last executing test programs: 12m58.945375689s ago: executing program 0 (id=601): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x92, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, r4, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @remote}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}]}, 0x2c}}, 0x0) 12m55.97357748s ago: executing program 0 (id=606): unshare(0x22020400) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crct10dif-generic)\x00'}, 0x58) 12m54.692546059s ago: executing program 0 (id=607): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000200)) openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000440)='4', 0x1}], 0x1) 12m54.303802761s ago: executing program 0 (id=608): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000140)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0xc2, 0x1, 0x0, 0x0, {[@generic={0x8, 0x2}, @exp_fastopen={0xfe, 0x4}]}}}}}}}, 0x0) 12m53.989653861s ago: executing program 1 (id=609): r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000002380)=""/224) setsockopt$inet6_int(r4, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4) 12m53.456254737s ago: executing program 0 (id=610): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0xa4, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x56, 0xe, {{}, 0x9, @default, 0x0, @void, @void, @void, @val={0x4, 0x6, {0x10}}, @void, @val={0x5, 0x3, {0xd, 0x2, 0xb6}}, @val={0x25, 0x3}, @void, @void, @val={0x2d, 0x1a, {0x0, 0x0, 0x0, 0x0, {0x1000000000000}, 0x6, 0x6}}, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon=[@NL80211_ATTR_IE_PROBE_RESP={0xd, 0x7f, [@mesh_config={0x71, 0x7, {0xffffffffffffffff, 0x0, 0x1, 0x1, 0x0, 0x81, 0x40}}]}, @NL80211_ATTR_PROBE_RESP={0x4}, @NL80211_ATTR_IE_ASSOC_RESP={0x4}]]}, 0xa4}}, 0x0) 12m52.05972254s ago: executing program 0 (id=611): r0 = syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r5, 0x2}, 0x18) syz_usb_connect(0x1, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0) syz_genetlink_get_family_id$devlink(0x0, r4) close_range(r4, 0xffffffffffffffff, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d) syz_usb_control_io(r0, 0x0, 0x0) 12m44.474494381s ago: executing program 1 (id=612): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x24, 0x140f, 0x1, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x9, 0x45, 'issm\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) 12m44.19727574s ago: executing program 1 (id=613): r0 = socket$inet(0x2, 0x4000000805, 0x0) listen(r0, 0x7) sendmmsg(r0, &(0x7f0000000e40)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @local}, 0x80, &(0x7f0000000300)=[{&(0x7f00000000c0)="ae", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[], 0x18}}], 0x2, 0x0) 12m43.983725537s ago: executing program 1 (id=614): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0xf0, &(0x7f0000000280)={&(0x7f00000002c0)={0x24, r1, 0x331, 0x0, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0) 12m42.623352558s ago: executing program 1 (id=615): bind$alg(0xffffffffffffffff, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000800)={0x6}) 12m39.853373262s ago: executing program 1 (id=616): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="000005"]) 12m6.679218057s ago: executing program 32 (id=611): r0 = syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r5, 0x2}, 0x18) syz_usb_connect(0x1, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0) syz_genetlink_get_family_id$devlink(0x0, r4) close_range(r4, 0xffffffffffffffff, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d) syz_usb_control_io(r0, 0x0, 0x0) 11m54.539660187s ago: executing program 33 (id=616): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="000005"]) 10m31.657324009s ago: executing program 3 (id=666): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0x15) mprotect(&(0x7f0000004000/0x3000)=nil, 0x3000, 0x9) pipe2$9p(&(0x7f0000000000), 0x80800) openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) socket$inet_udp(0x2, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f00000001c0)='X', 0x1, 0x4040, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) syz_emit_ethernet(0x0, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e11263", 0xdc}], 0x2}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r5, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"}) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b18, 0x0) shutdown(r3, 0x1) 10m25.542727646s ago: executing program 3 (id=667): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r2, 0x0, 0x11203}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x10) 10m23.79331686s ago: executing program 3 (id=669): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=@ipv4_newaddr={0x28, 0x14, 0x101, 0x0, 0x0, {0x2, 0x20, 0x0, 0x0, r2}, [@IFA_ADDRESS={0x8, 0x1, @empty}, @IFA_LOCAL={0x8, 0x2, @remote}]}, 0x28}}, 0x0) 10m23.574483066s ago: executing program 3 (id=670): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) madvise(&(0x7f0000f0f000/0x2000)=nil, 0x2000, 0x15) 10m14.997721678s ago: executing program 3 (id=676): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) mmap$fb(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x11, r0, 0x6f000) 10m14.877826982s ago: executing program 3 (id=677): r0 = msgget$private(0x0, 0x0) msgctl$IPC_RMID(r0, 0x0) msgctl$MSG_STAT_ANY(r0, 0xd, 0x0) 9m29.763787871s ago: executing program 34 (id=677): r0 = msgget$private(0x0, 0x0) msgctl$IPC_RMID(r0, 0x0) msgctl$MSG_STAT_ANY(r0, 0xd, 0x0) 17.35444161s ago: executing program 2 (id=1440): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef91", 0x12) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000003c80)=ANY=[], 0x12f4}}, 0x0) recvfrom$inet(r1, &(0x7f0000000680)=""/4096, 0x1000, 0x10000, 0x0, 0x0) 17.105386257s ago: executing program 2 (id=1441): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r2, 0x0, 0xffffffffffffffff}, 0x50) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x216, 0x5}) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) 6.076360434s ago: executing program 4 (id=1446): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000e00)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9ee6ae29f0b07bc6fe7981126ca804c1f64e6c19ba36b2778c5f4a1c58625fe19516af43c9870c5b8191e23778abe7df2280d459b1651686a53ca52dce9570444c153f9c2903ae4c868074e89477bf6ed2ab", 0xac}, {&(0x7f0000000f00)="397d5f2edc82d0337ae5ab9ee47dc3e798cf69cfebf169e77257f308227094d569a4326954e50ea185bc6fff0507c5dfd26676de9ddac4fe6db927cd4d03965f42d9c7513eff1631baa83e3daf514c600450374f6d76b8fcf2bc3eca29ce7538f85aa34b2bdcc17ecd080f0850377f771a4e8693703da4e347e0165f00872a21845e17030de0ff47bc869de32ee24ca05e6f805ec0a1d0257e0e6f900e6cfb68e827b515d05bf2cc14e53e04b713a851bd65", 0xb2}, {&(0x7f0000000580)="4068745fc217775e9fca3477d3c929c1231d710ed7", 0x15}], 0x3}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000740)="b1f56ee29c43", 0x6}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000300)="b5d3838236773268a73daecfa0fdc5beb5a7ac332a11523627b41db31da6be0055bf716aa2b23b97d43cc40c632f6b9850f364ba0831ed0d6f7157f204275aa850d992d81ba6ab984bd809254e847b644cf6459a8139c3ebba62168141343c853896523ffb04131b2786acc44a57f5b1bd33cdaef8dd3c0526b7454eefe5153c5778ce05c77e962fd6bf3a4b9eb05654e64f1867398e202b4920e9ebc08f6e6dc652a12e45445030e069f44b", 0xac}, {&(0x7f0000000500)="e47ecfc6ce6d4d9cc5a0fbf98f301803da3adfbec8a1d5324076b744b24bc7cf83120d4819726e827d90219c7100dc54801b32c3a9a69a238db1f4d16464062d870e812ee381b6b3c234824a4a4475f9ee81286836e549ff446b0004adc6b16981ea546cd24ff6d5739a", 0x6a}, {&(0x7f0000000840)="fbdd17a812c727337dc6c74dcb077562b57a440dbf7711ba245a62b76d46b0f19e6ff608ef9e5fbb4a8cfb02e28403582ceb8031acc767f766772a93a2f00ddde52ce6f7a84db1c66feecdc4a028e7b9e5e27a0057957743cbf196c517bf3ad97859c31205e3a35f435ec338927f53a43fae1907b2c772d9b35b9b3aa61985ea588557", 0x83}, {&(0x7f0000001300)="9f289544783daada5fedb202b944a5d336217d3a5e4d71506342f371603141bb7a97644a5ed7d82b6e788c09793ec4e047cba8525ef9d17fc8457083a3018bdfc7d6911e486ddc867794efd70509c297900796bb264984193bd19cdd7343dddf3d102bf15b12f7c9578045cb2c429af49ea127da0f1e6fce7ca321f47054201952f0e318c68062c18bd61141d7b54ee3b81529572a116449ee773552cff69f641c4e69741ac10ec7b626d95931a92f805e75cb11af222ae79b977a16991b499925a82482d5ed16d6b0a0faecc057e3df07c33c8e16a5e083e47d48483bb047b17e6aae07e8587fcaea04019b1292864c9e30c679a7b0d3ac5ee9a6eedab246b6fb7afee2f319c653b0ae7132b4a52aba2e21b2cc725abfe5f825f285b38f78af0229684e8a3a0509b5bc10102c48309135ef698296bcd2eaf28793bf9fd3f6d721f58e18514613577833f6022dcad0b265ec7434cb0e461ea733111b5135f6db5156c05095418ae230addc50d9f0fe6dbe80bc89c462dab58cb7c311d183f99fd8ae8aaecd159e13b954dfc1ae0145bc4f34f01a391ed9eed0740459ae02351bf0ea537fad3a57d293efc19435ef2e6b4a3ba5c595970f9f31a5a7bc291b3d8c0c5498c172851e642a537cd4328bc5c8033a96554df30a97a418318b85443d14643a82dd4b00bc977554460a83b42c6e941c0437143813a11f0e24ca4f9dc40040c63182db4114103c8a3047f41287438c7b049f850bed263ce569777f9d878f74c9f4673681dd8c3c5824993fa8b6f98f761433a797092baf983d6bd24ec31fc0ddca76ccd14cbf2c03966be456c78f1a5d5b98e423d396bf0a57ce12afa970dbfa30ed7276e8a60c5a36ca60f7092dfccf911e9e0692ed24241f3d811aac780423ca1a619d8d492d19c03c4f9564416a8000e9a79e9467592ad883c239e00c92e152398715a45083bf4b0a637099c52286a67ac9315493a32fcc35d712cf6c7b762c01d88d6167207671d4fec410db2e342fa7dfe2539b084c47ed2853a417b8e6525dd6b0b5956eb55a0941d427f6298d91aceeb049ab0faba61600231848bcfe911ef922ffc9c8f96855747f1e22760bd7e0a50529b0a8b7a0c9623dabadecb1feda8c9be29dc737d12ace637c8f52b0570a0d1604c20a85a06049875a35633d7efd8b2662f42fb0334ffe589a624f86567126a07eaaa9d2f1711d2a0cc30918404eb2aa778445303c0b733c69d8928dc6a347315be1cbfedfea5ad8a60b57641d1b59a41047aa35344c86b2ace2676ea561d7338880d1c1d8600f466d8636f999512fbbf60d9a4f2c054d93ec46f807151e47ce344c8494da9c405a4ceb1ce3d73bbc531485407f80a626d6808dec3700f164b242ee1ee3884258f863e98ab9e2fcbd7df60cf0e80df6ee6d0ff34ca9018c7baf9f8509720e080b76ef18e17d0d3ee74582dd9ad13fdb052f8e638362c327b609c1306f6fb59171b10c2a770ecd4a66c36a5404258bd3542705aee783074ccd963286b6f8c2576e0b77e1c9d58ea20bc9ae7a16508f241476f5ee52687592369fc78103547b83ecc259da28810932b33bb1bb34d919e683a56e993f0eb7c55a9fd1b369aea8bba9fbcbdea186f5fd2425be9839ef981f9310d236826c98c4b262d0c0e0e7a0069a49d26dc031e4723323f3b583672cbcb7d7d687e391917e750251b617f11e3eb5f703c74029f48794307440a6bb5f3a94498848baad0176424e4139a960bd01c0d24e85b1b752618ff1fb7007df1fd7d8bc39ce6a8aa28a9b52e54f36c96bd030cf7aa2d49fe289a120002244557d7279a53c129f87f7d6703cd8250d670617eed49b0ad9b0649bb41870e1a7e144b355818d3a5ea6b5ac2cb95e72a04c12b426f93fbe953ae0ddfc822ca03c1002042b9602a16e5a827d535574be25bd6790472dbeb2ede3866fb436698f7a6ba9ef020ae4cfe60061ae38dceb5972d5a27b232f525b4a3de944603d3d98eb3bd8771e268a1e8ff991021329e7c81dda4fe1a6ee463674006a24eb1556ff7113379e5f34ab22f317a30b12b1cd9c8775d84ae7c39ae09f23e04329ec8796e753fd917b1ecf955507cd3cb9f0113f3e85a6b9133a55dfadd7c85a1a5396ec6edeac43b46cb5b6f457182a951772cc31e03f2f1e45426fc703dcd145925f7f9f63cfb9641c1573a9eabd2a57d56d85b61ef2bdccc59158f576c3b32a84c119a58d0d2cee6f628742d9a1c84df7068fc42f239cacb96b17f341a3732a22c64f5aae42012235ec8b6797c65c8d9b0735134b190e7a1aafe31e7b9969c3d5320f8f65996cbfd5904215b00a3d787666d9ff30fd1aa00e355cddb34ac872a330ef7efea9f6a329dd39de518ab7db93c3f491ae924783950753f41d9b9cccc2a3fd19adff63589cdd989ee993a0c3b3965a54ec972461b80fd3a3fd495747c36c0275a15b5cef565dd9ee57e83ae3fa9ff1458f0fa68c47fc711c4a04f1", 0x6e4}], 0x4}}], 0x3, 0xc0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f00000012c0)="09268a92", 0x4, 0x11, 0x0, 0x0) 5.945209998s ago: executing program 2 (id=1447): renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_GET_TSC(0x43, &(0x7f0000000040)) 3.006787958s ago: executing program 4 (id=1448): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_LOW_RATE_THRESHOLD={0x8, 0xb, 0x4}]}}]}, 0x38}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.765445796s ago: executing program 4 (id=1449): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x8c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3f, 0xe, {{{}, {0xb4c}, @device_a, @device_b}, 0x0, @default, 0x0, @void, @void, @void, @val={0x4, 0x6}, @val={0x6, 0x2}, @void, @val={0x25, 0x3, {0x0, 0x34}}, @void, @val={0x3c, 0x4, {0x1, 0x6, 0xb8, 0x4}}, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon=[@NL80211_ATTR_FTM_RESPONDER={0x18, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x5, 0x3, "16"}, @NL80211_FTM_RESP_ATTR_LCI={0x6, 0x2, "acb0"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}]]}, 0x8c}, 0x1, 0x0, 0x0, 0x90}, 0x0) 754.117727ms ago: executing program 4 (id=1450): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef91", 0x12) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000003c80)=ANY=[], 0x12f4}}, 0x0) recvfrom$inet(r1, &(0x7f0000000680)=""/4096, 0x1000, 0x10000, 0x0, 0x0) 496.347875ms ago: executing program 2 (id=1451): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='sched_switch\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e00000000000000fdfe070008"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000280)={r1, 0x0, &(0x7f0000000200)=""/76}, 0x20) 417.528147ms ago: executing program 4 (id=1452): r0 = socket(0xa, 0x2, 0x0) getsockopt$bt_hci(r0, 0x29, 0x1, 0x0, 0x0) 227.034503ms ago: executing program 2 (id=1453): r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xffff, 0xffff}}}, 0x24}}, 0x0) ioctl$TCFLSH(r0, 0x40204706, 0x20000000) 88.537357ms ago: executing program 4 (id=1454): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}], 0x1, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000140)=@arm64={0x28, 0x7, 0x2, '\x00', 0x694}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 2 (id=1455): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) r2 = eventfd2(0x0, 0x0) r3 = eventfd2(0x0, 0x1) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000002c0)={r2, 0x1, 0x2, r3}) r4 = eventfd2(0x0, 0x801) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r4, 0x1, 0x2, r3}) close(0x4) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:60505' (ED25519) to the list of known hosts. syzkaller login: [ 125.776554][ T3267] cgroup: Unknown subsys name 'net' [ 126.163691][ T3267] cgroup: Unknown subsys name 'cpuset' [ 126.203418][ T3267] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 127.215303][ T3267] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 137.745655][ T3273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 137.790889][ T3273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.213916][ T3272] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 138.256943][ T3272] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 139.776525][ T3273] hsr_slave_0: entered promiscuous mode [ 139.821451][ T3273] hsr_slave_1: entered promiscuous mode [ 140.676126][ T3272] hsr_slave_0: entered promiscuous mode [ 140.720785][ T3272] hsr_slave_1: entered promiscuous mode [ 140.778543][ T3272] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 140.779789][ T3272] Cannot create hsr debugfs directory [ 141.192533][ T3273] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 141.299737][ T3273] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 141.360410][ T3273] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 141.453531][ T3273] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 142.127822][ T3272] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 142.152255][ T3272] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 142.181563][ T3272] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 142.210194][ T3272] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 143.315488][ T3273] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.751249][ T3272] 8021q: adding VLAN 0 to HW filter on device bond0 [ 149.251835][ T3273] veth0_vlan: entered promiscuous mode [ 149.311948][ T3273] veth1_vlan: entered promiscuous mode [ 149.589894][ T3273] veth0_macvtap: entered promiscuous mode [ 149.613443][ T3273] veth1_macvtap: entered promiscuous mode [ 149.795201][ T3273] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.796089][ T3273] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.796895][ T3273] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.800525][ T3273] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.155994][ T3272] veth0_vlan: entered promiscuous mode [ 150.200904][ T3272] veth1_vlan: entered promiscuous mode [ 150.215258][ T3273] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 150.336474][ T3272] veth0_macvtap: entered promiscuous mode [ 150.361257][ T3272] veth1_macvtap: entered promiscuous mode [ 150.590473][ T3272] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.591534][ T3272] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.592313][ T3272] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.593083][ T3272] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.388030][ T3458] capability: warning: `syz.1.19' uses deprecated v2 capabilities in a way that may be insecure [ 162.070986][ T3467] syz.1.21 (3467): /proc/3467/oom_adj is deprecated, please use /proc/3467/oom_score_adj instead. [ 172.028240][ T3504] Zero length message leads to an empty skb [ 175.037182][ C0] hrtimer: interrupt took 575600 ns [ 182.352113][ T3542] netlink: 8 bytes leftover after parsing attributes in process `syz.1.43'. [ 182.353638][ T3542] netlink: 48 bytes leftover after parsing attributes in process `syz.1.43'. [ 183.892158][ T3549] netlink: 12 bytes leftover after parsing attributes in process `syz.1.46'. [ 188.147904][ T3579] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 188.353973][ T3577] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 205.328133][ T30] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 205.488307][ T30] usb 1-1: Using ep0 maxpacket: 8 [ 205.505165][ T30] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 205.506147][ T30] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 205.539605][ T30] usb 1-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d [ 205.540794][ T30] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.541809][ T30] usb 1-1: Product: syz [ 205.542319][ T30] usb 1-1: Manufacturer: syz [ 205.542747][ T30] usb 1-1: SerialNumber: syz [ 208.153584][ T3375] usb 1-1: USB disconnect, device number 2 [ 212.322171][ T3671] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 212.325462][ T3671] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 212.981780][ T3679] netlink: 'syz.1.90': attribute type 29 has an invalid length. [ 212.990932][ T3679] netlink: 'syz.1.90': attribute type 29 has an invalid length. [ 212.996132][ T3679] netlink: 'syz.1.90': attribute type 29 has an invalid length. [ 213.004644][ T3679] netlink: 'syz.1.90': attribute type 29 has an invalid length. [ 213.192338][ T3683] sock: sock_set_timeout: `syz.1.92' (pid 3683) tries to set negative timeout [ 213.554138][ T3687] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 214.027689][ T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 214.297961][ T10] usb 1-1: config 0 has no interfaces? [ 214.335880][ T10] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 214.339300][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.340744][ T10] usb 1-1: Product: syz [ 214.343576][ T10] usb 1-1: Manufacturer: syz [ 214.344505][ T10] usb 1-1: SerialNumber: syz [ 214.372282][ T10] usb 1-1: config 0 descriptor?? [ 216.488376][ T3719] netlink: 'syz.1.108': attribute type 10 has an invalid length. [ 216.491946][ T3719] veth0_macvtap: entered allmulticast mode [ 217.385385][ T3727] netlink: 'syz.1.111': attribute type 1 has an invalid length. [ 219.012074][ T3744] netlink: 'syz.1.118': attribute type 29 has an invalid length. [ 219.020226][ T3744] netlink: 'syz.1.118': attribute type 29 has an invalid length. [ 219.025176][ T3744] netlink: 'syz.1.118': attribute type 29 has an invalid length. [ 219.034408][ T3744] netlink: 'syz.1.118': attribute type 29 has an invalid length. [ 220.445844][ T3755] netlink: 'syz.1.123': attribute type 29 has an invalid length. [ 220.456750][ T3755] netlink: 'syz.1.123': attribute type 29 has an invalid length. [ 220.470349][ T3755] netlink: 'syz.1.123': attribute type 29 has an invalid length. [ 220.480695][ T3755] netlink: 'syz.1.123': attribute type 29 has an invalid length. [ 228.127698][ T30] usb 1-1: USB disconnect, device number 3 [ 229.888258][ T1875] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 230.069290][ T1875] usb 1-1: config 0 has no interfaces? [ 230.092307][ T1875] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 230.093831][ T1875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.094820][ T1875] usb 1-1: Product: syz [ 230.095684][ T1875] usb 1-1: Manufacturer: syz [ 230.101543][ T1875] usb 1-1: SerialNumber: syz [ 230.123670][ T1875] usb 1-1: config 0 descriptor?? [ 232.105231][ T3829] netlink: 4 bytes leftover after parsing attributes in process `syz.1.150'. [ 236.501207][ T3844] syz.1.156 uses obsolete (PF_INET,SOCK_PACKET) [ 242.210135][ T3888] netlink: 4 bytes leftover after parsing attributes in process `syz.1.174'. [ 243.962744][ T1875] usb 1-1: USB disconnect, device number 4 [ 246.241534][ T3920] nvme_fabrics: unknown parameter or missing value ' ' in ctrl creation request [ 247.098807][ T3934] netlink: 4 bytes leftover after parsing attributes in process `syz.1.186'. [ 247.968250][ T3375] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 248.218804][ T3375] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 248.220511][ T3375] usb 1-1: config 0 has no interfaces? [ 248.280192][ T3375] usb 1-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=62.70 [ 248.280952][ T3375] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 248.281638][ T3375] usb 1-1: Product: syz [ 248.282009][ T3375] usb 1-1: Manufacturer: syz [ 248.282396][ T3375] usb 1-1: SerialNumber: syz [ 248.305556][ T3375] usb 1-1: config 0 descriptor?? [ 248.552538][ T1875] usb 1-1: USB disconnect, device number 5 [ 254.249313][ T29] audit: type=1326 audit(254.000:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3993 comm="syz.0.216" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9cb4a068 code=0x7ffc0000 [ 254.252411][ T29] audit: type=1326 audit(254.010:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3993 comm="syz.0.216" exe="/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9cb4a068 code=0x7ffc0000 [ 254.254575][ T29] audit: type=1326 audit(254.010:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3993 comm="syz.0.216" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9cb4a068 code=0x7ffc0000 [ 254.278079][ T29] audit: type=1326 audit(254.020:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3993 comm="syz.0.216" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9cb4a068 code=0x7ffc0000 [ 254.280483][ T29] audit: type=1326 audit(254.040:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3993 comm="syz.0.216" exe="/syz-executor" sig=0 arch=c00000b7 syscall=200 compat=0 ip=0xffff9cb4a068 code=0x7ffc0000 [ 254.282226][ T29] audit: type=1326 audit(254.040:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3993 comm="syz.0.216" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9cb4a068 code=0x7ffc0000 [ 254.284159][ T29] audit: type=1326 audit(254.050:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3993 comm="syz.0.216" exe="/syz-executor" sig=0 arch=c00000b7 syscall=202 compat=0 ip=0xffff9cb4a068 code=0x7ffc0000 [ 254.286457][ T29] audit: type=1326 audit(254.050:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3993 comm="syz.0.216" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9cb4a068 code=0x7ffc0000 [ 254.308736][ T29] audit: type=1326 audit(254.060:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3993 comm="syz.0.216" exe="/syz-executor" sig=0 arch=c00000b7 syscall=23 compat=0 ip=0xffff9cb4a068 code=0x7ffc0000 [ 254.310692][ T29] audit: type=1326 audit(254.060:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3993 comm="syz.0.216" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9cb4a068 code=0x7ffc0000 [ 255.659418][ T4011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 255.662811][ T4011] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 256.126358][ T4016] sctp: [Deprecated]: syz.1.226 (pid 4016) Use of int in max_burst socket option deprecated. [ 256.126358][ T4016] Use struct sctp_assoc_value instead [ 256.364017][ T4020] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 256.365793][ T4020] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 256.729792][ T4028] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check. [ 257.628890][ T10] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 257.778297][ T10] usb 1-1: Using ep0 maxpacket: 32 [ 257.809213][ T10] usb 1-1: config 0 has an invalid interface number: 12 but max is 0 [ 257.811189][ T10] usb 1-1: config 0 has no interface number 0 [ 257.813415][ T10] usb 1-1: config 0 interface 12 has no altsetting 0 [ 257.853860][ T10] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 257.855128][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 257.856532][ T10] usb 1-1: Product: syz [ 257.858870][ T10] usb 1-1: Manufacturer: syz [ 257.859664][ T10] usb 1-1: SerialNumber: syz [ 257.886531][ T10] usb 1-1: config 0 descriptor?? [ 258.579651][ T10] f81534 1-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 258.581302][ T10] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71 [ 258.582558][ T10] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 258.584277][ T10] f81534 1-1:0.12: probe with driver f81534 failed with error -71 [ 258.665384][ T10] usb 1-1: USB disconnect, device number 6 [ 261.796070][ T4066] netlink: 8 bytes leftover after parsing attributes in process `syz.1.244'. [ 261.798795][ T4066] netlink: 8 bytes leftover after parsing attributes in process `syz.1.244'. [ 262.334731][ T4074] usb usb1: usbfs: process 4074 (syz.1.249) did not claim interface 0 before use [ 263.039118][ T4083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 263.042592][ T4083] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 263.411232][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 263.411474][ T29] audit: type=1326 audit(263.180:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4088 comm="syz.1.256" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 263.413464][ T29] audit: type=1326 audit(263.180:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4088 comm="syz.1.256" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 263.423927][ T29] audit: type=1326 audit(263.190:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4088 comm="syz.1.256" exe="/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 263.425877][ T29] audit: type=1326 audit(263.190:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4088 comm="syz.1.256" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 263.438092][ T29] audit: type=1326 audit(263.200:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4088 comm="syz.1.256" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 263.440082][ T29] audit: type=1326 audit(263.200:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4088 comm="syz.1.256" exe="/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 263.445780][ T29] audit: type=1326 audit(263.200:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4088 comm="syz.1.256" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 271.780090][ T4148] netlink: 24 bytes leftover after parsing attributes in process `syz.1.281'. [ 271.852910][ T4148] netlink: 4 bytes leftover after parsing attributes in process `syz.1.281'. [ 272.103402][ T4151] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 272.106253][ T4151] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 277.245867][ T4224] syzkaller1: entered promiscuous mode [ 277.246601][ T4224] syzkaller1: entered allmulticast mode [ 277.322344][ T49] block nbd1: Receive control failed (result -107) [ 277.388423][ T4224] nbd1: detected capacity change from 0 to 22 [ 277.411165][ T4043] block nbd1: Dead connection, failed to find a fallback [ 277.411994][ T4043] block nbd1: shutting down sockets [ 277.412687][ T4043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.413646][ T4043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 277.415990][ T4043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.416745][ T4043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 277.425156][ T4043] nbd1: unable to read partition table [ 277.435864][ T4224] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.436744][ T4224] Buffer I/O error on dev nbd1, logical block 0, async page read [ 277.449173][ T4224] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.450106][ T4224] Buffer I/O error on dev nbd1, logical block 0, async page read [ 277.451111][ T4224] nbd1: unable to read partition table [ 277.462748][ T4043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.473855][ T4043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 277.475000][ T4043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.478557][ T4043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 277.479141][ T4043] nbd1: unable to read partition table [ 277.501157][ T4043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.502321][ T4043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 277.504245][ T4043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.505355][ T4043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 277.514132][ T4043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.515321][ T4043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 277.516651][ T4043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.524497][ T4043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 278.588134][ T4241] netlink: 40 bytes leftover after parsing attributes in process `syz.0.313'. [ 278.871103][ T4245] netlink: 24 bytes leftover after parsing attributes in process `syz.0.314'. [ 278.872274][ T4245] netlink: 24 bytes leftover after parsing attributes in process `syz.0.314'. [ 278.873327][ T4245] netlink: 364 bytes leftover after parsing attributes in process `syz.0.314'. [ 279.624812][ T4255] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 279.628290][ T4255] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 279.667849][ T8] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 279.858695][ T8] usb 1-1: Using ep0 maxpacket: 8 [ 279.917836][ T8] usb 1-1: config 1 has an invalid interface number: 83 but max is 0 [ 279.918924][ T8] usb 1-1: config 1 has no interface number 0 [ 279.963958][ T8] usb 1-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=ec.73 [ 279.965377][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.966487][ T8] usb 1-1: Product: syz [ 279.972848][ T8] usb 1-1: Manufacturer: syz [ 279.973770][ T8] usb 1-1: SerialNumber: syz [ 280.294012][ T8] keyspan 1-1:1.83: Keyspan 1 port adapter converter detected [ 280.296449][ T8] keyspan 1-1:1.83: found no endpoint descriptor for endpoint 82 [ 280.306444][ T8] keyspan 1-1:1.83: found no endpoint descriptor for endpoint 81 [ 280.322399][ T8] keyspan 1-1:1.83: found no endpoint descriptor for endpoint 1 [ 280.323926][ T8] keyspan 1-1:1.83: found no endpoint descriptor for endpoint 2 [ 280.336574][ T8] usb 1-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 280.413838][ T8] usb 1-1: USB disconnect, device number 7 [ 280.551860][ T8] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 280.563152][ T8] keyspan 1-1:1.83: device disconnected [ 282.146438][ T29] audit: type=1326 audit(281.910:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.1.332" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 282.165865][ T29] audit: type=1326 audit(281.930:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.1.332" exe="/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 282.172234][ T29] audit: type=1326 audit(281.940:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.1.332" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 282.183329][ T29] audit: type=1326 audit(281.940:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.1.332" exe="/syz-executor" sig=0 arch=c00000b7 syscall=200 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 282.185441][ T29] audit: type=1326 audit(281.950:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.1.332" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 282.229745][ T29] audit: type=1326 audit(281.970:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.1.332" exe="/syz-executor" sig=0 arch=c00000b7 syscall=201 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 282.231356][ T29] audit: type=1326 audit(281.970:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.1.332" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8af4a068 code=0x7ffc0000 [ 285.019377][ T4321] binder: 4320:4321 ioctl 4018620d 0 returned -22 [ 285.023977][ T4321] binder: 4320:4321 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 285.028106][ T4321] binder: 4321 RLIMIT_NICE not set [ 285.918210][ T3375] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 286.078635][ T3375] usb 1-1: Using ep0 maxpacket: 16 [ 286.083944][ T3375] usb 1-1: too many configurations: 60, using maximum allowed: 8 [ 286.098277][ T3375] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 286.112364][ T3375] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 286.130552][ T3375] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 286.138738][ T3375] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 286.147879][ T3375] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 286.158826][ T3375] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 286.182023][ T3375] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 286.194638][ T3375] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 286.220898][ T3375] usb 1-1: New USB device found, idVendor=0471, idProduct=032c, bcdDevice=ba.e9 [ 286.222195][ T3375] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=204 [ 286.223337][ T3375] usb 1-1: Product: syz [ 286.223986][ T3375] usb 1-1: Manufacturer: syz [ 286.224855][ T3375] usb 1-1: SerialNumber: syz [ 286.259922][ T3375] usb 1-1: config 0 descriptor?? [ 286.479382][ T3375] usb 1-1: USB disconnect, device number 8 [ 288.479471][ T4354] binder: 4353:4354 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 [ 289.110024][ T4363] netlink: 'syz.1.369': attribute type 3 has an invalid length. [ 289.111582][ T4363] netlink: 'syz.1.369': attribute type 3 has an invalid length. [ 290.128613][ T4376] input: syz1 as /devices/virtual/input/input2 [ 292.286751][ T4406] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 292.290331][ T4406] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 292.845595][ T4413] capability: warning: `syz.0.390' uses 32-bit capabilities (legacy support in use) [ 294.124301][ T4426] input: syz1 as /devices/virtual/input/input3 [ 294.194761][ T4427] input: syz1 as /devices/virtual/input/input4 [ 294.811409][ T30] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 294.998916][ T30] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 295.000738][ T30] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 295.002071][ T30] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.019021][ T30] usb 1-1: config 0 descriptor?? [ 295.246146][ T3375] usb 1-1: USB disconnect, device number 9 [ 295.738336][ T30] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 295.943409][ T30] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 295.945249][ T30] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 295.946562][ T30] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.968543][ T30] usb 1-1: config 0 descriptor?? [ 297.362417][ T4436] block device autoloading is deprecated and will be removed. [ 297.691558][ T4440] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 50149 - 0 [ 297.693025][ T4440] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 50149 - 0 [ 297.694112][ T4440] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 50149 - 0 [ 297.695315][ T4440] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 50149 - 0 [ 297.702235][ T4440] netdevsim netdevsim1 netdevsim0: set [1, 2] type 2 family 0 port 41297 - 0 [ 297.704509][ T4440] netdevsim netdevsim1 netdevsim1: set [1, 2] type 2 family 0 port 41297 - 0 [ 297.705694][ T4440] netdevsim netdevsim1 netdevsim2: set [1, 2] type 2 family 0 port 41297 - 0 [ 297.706842][ T4440] netdevsim netdevsim1 netdevsim3: set [1, 2] type 2 family 0 port 41297 - 0 [ 297.712500][ T4440] geneve2: entered promiscuous mode [ 297.713381][ T4440] geneve2: entered allmulticast mode [ 297.845753][ T4442] A link change request failed with some changes committed already. Interface veth0_to_bridge may have been left with an inconsistent configuration, please check. [ 297.958202][ T4444] netlink: 4 bytes leftover after parsing attributes in process `syz.1.404'. [ 306.275299][ T3375] usb 1-1: USB disconnect, device number 10 [ 316.959656][ T4538] xt_policy: neither incoming nor outgoing policy selected [ 330.929086][ T4561] netlink: 28 bytes leftover after parsing attributes in process `syz.1.446'. [ 330.930233][ T4561] netlink: 28 bytes leftover after parsing attributes in process `syz.1.446'. [ 346.131695][ T4590] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 346.134744][ T4590] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 356.353696][ T4619] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 356.354404][ T4619] IPv6: NLM_F_CREATE should be set when creating new route [ 394.610161][ T4683] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 394.613228][ T4683] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 398.197192][ C1] vkms_vblank_simulate: vblank timer overrun [ 405.286578][ T4711] bond1: entered promiscuous mode [ 405.287921][ T4711] bond1: entered allmulticast mode [ 405.290316][ T4711] 8021q: adding VLAN 0 to HW filter on device bond1 [ 405.825806][ T4714] netlink: 4 bytes leftover after parsing attributes in process `syz.1.491'. [ 408.192570][ T4722] binder: 4722:4717 cannot find target node [ 408.193586][ T4722] binder: 4717:4722 transaction call to 0:0 failed 1/29189/-22, size 0-0 line 3145 [ 408.195751][ T4722] binder: 4717:4722 ioctl c0306201 200011c0 returned -14 [ 413.158177][ T4726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 413.160951][ T4726] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 431.635970][ T4757] netlink: 188 bytes leftover after parsing attributes in process `syz.1.501'. [ 465.939685][ T1875] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 466.786793][ T1875] usb 1-1: config 0 has an invalid interface number: 64 but max is 0 [ 466.827592][ T1875] usb 1-1: config 0 has no interface number 0 [ 467.433626][ T1875] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 467.462094][ T1875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.523758][ T1875] usb 1-1: Product: syz [ 467.530093][ T1875] usb 1-1: Manufacturer: syz [ 467.584215][ T1875] usb 1-1: SerialNumber: syz [ 468.432444][ T1875] usb 1-1: config 0 descriptor?? [ 472.953217][ T4820] netlink: 24 bytes leftover after parsing attributes in process `syz.1.519'. [ 478.631733][ T10] usb 1-1: USB disconnect, device number 11 [ 480.115550][ T4827] nvme_fabrics: missing parameter 'transport=%s' [ 480.116664][ T4827] nvme_fabrics: missing parameter 'nqn=%s' [ 486.710784][ T4858] netlink: 104 bytes leftover after parsing attributes in process `syz.0.529'. [ 498.990970][ T4878] netlink: 24 bytes leftover after parsing attributes in process `syz.1.536'. [ 503.751179][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 617.221284][ T5113] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 617.601414][ T5113] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 618.479828][ T5109] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 618.535150][ T5109] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 621.982060][ T5113] hsr_slave_0: entered promiscuous mode [ 622.232640][ T5113] hsr_slave_1: entered promiscuous mode [ 622.499444][ T5113] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 622.502188][ T5113] Cannot create hsr debugfs directory [ 623.365117][ T5109] hsr_slave_0: entered promiscuous mode [ 623.601468][ T5109] hsr_slave_1: entered promiscuous mode [ 623.878030][ T5109] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 623.879319][ T5109] Cannot create hsr debugfs directory [ 626.024890][ T5113] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 626.105717][ T5113] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 626.190252][ T5113] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 626.319093][ T5113] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 626.774765][ T5109] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 626.832851][ T5109] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 626.944311][ T5109] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 627.072168][ T5109] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 630.483384][ T5113] 8021q: adding VLAN 0 to HW filter on device bond0 [ 631.765621][ T5109] 8021q: adding VLAN 0 to HW filter on device bond0 [ 639.677771][ T791] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.902184][ T791] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.040606][ T791] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.186820][ T791] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 642.892942][ T791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 642.975204][ T791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 643.032567][ T791] bond0 (unregistering): Released all slaves [ 643.072085][ T791] bond1 (unregistering): Released all slaves [ 643.112436][ T791] bond2 (unregistering): Released all slaves [ 643.579485][ T791] hsr_slave_0: left promiscuous mode [ 643.631954][ T791] hsr_slave_1: left promiscuous mode [ 643.785666][ T791] veth1_macvtap: left promiscuous mode [ 643.786602][ T791] veth0_macvtap: left promiscuous mode [ 643.791252][ T791] veth1_vlan: left promiscuous mode [ 643.792232][ T791] veth0_vlan: left promiscuous mode [ 647.652741][ T5113] veth0_vlan: entered promiscuous mode [ 647.787559][ T5113] veth1_vlan: entered promiscuous mode [ 648.201853][ T5113] veth0_macvtap: entered promiscuous mode [ 648.290046][ T5113] veth1_macvtap: entered promiscuous mode [ 648.762533][ T5113] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 648.764095][ T5113] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 648.765410][ T5113] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 648.766647][ T5113] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 650.403978][ T5109] veth0_vlan: entered promiscuous mode [ 650.710253][ T5109] veth1_vlan: entered promiscuous mode [ 651.601404][ T5109] veth0_macvtap: entered promiscuous mode [ 651.664620][ T5109] veth1_macvtap: entered promiscuous mode [ 651.960121][ T5109] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.961126][ T5109] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.962522][ T5109] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 651.965980][ T5109] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.342776][ T5401] binder: 5400:5401 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 682.344587][ T5401] binder: 5401 RLIMIT_NICE not set [ 682.629294][ T5404] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 682.633027][ T5404] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 702.244914][ T5462] netlink: 'syz.2.671': attribute type 10 has an invalid length. [ 720.444121][ T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 720.445867][ T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 50149 - 0 [ 720.451867][ T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 41297 - 0 [ 721.612152][ T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 721.613692][ T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 50149 - 0 [ 721.615085][ T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 41297 - 0 [ 722.583878][ T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 722.584732][ T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 50149 - 0 [ 722.585468][ T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 41297 - 0 [ 722.788816][ T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 722.790486][ T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 50149 - 0 [ 722.791858][ T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 41297 - 0 [ 727.763925][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 728.101333][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 728.189160][ T59] bond0 (unregistering): Released all slaves [ 728.274065][ T59] bond1 (unregistering): Released all slaves [ 728.772435][ T59] hsr_slave_0: left promiscuous mode [ 728.824669][ T59] hsr_slave_1: left promiscuous mode [ 728.949783][ T59] veth1_macvtap: left promiscuous mode [ 728.950862][ T59] veth1_vlan: left promiscuous mode [ 728.951852][ T59] veth0_vlan: left promiscuous mode [ 735.728920][ T5549] vlan2: entered promiscuous mode [ 735.734647][ T5549] veth0: entered promiscuous mode [ 735.820064][ T5549] bond0: (slave vlan2): Enslaving as an active interface with an up link [ 750.580336][ T126] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 750.853630][ T126] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 751.130360][ T126] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 751.404478][ T126] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 753.790427][ T126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 753.852431][ T126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 753.922732][ T126] bond0 (unregistering): Released all slaves [ 754.242077][ T126] hsr_slave_0: left promiscuous mode [ 754.280270][ T126] hsr_slave_1: left promiscuous mode [ 754.404073][ T126] veth1_macvtap: left promiscuous mode [ 754.405289][ T126] veth0_macvtap: left promiscuous mode [ 754.406849][ T126] veth1_vlan: left promiscuous mode [ 754.418633][ T126] veth0_vlan: left promiscuous mode [ 755.806436][ T5625] netlink: 36 bytes leftover after parsing attributes in process `syz.2.712'. [ 760.622335][ T5673] netlink: 8 bytes leftover after parsing attributes in process `syz.2.717'. [ 760.725812][ T5599] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 760.805545][ T5599] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 760.859116][ T5675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 760.863522][ T5675] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 764.021425][ T5599] hsr_slave_0: entered promiscuous mode [ 764.091480][ T5599] hsr_slave_1: entered promiscuous mode [ 766.139096][ T5599] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 766.179288][ T5599] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 766.225024][ T5599] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 766.277857][ T5599] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 771.216659][ T5599] 8021q: adding VLAN 0 to HW filter on device bond0 [ 777.321598][ T5762] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 777.324705][ T5762] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 784.224544][ T5599] veth0_vlan: entered promiscuous mode [ 784.304875][ T5599] veth1_vlan: entered promiscuous mode [ 784.481352][ T5599] veth0_macvtap: entered promiscuous mode [ 784.504282][ T5599] veth1_macvtap: entered promiscuous mode [ 784.794182][ T5599] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 784.795635][ T5599] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 784.798371][ T5599] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 784.799728][ T5599] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 787.244295][ T5832] netlink: 4 bytes leftover after parsing attributes in process `syz.4.734'. [ 789.531472][ T5856] netlink: 'syz.4.742': attribute type 1 has an invalid length. [ 789.532696][ T5856] netlink: 56 bytes leftover after parsing attributes in process `syz.4.742'. [ 790.392479][ T5864] netlink: 28 bytes leftover after parsing attributes in process `syz.2.746'. [ 790.395120][ T5864] netlink: 'syz.2.746': attribute type 7 has an invalid length. [ 790.396125][ T5864] netlink: 'syz.2.746': attribute type 8 has an invalid length. [ 790.412217][ T5864] netlink: 4 bytes leftover after parsing attributes in process `syz.2.746'. [ 797.087872][ T5884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 797.092385][ T5884] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 804.631770][ T5919] binder: 5918:5919 ioctl c0306201 0 returned -14 [ 804.765073][ T5919] binder: 5918:5919 got transaction to invalid handle, 1 [ 804.766358][ T5919] binder: 5919:5918 cannot find target node [ 804.771920][ T5919] binder: 5918:5919 transaction async to 0:0 failed 4/29201/-22, size 0-0 line 3145 [ 804.849748][ T5774] binder: undelivered TRANSACTION_ERROR: 29201 [ 809.856370][ T5932] bond1: entered promiscuous mode [ 809.856761][ T5932] bond1: entered allmulticast mode [ 809.859148][ T5932] 8021q: adding VLAN 0 to HW filter on device bond1 [ 809.931606][ T5932] bond1 (unregistering): Released all slaves [ 811.070529][ T5938] vxcan1: tx address claim with different name [ 820.024536][ T5963] netlink: 'syz.4.766': attribute type 10 has an invalid length. [ 828.499728][ T5987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 828.502767][ T5987] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 829.490377][ T6000] netlink: 40 bytes leftover after parsing attributes in process `syz.2.779'. [ 830.468895][ T6011] binder: 6009:6011 got transaction to invalid handle, 1 [ 830.469934][ T6011] binder: 6011:6009 cannot find target node [ 830.470738][ T6011] binder: 6009:6011 transaction async to 0:0 failed 5/29201/-22, size 0-0 line 3145 [ 830.528954][ T8] binder: undelivered TRANSACTION_ERROR: 29201 [ 832.021372][ T6024] netlink: 8 bytes leftover after parsing attributes in process `syz.4.788'. [ 832.023429][ T6024] netlink: 4 bytes leftover after parsing attributes in process `syz.4.788'. [ 832.024518][ T6024] netlink: 32 bytes leftover after parsing attributes in process `syz.4.788'. [ 832.030044][ T6024] block nbd0: Unsupported socket: shutdown callout must be supported. [ 834.283298][ T29] audit: type=1107 audit(1345.313:27): pid=6031 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 840.403016][ T6049] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 840.415487][ T6049] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 849.525805][ C0] vkms_vblank_simulate: vblank timer overrun [ 852.440116][ T6100] vxcan1: tx address claim with dest, not broadcast [ 852.666706][ T6102] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 852.669073][ T6102] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 859.862830][ T6130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 859.864268][ T6130] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 865.397463][ T6138] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 865.400228][ T6138] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 872.423925][ T6149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 872.434722][ T6149] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 873.017963][ T29] audit: type=1326 audit(1384.713:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6153 comm="syz.2.835" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf54a068 code=0x7ffc0000 [ 873.020251][ T29] audit: type=1326 audit(1384.723:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6153 comm="syz.2.835" exe="/syz-executor" sig=0 arch=c00000b7 syscall=150 compat=0 ip=0xffffaf54a068 code=0x7ffc0000 [ 873.022134][ T29] audit: type=1326 audit(1384.723:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6153 comm="syz.2.835" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf54a068 code=0x7ffc0000 [ 873.368498][ T6160] Invalid option length (0) for dns_resolver key [ 878.532693][ T6186] random: crng reseeded on system resumption [ 883.553522][ T6206] netlink: 16 bytes leftover after parsing attributes in process `syz.2.851'. [ 889.969113][ T6222] netlink: 16 bytes leftover after parsing attributes in process `syz.2.859'. [ 889.970425][ T6222] netlink: 16 bytes leftover after parsing attributes in process `syz.2.859'. [ 902.207749][ T6254] netlink: 40 bytes leftover after parsing attributes in process `syz.2.866'. [ 903.634499][ T6257] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 903.664193][ T6257] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 911.421434][ T6277] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 911.423034][ T6277] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 911.582140][ T6281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 911.583996][ T6281] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 914.058147][ T6296] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 914.061664][ T6296] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 915.542637][ T6298] netlink: 8 bytes leftover after parsing attributes in process `syz.2.884'. [ 920.979930][ T6330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 920.982832][ T6330] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 928.842007][ T6353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 928.844625][ T6353] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 934.015776][ T6370] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 934.038366][ T6370] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 938.555340][ T6389] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 938.560122][ T6389] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 940.683774][ T6400] netlink: 'syz.2.919': attribute type 1 has an invalid length. [ 943.935442][ T6410] syz.2.922 (6410): drop_caches: 2 [ 943.937952][ T6410] syz.2.922 (6410): drop_caches: 2 [ 947.089652][ T6411] trusted_key: syz.4.918 sent an empty control message without MSG_MORE. [ 959.392472][ T6439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 959.394143][ T6439] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 964.995288][ T6463] syz.2.938 (6463): drop_caches: 2 [ 964.998540][ T6463] syz.2.938 (6463): drop_caches: 2 [ 965.269723][ T6467] binder: 6465:6467 tried to acquire reference to desc 0, got 1 instead [ 965.276421][ T6467] binder: 6465:6467 got transaction with invalid offset (36, min 0 max 120) or object. [ 965.279547][ T6467] binder: 6465:6467 transaction call to 6465:0 failed 10/29201/-22, size 120-24 line 3449 [ 965.282808][ T25] binder: undelivered TRANSACTION_ERROR: 29201 [ 965.450176][ T6470] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 965.454501][ T6470] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 971.163126][ T6502] process 'syz.4.953' launched './file0' with NULL argv: empty string added [ 989.245227][ T6558] netlink: 60 bytes leftover after parsing attributes in process `syz.2.968'. [ 994.685925][ T29] audit: type=1326 audit(1506.433:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6587 comm="syz.4.978" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb054a068 code=0x7ffc0000 [ 994.686356][ T29] audit: type=1326 audit(1506.433:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6587 comm="syz.4.978" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb054a068 code=0x7ffc0000 [ 994.729290][ T29] audit: type=1326 audit(1506.463:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6587 comm="syz.4.978" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb054a068 code=0x7ffc0000 [ 994.731576][ T29] audit: type=1326 audit(1506.463:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6587 comm="syz.4.978" exe="/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffffb054a068 code=0x7ffc0000 [ 994.733539][ T29] audit: type=1326 audit(1506.463:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6587 comm="syz.4.978" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb054a068 code=0x7ffc0000 [ 994.735417][ T29] audit: type=1326 audit(1506.463:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6587 comm="syz.4.978" exe="/syz-executor" sig=0 arch=c00000b7 syscall=119 compat=0 ip=0xffffb054a068 code=0x7ffc0000 [ 994.746829][ T29] audit: type=1326 audit(1506.463:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6587 comm="syz.4.978" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb054a068 code=0x7ffc0000 [ 994.751391][ T29] audit: type=1326 audit(1506.473:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6587 comm="syz.4.978" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb054a068 code=0x7ffc0000 [ 994.753741][ T29] audit: type=1326 audit(1506.473:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6587 comm="syz.4.978" exe="/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffb054a068 code=0x7ffc0000 [ 994.755723][ T29] audit: type=1326 audit(1506.473:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6587 comm="syz.4.978" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb054a068 code=0x7ffc0000 [ 996.286751][ T6593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 996.290106][ T6593] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 996.304257][ T6593] netlink: 56 bytes leftover after parsing attributes in process `syz.4.978'. [ 1026.208859][ T6648] ªªªªªª: renamed from vlan0 (while UP) [ 1028.384871][ T6657] syz.4.1001 (6657): drop_caches: 2 [ 1028.444688][ T6657] syz.4.1001 (6657): drop_caches: 2 [ 1032.502511][ T6672] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1007'. [ 1043.908328][ T6708] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1043.922199][ T6708] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1044.028374][ T6702] cgroup: fork rejected by pids controller in /syz2 [ 1049.121114][ T6716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1049.146514][ T6716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1051.306818][ T6716] hsr_slave_0: entered promiscuous mode [ 1051.370255][ T6716] hsr_slave_1: entered promiscuous mode [ 1051.408404][ T6716] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1051.409548][ T6716] Cannot create hsr debugfs directory [ 1052.149045][ T6716] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1052.252734][ T6716] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1052.375136][ T6716] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1052.490741][ T6716] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1053.041953][ T6716] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1053.086177][ T6716] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1053.126507][ T6716] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1053.175897][ T6716] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1054.851455][ T6716] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1056.403691][ T6763] netlink: 'syz.4.1022': attribute type 39 has an invalid length. [ 1062.055171][ T6716] veth0_vlan: entered promiscuous mode [ 1062.115461][ T6716] veth1_vlan: entered promiscuous mode [ 1062.343935][ T6716] veth0_macvtap: entered promiscuous mode [ 1062.413461][ T6716] veth1_macvtap: entered promiscuous mode [ 1062.746687][ T6716] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1062.750289][ T6716] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1062.751384][ T6716] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1062.752463][ T6716] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1065.474772][ T6795] dlm: no local IP address has been set [ 1065.475873][ T6795] dlm: cannot start dlm midcomms -107 [ 1068.221064][ T6798] tun0: tun_chr_ioctl cmd 2148553947 [ 1068.320346][ T6798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1068.330701][ T6798] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1069.848867][ T6808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1069.865423][ T6808] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1070.257942][ T6810] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1070.265668][ T6810] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1073.859588][ T6817] could not allocate digest TFM handle sha384-ssse3 [ 1077.671803][ T6828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1077.688711][ T6828] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1078.616759][ T6833] syz.4.1033 (6833): drop_caches: 2 [ 1078.628543][ T6833] syz.4.1033 (6833): drop_caches: 2 [ 1081.890630][ T5748] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1081.973445][ T5748] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1082.056572][ T5748] bond0 (unregistering): (slave vlan2): Releasing backup interface [ 1082.124629][ T5748] veth0: left promiscuous mode [ 1082.189909][ T5748] bond0 (unregistering): Released all slaves [ 1082.414364][ T5748] hsr_slave_0: left promiscuous mode [ 1082.471764][ T5748] hsr_slave_1: left promiscuous mode [ 1082.573655][ T5748] veth1_macvtap: left promiscuous mode [ 1082.574420][ T5748] veth0_macvtap: left promiscuous mode [ 1082.575188][ T5748] veth1_vlan: left promiscuous mode [ 1082.575843][ T5748] veth0_vlan: left promiscuous mode [ 1099.089742][ T6875] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1048'. [ 1099.844858][ T6886] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 1111.619426][ T6939] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1111.622309][ T6939] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1136.063688][ T7036] serio: Serial port ptm0 [ 1140.188383][ T7041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1140.191770][ T7041] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1140.551429][ T7043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1140.554187][ T7043] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1146.762497][ T7070] binder: 7068:7070 ioctl c0306201 0 returned -14 [ 1146.783843][ T7070] binder: 7068:7070 ioctl 5422 0 returned -22 [ 1154.067756][ T7095] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1154.108984][ T7095] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1161.288737][ T7115] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 1179.959182][ T7165] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1179.963462][ T7165] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1184.039022][ T7184] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1184.043263][ T7184] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1200.398927][ T7231] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1200.401780][ T7231] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1200.644097][ T7231] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1200.648836][ T7231] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1201.478366][ T7235] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1163'. [ 1201.480943][ T7235] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1163'. [ 1203.534845][ T7242] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1166'. [ 1205.735143][ T7265] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1205.739289][ T7265] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1209.755693][ T7279] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1209.771104][ T7279] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1210.200752][ T7282] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1210.203312][ T7282] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1211.002691][ T7292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1211.004334][ T7292] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1214.960799][ T7307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1214.962347][ T7307] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1217.039447][ T7317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1217.041878][ T7317] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1219.331434][ T7349] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1219.334101][ T7349] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1220.623375][ T7365] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1220.626067][ T7365] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1222.314175][ T7383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1222.338488][ T7383] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1222.688429][ T7386] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1222'. [ 1224.689870][ T7407] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1230'. [ 1224.691998][ T7407] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1230'. [ 1232.012388][ T7456] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1250'. [ 1237.273130][ T7513] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1238.594378][ T7527] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1271'. [ 1245.001863][ T7571] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check. [ 1245.882100][ T7585] vlan0: entered promiscuous mode [ 1246.249334][ T7587] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1295'. [ 1247.479511][ T7594] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1252.583821][ T7642] vlan1: entered promiscuous mode [ 1252.624044][ T7642] vlan1: left promiscuous mode [ 1256.362708][ T7670] gre1: entered promiscuous mode [ 1260.535209][ T7699] netlink: 'syz.2.1340': attribute type 10 has an invalid length. [ 1260.536677][ T7699] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1340'. [ 1260.546243][ T7699] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check. [ 1270.172799][ T7799] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1275.078728][ T7833] syz_tun: entered promiscuous mode [ 1275.279299][ T7833] syz_tun: left promiscuous mode [ 1280.623343][ T7874] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1405'. [ 1281.272453][ T7884] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1409'. [ 1306.746212][ T7975] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1442'. [ 1319.920814][ T8015] ------------[ cut here ]------------ [ 1319.928715][ T8015] WARNING: CPU: 0 PID: 8015 at arch/arm64/include/asm/kvm_emulate.h:536 kvm_handle_mmio_return+0x1b4/0x1f4 [ 1319.931448][ T8015] Modules linked in: [ 1319.933566][ T8015] CPU: 0 UID: 0 PID: 8015 Comm: syz.4.1454 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0 [ 1319.935840][ T8015] Hardware name: linux,dummy-virt (DT) [ 1319.936845][ T8015] pstate: 61400009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 1319.938074][ T8015] pc : kvm_handle_mmio_return+0x1b4/0x1f4 [ 1319.938890][ T8015] lr : kvm_arch_vcpu_ioctl_run+0x1ac/0x854 [ 1319.939713][ T8015] sp : ffff800083d23ab0 [ 1319.940315][ T8015] x29: ffff800083d23ab0 x28: f5f000000a9bdb40 x27: 0000000000000000 [ 1319.941916][ T8015] x26: 0000000000000000 x25: f2f0000009411bd8 x24: f2f0000009411b90 [ 1319.943151][ T8015] x23: 0000000000000000 x22: 0000000000000000 x21: 0000000000000000 [ 1319.944425][ T8015] x20: f5f000000affe000 x19: f2f0000009411b90 x18: ffffffffffffffff [ 1319.945665][ T8015] x17: 0000000000000000 x16: 0000000000000000 x15: ffff800083d23aa0 [ 1319.946936][ T8015] x14: ffff800083d23d88 x13: ffff800083d23d4a x12: 6d766b3a65646f6e [ 1319.948233][ T8015] x11: 0000000000000000 x10: 0000000000000078 x9 : 0000000000000037 [ 1319.949574][ T8015] x8 : ffff800083d23d98 x7 : 0000000000000000 x6 : 0000000000005452 [ 1319.950788][ T8015] x5 : 0000000000000005 x4 : f5f000000630b440 x3 : f5f000000a9bdb40 [ 1319.952028][ T8015] x2 : 0000000000000000 x1 : 00000000939f0045 x0 : 0000000000000001 [ 1319.953423][ T8015] Call trace: [ 1319.954105][ T8015] kvm_handle_mmio_return+0x1b4/0x1f4 [ 1319.954913][ T8015] kvm_arch_vcpu_ioctl_run+0x1ac/0x854 [ 1319.955648][ T8015] kvm_vcpu_ioctl+0x294/0xa04 [ 1319.956342][ T8015] __arm64_sys_ioctl+0xac/0xf0 [ 1319.957238][ T8015] invoke_syscall+0x48/0x110 [ 1319.957918][ T8015] el0_svc_common.constprop.0+0x40/0xe0 [ 1319.958636][ T8015] do_el0_svc+0x1c/0x28 [ 1319.959270][ T8015] el0_svc+0x30/0xdc [ 1319.959897][ T8015] el0t_64_sync_handler+0x100/0x12c [ 1319.960595][ T8015] el0t_64_sync+0x19c/0x1a0 [ 1319.961502][ T8015] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1320.940868][ T4941] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1321.048209][ T4941] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1321.118522][ T4941] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1321.221913][ T4941] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1322.364602][ T4941] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1322.419294][ T4941] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1322.484471][ T4941] bond0 (unregistering): Released all slaves [ 1322.703718][ T4941] hsr_slave_0: left promiscuous mode [ 1322.773058][ T4941] hsr_slave_1: left promiscuous mode [ 1322.912049][ T4941] veth1_macvtap: left promiscuous mode [ 1322.912869][ T4941] veth0_macvtap: left promiscuous mode [ 1322.913799][ T4941] veth1_vlan: left promiscuous mode [ 1322.914667][ T4941] veth0_vlan: left promiscuous mode VM DIAGNOSIS: 17:26:31 Registers: info registers vcpu 0 CPU#0 PC=ffff800081a0ce10 X00=ffff80008298fe88 X01=ffff8000829a9a48 X02=0000000000000060 X03=0000000000000068 X04=ffff8000829a9aa8 X05=ffff80008298fee8 X06=552030203a555043 X07=49502030203a4449 X08=2035313038203a44 X09=7973203a6d6d6f43 X10=656c6c616b7a7973 X11=2d39373230302d72 X12=3837336632656467 X13=3023203737623266 X14=343534312e342e7a X15=69617420746f4e20 X16=312e36206465746e X17=2d3663722d302e32 X18=ffffffffffffffff X19=00000000ffffe56f X20=0000000000000060 X21=ffff8000829a9a48 X22=0000000000000000 X23=ffff800083d232f8 X24=ffff800083d23350 X25=0000000000000001 X26=000000000000056f X27=ffff80008274e548 X28=0000000000000001 X29=ffff800083d23230 X30=ffff800080125480 SP=ffff800083d23230 PSTATE=624003c9 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffffff00000007 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000000000000c000:0000000000000000 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:d503201fd503201f:d503201fd503201f Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:d503201fd503201f:d503201fd503201f Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:d503201fd503201f:d503201fd503201f Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:d503201fd503201f:d503201fd503201f Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffb06d6458:0000ffffb06d6450 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffb06d6468:0000ffffb06d6460 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000fffffc552340:0000fffffc552340 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000fffffc552310 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 info registers vcpu 1 CPU#1 PC=ffff800080174880 X00=0000000000000011 X01=fff000007f8daa88 X02=0000000000000000 X03=0000000000000000 X04=ffff800082723000 X05=0000000000000001 X06=0000000000000001 X07=ffff8000827228e8 X08=0000000000000001 X09=fb674075d0163931 X10=5274212b9f514e7d X11=00000133518a0560 X12=0000000000000001 X13=ffff800082720078 X14=00000000000003d3 X15=ffff800080144aac X16=ffff800080008000 X17=fff07ffffd1ef000 X18=0000000000000000 X19=fff000007f8ef900 X20=0000000000000001 X21=0000000000000000 X22=ffff800080174770 X23=ffff800082700900 X24=ffff800082723390 X25=0000000000000000 X26=0000000000000000 X27=0000000000000001 X28=0000000000000001 X29=ffff80008834bbd0 X30=ffff800080174af8 SP=ffff80008834bbd0 PSTATE=40400009 -Z-- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:2c2c2c2c2c2c2c2c:2c2c2c2c2c2c2c2c Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:706d6520676e6970:70696b5300657200 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00000000c000000c Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:3003300330033003:3003300330033003 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:f00ff00ff00ff00f:f00ff00ff00ff00f Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000000000000c00c:000000000000c00c Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000