state [ 270.220400][ T9804] bond0: (slave batadv0): Releasing backup interface [ 270.223668][ T9804] batadv0: left promiscuous mode [ 270.239048][ T9804] bridge_slave_0: left allmulticast mode [ 270.241857][ T9804] bridge0: port 1(bridge_slave_0) entered disabled state [ 270.308375][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 270.308757][ T9804] bridge_slave_1: left allmulticast mode [ 270.310726][ T8829] dvb-usb: error while querying for an remote control event. [ 270.316512][ T9804] bridge_slave_1: left promiscuous mode [ 270.318889][ T9804] bridge0: port 2(bridge_slave_1) entered disabled state [ 270.329028][ T9804] bond0: (slave bond_slave_0): Releasing backup interface [ 270.331816][ T9804] bond_slave_0: left promiscuous mode [ 270.336644][ T9804] bond0: (slave bond_slave_1): Releasing backup interface [ 270.339353][ T9804] bond_slave_1: left promiscuous mode [ 270.354088][ T9804] team0: Port device team_slave_0 removed [ 270.360983][ T9804] team0: Port device team_slave_1 removed [ 270.362913][ T9804] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 270.365508][ T9804] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 270.368387][ T9804] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 270.370512][ T9804] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 270.375999][ T9804] bond1: (slave gretap1): Releasing active interface [ 270.380030][ T9805] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 270.474404][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 270.476066][ T8829] dvb-usb: error while querying for an remote control event. [ 270.644412][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 270.646106][ T8829] dvb-usb: error while querying for an remote control event. [ 270.816137][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 270.817849][ T8829] dvb-usb: error while querying for an remote control event. [ 270.947132][ T9819] ubi: mtd0 is already attached to ubi0 [ 270.974511][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 270.976204][ T8829] dvb-usb: error while querying for an remote control event. [ 271.144393][ T8829] dvb-usb: bulk message failed: -22 (1/0) [ 271.146177][ T8829] dvb-usb: error while querying for an remote control event. [ 271.183122][ T8829] usb 7-1: USB disconnect, device number 10 [ 271.221403][ T9827] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 271.230926][ T8829] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected. [ 272.307901][ T9851] netlink: 112 bytes leftover after parsing attributes in process `syz.2.928'. [ 274.034533][ T9879] input: syz0 as /devices/virtual/input/input9 [ 274.642033][ T9886] lo speed is unknown, defaulting to 1000 [ 275.751414][ T9907] netlink: 8 bytes leftover after parsing attributes in process `syz.0.940'. [ 276.907558][ T9918] ubi: mtd0 is already attached to ubi0 [ 276.979265][ T9921] netlink: 4 bytes leftover after parsing attributes in process `syz.1.945'. [ 276.981884][ T9921] netlink: 4 bytes leftover after parsing attributes in process `syz.1.945'. [ 279.162924][ T5297] Bluetooth: hci3: unexpected event for opcode 0x2040 [ 280.136283][ T9970] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 281.868726][T10009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.970'. [ 281.871372][T10009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.970'. [ 284.851832][T10054] netlink: 4 bytes leftover after parsing attributes in process `syz.3.981'. [ 284.854636][T10054] netlink: 4 bytes leftover after parsing attributes in process `syz.3.981'. [ 288.292060][T10104] netlink: 'syz.1.999': attribute type 12 has an invalid length. [ 289.238317][T10118] nvme_fabrics: missing parameter 'transport=%s' [ 289.240827][T10118] nvme_fabrics: missing parameter 'nqn=%s' [ 289.644455][ T835] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 289.794475][ T835] usb 6-1: Using ep0 maxpacket: 16 [ 289.798905][ T835] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 289.801843][ T835] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 289.806613][ T835] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 289.810627][ T835] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.813767][ T835] usb 6-1: Product: syz [ 289.815675][ T835] usb 6-1: Manufacturer: syz [ 289.817363][ T835] usb 6-1: SerialNumber: syz [ 289.822050][ T835] usb 6-1: config 0 descriptor?? [ 290.223121][T10146] netlink: 'syz.0.1010': attribute type 12 has an invalid length. [ 292.424551][ T1466] usb 6-1: USB disconnect, device number 6 [ 292.897547][T10177] loop9: detected capacity change from 0 to 8 [ 292.907509][T10177] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 292.909549][T10177] loop9: partition table partially beyond EOD, truncated [ 292.911998][T10177] loop9: p1 size 81768186 extends beyond EOD, truncated [ 294.391396][T10187] netlink: 'syz.3.1023': attribute type 12 has an invalid length. [ 294.917129][T10198] syz.0.1021: attempt to access beyond end of device [ 294.917129][T10198] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 294.921545][T10198] XFS (nbd0): SB validate failed with error -5. [ 295.620886][T10213] input: syz0 as /devices/virtual/input/input10 [ 295.923583][T10220] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1029'. [ 295.944938][T10220] syzkaller0: entered promiscuous mode [ 295.946549][T10220] syzkaller0: entered allmulticast mode [ 295.976864][T10219] nvme_fabrics: missing parameter 'transport=%s' [ 295.980421][T10219] nvme_fabrics: missing parameter 'nqn=%s' [ 298.645967][T10253] netlink: 'syz.2.1047': attribute type 12 has an invalid length. [ 298.714099][T10257] loop9: detected capacity change from 0 to 8 [ 298.719152][T10257] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 298.720759][T10257] loop9: partition table partially beyond EOD, truncated [ 298.723638][T10257] loop9: p1 size 81768186 extends beyond EOD, truncated [ 299.052855][T10260] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1039'. [ 300.389082][T10270] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1051'. [ 300.439146][T10277] input: syz0 as /devices/virtual/input/input11 [ 300.653227][T10281] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1043'. [ 300.682150][T10281] syzkaller0: entered promiscuous mode [ 300.684691][T10281] syzkaller0: entered allmulticast mode [ 302.515422][T10306] syz.0.1053: attempt to access beyond end of device [ 302.515422][T10306] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0 [ 302.519076][T10306] syz.0.1053: attempt to access beyond end of device [ 302.519076][T10306] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0 [ 302.530543][T10306] net veth1_virt_wifi ÿÿÿÿÿÿ: renamed from virt_wifi0 [ 303.151463][T10315] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 304.160389][T10333] input: syz0 as /devices/virtual/input/input12 [ 304.486436][T10345] netlink: 'syz.3.1062': attribute type 12 has an invalid length. [ 306.939135][T10390] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 20000 - 0 [ 306.941556][T10390] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 20000 - 0 [ 306.943928][T10390] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 20000 - 0 [ 306.946409][T10390] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 20000 - 0 [ 307.038724][T10390] netdevsim netdevsim2 eth0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 307.041290][T10390] netdevsim netdevsim2 eth1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 307.043785][T10390] netdevsim netdevsim2 eth2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 307.110856][T10393] input: syz0 as /devices/virtual/input/input13 [ 307.134634][ T39] audit: type=1326 audit(1737434987.901:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10392 comm="syz.1.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 307.141390][ T39] audit: type=1326 audit(1737434987.911:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10392 comm="syz.1.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 307.150852][ T39] audit: type=1326 audit(1737434987.921:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10392 comm="syz.1.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 307.157103][ T39] audit: type=1326 audit(1737434987.921:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10392 comm="syz.1.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 307.163208][ T39] audit: type=1326 audit(1737434987.921:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10392 comm="syz.1.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 307.169573][ T39] audit: type=1326 audit(1737434987.921:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10392 comm="syz.1.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 307.175889][T10390] netdevsim netdevsim2 eth3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 307.175988][ T39] audit: type=1326 audit(1737434987.921:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10392 comm="syz.1.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 307.178390][ T39] audit: type=1326 audit(1737434987.921:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10392 comm="syz.1.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 307.193001][T10390] geneve2: entered promiscuous mode [ 307.194639][T10390] geneve2: entered allmulticast mode [ 307.196462][ T39] audit: type=1326 audit(1737434987.921:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10392 comm="syz.1.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 307.221569][ T39] audit: type=1326 audit(1737434987.921:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10392 comm="syz.1.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 308.422206][T10412] input: syz0 as /devices/virtual/input/input14 [ 308.657571][T10416] binder: 10414:10416 ioctl ae01 0 returned -22 [ 309.385198][T10429] netlink: 'syz.2.1087': attribute type 12 has an invalid length. [ 312.212806][ T57] hid-generic 0000:0000:0000.0009: hidraw1: HID v0.00 Device [syz1] on syz1 [ 313.131749][T10499] lo speed is unknown, defaulting to 1000 [ 313.322655][ T57] libceph: connect (1)[c::]:6789 error -101 [ 313.325792][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 313.589569][ T57] libceph: connect (1)[c::]:6789 error -101 [ 313.591786][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 313.849052][T10505] ceph: No mds server is up or the cluster is laggy [ 314.575232][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.253340][T10544] input: syz0 as /devices/virtual/input/input15 [ 315.267710][ T39] kauditd_printk_skb: 266 callbacks suppressed [ 315.267725][ T39] audit: type=1326 audit(1737434996.041:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.2.1118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 315.289428][ T39] audit: type=1326 audit(1737434996.041:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.2.1118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 315.296872][ T39] audit: type=1326 audit(1737434996.041:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.2.1118" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 315.303845][ T39] audit: type=1326 audit(1737434996.041:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.2.1118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 315.312299][ T39] audit: type=1326 audit(1737434996.041:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.2.1118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 315.318936][ T39] audit: type=1326 audit(1737434996.041:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.2.1118" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 315.326703][ T39] audit: type=1326 audit(1737434996.041:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.2.1118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 315.334897][ T39] audit: type=1326 audit(1737434996.041:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.2.1118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 315.342662][ T39] audit: type=1326 audit(1737434996.041:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.2.1118" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 315.350622][ T39] audit: type=1326 audit(1737434996.041:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.2.1118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 315.448409][ T6074] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.613246][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.782491][T10552] syz.2.1119: attempt to access beyond end of device [ 315.782491][T10552] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0 [ 315.788632][T10552] syz.2.1119: attempt to access beyond end of device [ 315.788632][T10552] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0 [ 315.792630][T10552] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 315.798302][T10552] syz.2.1119: attempt to access beyond end of device [ 315.798302][T10552] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 315.803733][T10552] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 315.807820][T10552] syz.2.1119: attempt to access beyond end of device [ 315.807820][T10552] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0 [ 315.811892][T10552] syz.2.1119: attempt to access beyond end of device [ 315.811892][T10552] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 315.816804][T10552] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 315.822151][T10552] syz.2.1119: attempt to access beyond end of device [ 315.822151][T10552] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 315.826268][T10552] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 315.830002][T10552] syz.2.1119: attempt to access beyond end of device [ 315.830002][T10552] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0 [ 315.837108][T10552] syz.2.1119: attempt to access beyond end of device [ 315.837108][T10552] nbd2: rw=0, sector=2048, nr_sectors = 8 limit=0 [ 315.841510][T10552] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 315.845237][T10552] syz.2.1119: attempt to access beyond end of device [ 315.845237][T10552] nbd2: rw=0, sector=4096, nr_sectors = 8 limit=0 [ 315.849047][T10552] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 315.851874][T10552] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 315.951238][T10550] nbd2: detected capacity change from 0 to 67108884 [ 315.967301][ T8264] block nbd2: Send control failed (result -89) [ 316.194491][ T8264] block nbd2: Request send failed, requeueing [ 316.201673][ T5297] block nbd2: Receive control failed (result -32) [ 316.221170][ T52] block nbd2: Dead connection, failed to find a fallback [ 316.223875][ T52] block nbd2: shutting down sockets [ 316.225798][ T52] blk_print_req_error: 147 callbacks suppressed [ 316.225807][ T52] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 316.230449][ T52] buffer_io_error: 116 callbacks suppressed [ 316.232462][ T52] Buffer I/O error on dev nbd2, logical block 0, async page read [ 316.244009][ T8264] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 316.300173][ T8264] Buffer I/O error on dev nbd2, logical block 0, async page read [ 316.310088][ T8264] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 316.314878][ T8264] Buffer I/O error on dev nbd2, logical block 0, async page read [ 316.318358][ T8264] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 316.320973][ T8264] Buffer I/O error on dev nbd2, logical block 0, async page read [ 316.324281][ T8264] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 316.328828][ T8264] Buffer I/O error on dev nbd2, logical block 0, async page read [ 316.332274][ T8264] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 316.336221][ T8264] Buffer I/O error on dev nbd2, logical block 0, async page read [ 316.338873][ T8264] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 316.341488][ T8264] Buffer I/O error on dev nbd2, logical block 0, async page read [ 316.344812][ T8264] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 316.347598][ T8264] Buffer I/O error on dev nbd2, logical block 0, async page read [ 316.351061][ T8264] ldm_validate_partition_table(): Disk read failed. [ 316.353450][ T8264] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 316.357432][ T8264] Buffer I/O error on dev nbd2, logical block 0, async page read [ 316.359741][ T8264] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 316.363862][ T8264] Buffer I/O error on dev nbd2, logical block 0, async page read [ 316.367933][ T8264] Dev nbd2: unable to read RDB block 0 [ 316.369712][ T8264] nbd2: unable to read partition table [ 316.434774][ T8264] ldm_validate_partition_table(): Disk read failed. [ 316.464919][ T8264] Dev nbd2: unable to read RDB block 0 [ 316.466933][ T8264] nbd2: unable to read partition table [ 316.479832][ T8264] ldm_validate_partition_table(): Disk read failed. [ 316.486143][ T8264] Dev nbd2: unable to read RDB block 0 [ 316.487947][ T8264] nbd2: unable to read partition table [ 316.568426][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.570292][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.620413][T10561] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 316.622588][T10561] UDF-fs: Scanning with blocksize 2048 failed [ 316.625100][T10561] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 316.627222][T10561] UDF-fs: Scanning with blocksize 4096 failed [ 316.645977][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 317.136901][T10576] input: syz0 as /devices/virtual/input/input16 [ 317.462694][T10587] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1130'. [ 317.684778][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.102216][T10602] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 20000 - 0 [ 318.104778][T10602] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 20000 - 0 [ 318.107616][T10602] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 20000 - 0 [ 318.110012][T10602] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 20000 - 0 [ 318.116206][T10602] netdevsim netdevsim1 eth0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 318.118776][T10602] netdevsim netdevsim1 eth1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 318.121634][T10602] netdevsim netdevsim1 eth2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 318.124272][T10602] netdevsim netdevsim1 eth3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 318.127624][T10602] geneve2: entered promiscuous mode [ 318.129156][T10602] geneve2: entered allmulticast mode [ 318.486410][ T6074] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.724662][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.786882][T10612] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.764536][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.768251][ T5983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.649135][T10644] lo speed is unknown, defaulting to 1000 [ 320.652518][T10644] lo speed is unknown, defaulting to 1000 [ 320.656624][T10644] lo speed is unknown, defaulting to 1000 [ 320.710373][T10647] lo speed is unknown, defaulting to 1000 [ 320.712075][T10647] lo speed is unknown, defaulting to 1000 [ 320.714693][T10644] infiniband sz1: set active [ 320.716116][T10644] infiniband sz1: added lo [ 320.724473][ T6470] lo speed is unknown, defaulting to 1000 [ 320.724700][T10647] lo speed is unknown, defaulting to 1000 [ 320.729889][T10644] RDS/IB: sz1: added [ 320.731088][T10644] smc: adding ib device sz1 with port count 1 [ 320.732910][T10644] smc: ib device sz1 port 1 has pnetid [ 320.735602][T10644] lo speed is unknown, defaulting to 1000 [ 320.773806][T10650] »»»»»»: renamed from lo (while UP) [ 320.794464][ T6470] »»»»»» speed is unknown, defaulting to 1000 [ 320.800490][T10644] »»»»»» speed is unknown, defaulting to 1000 [ 320.804655][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.890440][T10652] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.893299][T10652] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.896191][T10652] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.903645][T10652] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.904053][T10644] »»»»»» speed is unknown, defaulting to 1000 [ 320.913703][T10652] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.923264][T10651] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.987882][T10644] »»»»»» speed is unknown, defaulting to 1000 [ 321.025816][T10644] »»»»»» speed is unknown, defaulting to 1000 [ 321.068150][T10647] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 321.072651][T10647] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 321.087853][T10647] »»»»»» speed is unknown, defaulting to 1000 [ 321.090208][T10647] »»»»»» speed is unknown, defaulting to 1000 [ 321.092358][T10647] »»»»»» speed is unknown, defaulting to 1000 [ 321.134612][T10647] »»»»»» speed is unknown, defaulting to 1000 [ 321.188976][T10659] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 321.192364][T10647] »»»»»» speed is unknown, defaulting to 1000 [ 321.784463][T10661] can0: slcan on ttyS3. [ 321.924976][T10661] can0 (unregistered): slcan off ttyS3. [ 322.063111][T10675] netlink: 'syz.0.1152': attribute type 12 has an invalid length. [ 322.644471][ T5981] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 322.825395][ T5981] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 322.828410][ T5981] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 322.831342][ T5981] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 322.835224][ T5981] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 322.839577][ T5981] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 322.844663][ T5981] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 322.847355][ T5981] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 322.849620][ T5981] usb 7-1: Product: syz [ 322.850820][ T5981] usb 7-1: Manufacturer: syz [ 322.858655][ T5981] cdc_wdm 7-1:1.0: skipping garbage [ 322.861138][ T5981] cdc_wdm 7-1:1.0: skipping garbage [ 322.866881][ T5981] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 322.869293][ T5981] cdc_wdm 7-1:1.0: Unknown control protocol [ 323.500655][ T6470] usb 7-1: USB disconnect, device number 11 [ 323.831363][T10715] netlink: 'syz.3.1162': attribute type 4 has an invalid length. [ 324.893843][T10730] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1167'. [ 325.010945][T10730] hsr_slave_1 (unregistering): left promiscuous mode [ 325.016248][T10728] lo speed is unknown, defaulting to 1000 [ 325.124854][ T57] net_ratelimit: 5 callbacks suppressed [ 325.124865][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.264915][T10728] »»»»»» speed is unknown, defaulting to 1000 [ 325.614635][T10739] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.617459][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.620873][T10739] smc: net device wg0 applied user defined pnetid SYZ0 [ 325.665073][T10728] »»»»»» speed is unknown, defaulting to 1000 [ 326.001983][T10749] netdevsim netdevsim3 eth0: set [1, 1] type 2 family 0 port 20000 - 0 [ 326.005569][T10749] netdevsim netdevsim3 eth1: set [1, 1] type 2 family 0 port 20000 - 0 [ 326.008993][T10749] netdevsim netdevsim3 eth2: set [1, 1] type 2 family 0 port 20000 - 0 [ 326.012338][T10749] netdevsim netdevsim3 eth3: set [1, 1] type 2 family 0 port 20000 - 0 [ 326.017276][T10749] netdevsim netdevsim3 eth0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 326.020488][T10749] netdevsim netdevsim3 eth1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 326.023672][T10749] netdevsim netdevsim3 eth2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 326.027272][T10749] netdevsim netdevsim3 eth3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 326.034892][T10749] geneve2: entered promiscuous mode [ 326.037076][T10749] geneve2: entered allmulticast mode [ 326.178762][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 327.209700][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 327.327197][T10774] input: syz0 as /devices/virtual/input/input17 [ 327.604689][ T63] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 327.837697][T10778] netlink: 'syz.3.1178': attribute type 12 has an invalid length. [ 328.292895][T10789] lo speed is unknown, defaulting to 1000 [ 328.316237][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 328.469347][T10789] »»»»»» speed is unknown, defaulting to 1000 [ 328.525341][T10789] »»»»»» speed is unknown, defaulting to 1000 [ 328.828635][T10796] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 329.364612][ T5981] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 329.408603][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.245614][T10819] netlink: 'syz.3.1189': attribute type 4 has an invalid length. [ 330.544941][T10828] lo speed is unknown, defaulting to 1000 [ 330.675160][T10828] »»»»»» speed is unknown, defaulting to 1000 [ 330.686725][ T6074] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.731202][T10828] »»»»»» speed is unknown, defaulting to 1000 [ 330.739792][T10836] rdma_rxe: rxe_newlink: failed to add lo [ 330.743219][T10836] siw: device registration error -23 [ 330.747230][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.749694][T10827] »»»»»»: renamed from lo [ 330.759352][T10835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 330.762431][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.764580][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.925303][ T5983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.082950][T10856] smc: net device wg0 applied user defined pnetid SYZ0 [ 332.493284][T10867] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1201'. [ 332.527708][T10867] [ 332.528455][T10867] ====================================================== [ 332.530447][T10867] WARNING: possible circular locking dependency detected [ 332.532423][T10867] 6.13.0-syzkaller-00603-g3d3a9c8b89d4 #0 Not tainted [ 332.535175][T10867] ------------------------------------------------------ [ 332.537856][T10867] syz.0.1201/10867 is trying to acquire lock: [ 332.539589][T10867] ffff8880455136c0 (&q->sysfs_lock){+.+.}-{4:4}, at: blk_register_queue+0x132/0x4f0 [ 332.542155][T10867] [ 332.542155][T10867] but task is already holding lock: [ 332.544222][T10867] ffff888045513750 (&q->sysfs_dir_lock){+.+.}-{4:4}, at: blk_register_queue+0x5c/0x4f0 [ 332.547021][T10867] [ 332.547021][T10867] which lock already depends on the new lock. [ 332.547021][T10867] [ 332.549967][T10867] [ 332.549967][T10867] the existing dependency chain (in reverse order) is: [ 332.552525][T10867] [ 332.552525][T10867] -> #5 (&q->sysfs_dir_lock){+.+.}-{4:4}: [ 332.554761][T10867] __mutex_lock+0x19b/0xa60 [ 332.556176][T10867] blk_mq_sysfs_unregister_hctxs+0x92/0x2d0 [ 332.557978][T10867] __blk_mq_update_nr_hw_queues+0x93f/0x1460 [ 332.559788][T10867] blk_mq_update_nr_hw_queues+0x2a/0x40 [ 332.561506][T10867] nbd_start_device+0x15b/0xd70 [ 332.562994][T10867] nbd_ioctl+0x21a/0xfd0 [ 332.564363][T10867] compat_blkdev_ioctl+0x2f7/0x750 [ 332.565935][T10867] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 332.567589][T10867] __do_fast_syscall_32+0x73/0x120 [ 332.569194][T10867] do_fast_syscall_32+0x32/0x80 [ 332.570738][T10867] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 332.572717][T10867] [ 332.572717][T10867] -> #4 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 332.575221][T10867] blk_mq_submit_bio+0x1fb6/0x24c0 [ 332.576832][T10867] __submit_bio+0x384/0x540 [ 332.578289][T10867] submit_bio_noacct_nocheck+0x698/0xd70 [ 332.580023][T10867] submit_bio_noacct+0x93a/0x1e20 [ 332.581600][T10867] mpage_readahead+0x41d/0x590 [ 332.583121][T10867] read_pages+0x1a8/0xdc0 [ 332.584490][T10867] page_cache_ra_unbounded+0x3dc/0x750 [ 332.586168][T10867] force_page_cache_ra+0x24b/0x340 [ 332.587691][T10867] page_cache_sync_ra+0x110/0x9c0 [ 332.589206][T10867] filemap_get_pages+0xd7b/0x1be0 [ 332.590703][T10867] filemap_read+0x3ca/0xd70 [ 332.592146][T10867] blkdev_read_iter+0x187/0x480 [ 332.593647][T10867] vfs_read+0x87f/0xbe0 [ 332.595027][T10867] ksys_read+0x12b/0x250 [ 332.596389][T10867] do_syscall_64+0xcd/0x250 [ 332.597844][T10867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.599639][T10867] [ 332.599639][T10867] -> #3 (mapping.invalidate_lock#2){++++}-{4:4}: [ 332.602029][T10867] down_read+0x9a/0x330 [ 332.603330][T10867] page_cache_ra_unbounded+0x173/0x750 [ 332.604988][T10867] page_cache_ra_order+0x8f2/0xc80 [ 332.606527][T10867] filemap_fault+0x14a5/0x2820 [ 332.608048][T10867] __do_fault+0x10a/0x490 [ 332.609444][T10867] do_pte_missing+0x1a8/0x3e00 [ 332.610960][T10867] __handle_mm_fault+0x103c/0x2a40 [ 332.612576][T10867] handle_mm_fault+0x3fa/0xaa0 [ 332.614095][T10867] __get_user_pages+0x8d9/0x3b50 [ 332.615682][T10867] get_user_pages_unlocked+0x1c2/0x780 [ 332.617404][T10867] hva_to_pfn+0x8be/0xc20 [ 332.618778][T10867] kvm_follow_pfn+0x29f/0x3f0 [ 332.620151][T10867] __kvm_faultin_pfn+0x11c/0x1a0 [ 332.621649][T10867] kvm_mmu_faultin_pfn+0x469/0x1f30 [ 332.623141][T10867] kvm_tdp_page_fault+0x182/0x3d0 [ 332.624668][T10867] kvm_mmu_do_page_fault+0x58d/0x690 [ 332.626240][T10867] kvm_mmu_page_fault+0x20f/0x1bb0 [ 332.627756][T10867] handle_ept_violation+0x25a/0x640 [ 332.629245][T10867] vmx_handle_exit+0x733/0x1f70 [ 332.630709][T10867] vcpu_run+0x2aaf/0x4c00 [ 332.632047][T10867] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 332.633792][T10867] kvm_vcpu_ioctl+0x6ce/0x1520 [ 332.635238][T10867] kvm_vcpu_compat_ioctl+0x210/0x3f0 [ 332.636874][T10867] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 332.638455][T10867] __do_fast_syscall_32+0x73/0x120 [ 332.639964][T10867] do_fast_syscall_32+0x32/0x80 [ 332.641453][T10867] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 332.643295][T10867] [ 332.643295][T10867] -> #2 (&mm->mmap_lock){++++}-{4:4}: [ 332.645344][T10867] __might_fault+0x11b/0x190 [ 332.646716][T10867] _copy_from_user+0x29/0xd0 [ 332.648121][T10867] compat_blk_trace_setup+0xc9/0x200 [ 332.649640][T10867] blk_trace_ioctl+0x24a/0x290 [ 332.651035][T10867] compat_blkdev_ioctl+0x13c/0x750 [ 332.652521][T10867] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 332.654149][T10867] __do_fast_syscall_32+0x73/0x120 [ 332.655702][T10867] do_fast_syscall_32+0x32/0x80 [ 332.657186][T10867] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 332.659073][T10867] [ 332.659073][T10867] -> #1 (&q->debugfs_mutex){+.+.}-{4:4}: [ 332.661296][T10867] __mutex_lock+0x19b/0xa60 [ 332.662746][T10867] blk_register_queue+0x13c/0x4f0 [ 332.664337][T10867] add_disk_fwnode+0x785/0x1300 [ 332.665804][T10867] brd_alloc.isra.0+0x50a/0x7c0 [ 332.667227][T10867] brd_init+0x12b/0x1d0 [ 332.668515][T10867] do_one_initcall+0x128/0x630 [ 332.669921][T10867] kernel_init_freeable+0x58f/0x8b0 [ 332.671543][T10867] kernel_init+0x1c/0x2b0 [ 332.672916][T10867] ret_from_fork+0x45/0x80 [ 332.674280][T10867] ret_from_fork_asm+0x1a/0x30 [ 332.675809][T10867] [ 332.675809][T10867] -> #0 (&q->sysfs_lock){+.+.}-{4:4}: [ 332.677939][T10867] __lock_acquire+0x249e/0x3c40 [ 332.679426][T10867] lock_acquire.part.0+0x11b/0x380 [ 332.681009][T10867] __mutex_lock+0x19b/0xa60 [ 332.682423][T10867] blk_register_queue+0x132/0x4f0 [ 332.684102][T10867] add_disk_fwnode+0x785/0x1300 [ 332.685616][T10867] nbd_dev_add+0x78b/0xbc0 [ 332.687020][T10867] nbd_genl_connect+0x8b1/0x1c00 [ 332.688591][T10867] genl_family_rcv_msg_doit+0x202/0x2f0 [ 332.690275][T10867] genl_rcv_msg+0x565/0x800 [ 332.691708][T10867] netlink_rcv_skb+0x165/0x410 [ 332.693203][T10867] genl_rcv+0x28/0x40 [ 332.694494][T10867] netlink_unicast+0x53c/0x7f0 [ 332.695998][T10867] netlink_sendmsg+0x8b8/0xd70 [ 332.697483][T10867] ____sys_sendmsg+0x9ae/0xb40 [ 332.698999][T10867] ___sys_sendmsg+0x135/0x1e0 [ 332.700482][T10867] __sys_sendmsg+0x16e/0x220 [ 332.701965][T10867] __do_fast_syscall_32+0x73/0x120 [ 332.703558][T10867] do_fast_syscall_32+0x32/0x80 [ 332.705097][T10867] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 332.707059][T10867] [ 332.707059][T10867] other info that might help us debug this: [ 332.707059][T10867] [ 332.709969][T10867] Chain exists of: [ 332.709969][T10867] &q->sysfs_lock --> &q->q_usage_counter(io)#51 --> &q->sysfs_dir_lock [ 332.709969][T10867] [ 332.713991][T10867] Possible unsafe locking scenario: [ 332.713991][T10867] [ 332.716111][T10867] CPU0 CPU1 [ 332.717674][T10867] ---- ---- [ 332.719214][T10867] lock(&q->sysfs_dir_lock); [ 332.720537][T10867] lock(&q->q_usage_counter(io)#51); [ 332.722717][T10867] lock(&q->sysfs_dir_lock); [ 332.724739][T10867] lock(&q->sysfs_lock); [ 332.725964][T10867] [ 332.725964][T10867] *** DEADLOCK *** [ 332.725964][T10867] [ 332.728254][T10867] 3 locks held by syz.0.1201/10867: [ 332.729708][T10867] #0: ffffffff8ff73d50 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 332.732009][T10867] #1: ffffffff8ff73e08 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x580/0x800 [ 332.734515][T10867] #2: ffff888045513750 (&q->sysfs_dir_lock){+.+.}-{4:4}, at: blk_register_queue+0x5c/0x4f0 [ 332.737402][T10867] [ 332.737402][T10867] stack backtrace: [ 332.739147][T10867] CPU: 1 UID: 0 PID: 10867 Comm: syz.0.1201 Not tainted 6.13.0-syzkaller-00603-g3d3a9c8b89d4 #0 [ 332.742092][T10867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 332.745171][T10867] Call Trace: [ 332.746133][T10867] [ 332.746990][T10867] dump_stack_lvl+0x116/0x1f0 [ 332.748334][T10867] print_circular_bug+0x41c/0x610 [ 332.749703][T10867] check_noncircular+0x31a/0x400 [ 332.751064][T10867] ? __pfx_check_noncircular+0x10/0x10 [ 332.752580][T10867] ? hlock_class+0x4e/0x130 [ 332.753847][T10867] ? lockdep_lock+0xc6/0x200 [ 332.755211][T10867] ? __pfx_lockdep_lock+0x10/0x10 [ 332.756658][T10867] __lock_acquire+0x249e/0x3c40 [ 332.758087][T10867] ? __pfx___lock_acquire+0x10/0x10 [ 332.759588][T10867] ? xa_find_after+0x291/0x480 [ 332.760969][T10867] lock_acquire.part.0+0x11b/0x380 [ 332.762439][T10867] ? blk_register_queue+0x132/0x4f0 [ 332.763948][T10867] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 332.765563][T10867] ? rcu_is_watching+0x12/0xc0 [ 332.766943][T10867] ? trace_lock_acquire+0x14e/0x1f0 [ 332.768456][T10867] ? blk_register_queue+0x132/0x4f0 [ 332.770052][T10867] ? lock_acquire+0x2f/0xb0 [ 332.771380][T10867] ? blk_register_queue+0x132/0x4f0 [ 332.772879][T10867] __mutex_lock+0x19b/0xa60 [ 332.774154][T10867] ? blk_register_queue+0x132/0x4f0 [ 332.775619][T10867] ? blk_register_queue+0x132/0x4f0 [ 332.777094][T10867] ? __pfx___mutex_lock+0x10/0x10 [ 332.778527][T10867] ? kobject_add+0x17c/0x240 [ 332.779870][T10867] ? blk_register_queue+0x132/0x4f0 [ 332.781236][T10867] blk_register_queue+0x132/0x4f0 [ 332.782582][T10867] add_disk_fwnode+0x785/0x1300 [ 332.783983][T10867] nbd_dev_add+0x78b/0xbc0 [ 332.785292][T10867] ? trace_contention_end+0xee/0x140 [ 332.786805][T10867] ? __pfx_nbd_dev_add+0x10/0x10 [ 332.788297][T10867] ? __mutex_lock+0x1cc/0xa60 [ 332.789698][T10867] ? bpf_lsm_capable+0x9/0x10 [ 332.791056][T10867] ? __radix_tree_lookup+0x21f/0x2c0 [ 332.792597][T10867] nbd_genl_connect+0x8b1/0x1c00 [ 332.794027][T10867] ? __pfx_nbd_genl_connect+0x10/0x10 [ 332.795587][T10867] ? __nla_parse+0x40/0x60 [ 332.796877][T10867] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 332.799002][T10867] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 332.801097][T10867] genl_family_rcv_msg_doit+0x202/0x2f0 [ 332.802638][T10867] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 332.804384][T10867] ? genl_get_cmd+0x195/0x580 [ 332.805781][T10867] ? __radix_tree_lookup+0x21f/0x2c0 [ 332.807321][T10867] genl_rcv_msg+0x565/0x800 [ 332.808659][T10867] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.810085][T10867] ? __pfx_nbd_genl_connect+0x10/0x10 [ 332.811595][T10867] ? __pfx___lock_acquire+0x10/0x10 [ 332.813092][T10867] netlink_rcv_skb+0x165/0x410 [ 332.814473][T10867] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.815906][T10867] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 332.817426][T10867] ? down_read+0xc9/0x330 [ 332.818693][T10867] ? __pfx_down_read+0x10/0x10 [ 332.820087][T10867] ? netlink_deliver_tap+0x1ae/0xca0 [ 332.821608][T10867] genl_rcv+0x28/0x40 [ 332.822829][T10867] netlink_unicast+0x53c/0x7f0 [ 332.824197][T10867] ? __pfx_netlink_unicast+0x10/0x10 [ 332.825693][T10867] ? __phys_addr_symbol+0x30/0x80 [ 332.827121][T10867] ? __check_object_size+0x488/0x710 [ 332.828617][T10867] netlink_sendmsg+0x8b8/0xd70 [ 332.829962][T10867] ? __pfx_netlink_sendmsg+0x10/0x10 [ 332.831487][T10867] ____sys_sendmsg+0x9ae/0xb40 [ 332.832878][T10867] ? __pfx_____sys_sendmsg+0x10/0x10 [ 332.834393][T10867] ? get_compat_msghdr+0x11b/0x170 [ 332.835881][T10867] ___sys_sendmsg+0x135/0x1e0 [ 332.837242][T10867] ? __pfx____sys_sendmsg+0x10/0x10 [ 332.838757][T10867] ? __pfx_lock_release+0x10/0x10 [ 332.840208][T10867] ? trace_lock_acquire+0x14e/0x1f0 [ 332.841709][T10867] ? bpf_send_signal_common+0x3b0/0x520 [ 332.843281][T10867] ? __fget_files+0x206/0x3a0 [ 332.844602][T10867] __sys_sendmsg+0x16e/0x220 [ 332.845949][T10867] ? __pfx___sys_sendmsg+0x10/0x10 [ 332.847368][T10867] ? rcu_is_watching+0x12/0xc0 [ 332.848778][T10867] __do_fast_syscall_32+0x73/0x120 [ 332.850221][T10867] do_fast_syscall_32+0x32/0x80 [ 332.851566][T10867] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 332.853357][T10867] RIP: 0023:0xf7f68579 [ 332.854530][T10867] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 332.860122][T10867] RSP: 002b:00000000f507455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 332.862576][T10867] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000240 [ 332.864846][T10867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 332.867111][T10867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 332.869325][T10867] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 332.871529][T10867] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 332.873776][T10867] [ 332.895939][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 333.765342][ T6074] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 333.924535][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 334.966649][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 336.004597][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 336.804672][ T6074] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 337.047512][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 338.084989][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 339.126491][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 339.844787][ T6074] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 340.164753][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 341.206348][ T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 341.524872][ T5983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 342.164738][ T63] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 342.254574][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog VM DIAGNOSIS: 04:41:40 Registers: info registers vcpu 0 CPU#0 RAX=00000000008dcf7c RBX=0000000000000000 RCX=ffffffff8b1df559 RDX=ffffed1005686fee RSI=ffffffff8bd24700 RDI=ffffffff81704689 RBP=fffffbfff1bd2ef8 RSP=ffffffff8de07e20 R8 =0000000000000000 R9 =ffffed1005686fed R10=ffff88802b437f6b R11=0000000000000001 R12=0000000000000000 R13=ffffffff8de977c0 R14=ffffffff905e4750 R15=0000000000000000 RIP=ffffffff8b1e093f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f31fffc CR3=0000000070aa6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 00c800a400000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8517b025 RDI=ffffffff9aa92500 RBP=ffffffff9aa924c0 RSP=ffffc90025f1e810 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=732d302e33312e36 R12=0000000000000000 R13=0000000000000074 R14=ffffffff8517afc0 R15=0000000000000000 RIP=ffffffff8517b04f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f300ffc CR3=000000006f43a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c800000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000003 RBX=ffff88802b637f68 RCX=ffffffff8175854c RDX=0000000000000000 RSI=ffffffff8bd24700 RDI=ffffffff8da48cf0 RBP=0000000000000002 RSP=ffffc9000619fe10 R8 =0000000000000000 R9 =fffffbfff20bc8ea R10=ffffffff905e4757 R11=00000000000a4001 R12=0000000000000000 R13=000000000003da8c R14=0000000000000001 R15=0000000000000000 RIP=ffffffff817f34cd RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fa9f1ca8280 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000584ef4c0 CR3=00000000129d0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000044000001 Opmask01=000000000000001f Opmask02=000000000000ffdf Opmask03=2040000404420020 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffdf7c66d0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000 00ff000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5dd70efbdff9a372 73732525cecad895 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373e2 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d25203a7325206b 6e696c6d79732065 7461657263206f74 2064656c69614600 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4800051f5600054e 4b4c49485c560540 5144405746054a51 054140494c444600 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000201 000000302f716d00 32706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000006563616672 65746e695f627375 0000000000000021 000000000000302e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 333b263d333b263f 333b2639333b2638 333b263b333b263a 333b264c323b264f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 264c383a3a264f38 3a3a264e383a3a26 49383a3a2648383a 3a2633383a3a2632 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000452e6c RBX=0000000000000003 RCX=ffffffff8b1df559 RDX=ffffed10056e6fee RSI=ffffffff8bd24700 RDI=ffffffff81704689 RBP=ffffed1003ad7488 RSP=ffffc9000049fe08 R8 =0000000000000000 R9 =ffffed10056e6fed R10=ffff88802b737f6b R11=0000000000000001 R12=0000000000000003 R13=ffff88801d6ba440 R14=ffffffff905e4750 R15=0000000000000000 RIP=ffffffff8b1e093f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c377389 CR3=000000006f43a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000