last executing test programs: 5.719822136s ago: executing program 1 (id=885): bind$unix(0xffffffffffffffff, &(0x7f0000000000)=@file={0x1, './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) 5.718536881s ago: executing program 1 (id=886): openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) pipe2$9p(&(0x7f0000000a00)={0xffffffffffffffff}, 0x4000) fcntl$addseals(r0, 0x409, 0xa) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r1, 0xc25c4110, &(0x7f0000000100)={0xa2, [[0x1, 0x0, 0x4, 0x0, 0x0, 0x1], [0x20000003, 0x500, 0x4], [0x3, 0x0, 0x0, 0x0, 0x5, 0x93]], '\x00', [{0xfffffffe, 0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0xe}, {0x5, 0x10}, {}, {}, {}, {}, {0x0, 0xfffffffc}, {0x0, 0x1}, {0x1, 0x401}, {0x8}], '\x00', 0x6b4}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) ioprio_set$pid(0x2, 0x0, 0x4000) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$rxrpc(0x21, 0x2, 0x2) socket$inet6(0xa, 0x1, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f0000000000)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xa, 0x0, 0xffffffff}, 0x1c) close(r4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r5 = socket$netlink(0x10, 0x3, 0xa) r6 = dup(r5) r7 = open(&(0x7f0000000040)='./file1\x00', 0x1850c2, 0x14c) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000280)={'gretap0\x00', 0x0, 0x8000, 0x594c7d0c0341dd0b, 0x106, 0x1, {{0x11, 0x4, 0x3, 0x0, 0x44, 0x64, 0x0, 0x4, 0x2f, 0x0, @private=0xa010102, @local, {[@lsrr={0x83, 0xb, 0xdb, [@loopback, @broadcast]}, @ssrr={0x89, 0x23, 0xaa, [@broadcast, @private=0xa010101, @empty, @local, @empty, @loopback, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}}) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0x1, 0x9, 0x5d, 0x8, 0x1, 0x3876, '\x00', r8, r6, 0x0, 0x5, 0x5, 0xa}, 0x50) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181280, 0x0) ftruncate(r7, 0x200004) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007240)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x6, @mcast2, 0x7}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0}}, {}], 0x3, 0x1c000) r9 = syz_open_dev$video4linux(&(0x7f0000000040), 0x20000000003, 0x88000) ioctl$VIDIOC_G_EXT_CTRLS(r9, 0xc040564a, &(0x7f0000000340)={0x0, 0x1, 0x100f, 0xffffffffffffffff, 0x0, 0x0}) 4.844144569s ago: executing program 1 (id=890): socket$nl_xfrm(0x10, 0x3, 0x6) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0x10, 0x4, 0x4, 0x2}, 0x50) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={0xffffffffffffffff, 0x2000012, 0xd, 0x0, &(0x7f0000000280)="63ec33c9e9b986000000000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x4c) r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x2) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) setrlimit(0x3, &(0x7f0000000000)={0x3ff, 0x8001}) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2) recvmsg(0xffffffffffffffff, 0x0, 0x40000100) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') name_to_handle_at(r2, &(0x7f0000000240)='./mnt\x00', &(0x7f0000000200)=@FILEID_BTRFS_WITHOUT_PARENT={0x28, 0x4e, {0x0, 0x6e6, 0x4, 0xaf, 0x98, 0x7}}, &(0x7f00000002c0), 0x400) setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) landlock_restrict_self(0xffffffffffffffff, 0x0) fsmount(r0, 0x0, 0x89) mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x81c0, 0x0) execve(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0) read$FUSE(r3, &(0x7f0000000200)={0x2020}, 0x2020) mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='devtmpfs\x00', 0x2200892, 0x0) openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x8ad01, 0x0) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000002240)={0x400030, 0xfffe, 0x0, 'queue0\x00', 0x1}) 4.760417207s ago: executing program 1 (id=891): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f2110"], 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000500)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}]}, 0x54}}, 0x0) timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r3, 0x0, 0x11) syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f00000000c0)="ad") 4.388817743s ago: executing program 0 (id=894): bind$unix(0xffffffffffffffff, &(0x7f0000000000)=@file={0x1, './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) 4.388666599s ago: executing program 0 (id=895): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x3, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r6) socket$unix(0x1, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'netdevsim0\x00', @local}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb00"/38, 0x26}, {&(0x7f00000004c0)="f058fe7dad777f8f", 0x300}], 0x2}, 0x5) 4.28012319s ago: executing program 2 (id=896): socket$nl_netfilter(0x10, 0x3, 0xc) mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_usb_ep_read(0xffffffffffffffff, 0xf, 0x0, 0x0) syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0) r1 = openat$nmem0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCXONC(r1, 0x540a, 0x0) r2 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {0xffe0}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_RTT={0x8, 0x7, 0x80000000}, @TCA_CAKE_TARGET={0x8, 0x8, 0x3}]}}]}, 0x44}}, 0x0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r4 = syz_clone(0x2400, 0x0, 0x21, 0x0, 0x0, 0x0) r5 = syz_pidfd_open(r4, 0x0) process_mrelease(r5, 0x700000000000000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket$unix(0x1, 0x1, 0x0) socket$kcm(0x11, 0x3, 0x0) r7 = socket(0x400000000010, 0x3, 0x0) r8 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r9, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) 4.27976384s ago: executing program 0 (id=897): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x3, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r6) socket$unix(0x1, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x6000, r7, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb00"/38, 0x26}, {&(0x7f00000004c0)="f058fe7dad777f8f", 0x300}], 0x2}, 0x5) 4.21732024s ago: executing program 0 (id=898): socket$nl_generic(0x10, 0x3, 0x10) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) write$UHID_INPUT(r0, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153bdf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x40000000, 0x0, 0x0, 0x0, 0x0, 0x80000100], 0x0, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x4, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x9, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000010000085000000500000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x404c810) r4 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_misc(r5, &(0x7f0000000000)='+\f', 0x2) write$binfmt_misc(r5, &(0x7f0000000040), 0xe09) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4) ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000400)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) 3.960312742s ago: executing program 3 (id=899): socket$nl_xfrm(0x10, 0x3, 0x6) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0x10, 0x4, 0x4, 0x2}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000023c0)={0x6, 0xd, &(0x7f0000002300)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x11}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x275a, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x2) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) recvmsg(0xffffffffffffffff, 0x0, 0x40000100) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4) setsockopt$sock_int(r1, 0x1, 0xf, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) landlock_restrict_self(0xffffffffffffffff, 0x0) execve(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0) read$FUSE(r3, &(0x7f0000000200)={0x2020}, 0x2020) mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='devtmpfs\x00', 0x2200892, 0x0) openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x8ad01, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000002240)={0x400030, 0xfffe, 0x0, 'queue0\x00', 0x1}) 3.110405854s ago: executing program 0 (id=900): socket$nl_generic(0x10, 0x3, 0x10) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) write$UHID_INPUT(r0, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153bdf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x40000000, 0x0, 0x0, 0x0, 0x0, 0x80000100], 0x0, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x4, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x9, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000010000085000000500000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x404c810) r4 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_misc(r5, &(0x7f0000000000)='+\f', 0x2) write$binfmt_misc(r5, &(0x7f0000000040), 0xe09) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4) ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000400)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) 3.041160862s ago: executing program 3 (id=901): openat$sndseq(0xffffff9c, &(0x7f0000000100), 0x100) (async) r0 = openat$sndseq(0xffffff9c, &(0x7f0000000100), 0x100) r1 = socket$nl_generic(0x10, 0x3, 0x10) mq_getsetattr(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001b40)=ANY=[@ANYBLOB="681000002c00070100000000ffdbdf25027c000009000180bf35517eed0000000c100280081001"], 0x1068}, 0x1, 0x0, 0x0, 0xc000}, 0xc010) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88) r3 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x1) (async) fcntl$setlease(r3, 0x400, 0x1) fcntl$setlease(r2, 0x400, 0x0) (async) fcntl$setlease(r2, 0x400, 0x0) fcntl$setlease(r3, 0x400, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f0000000380)={0x80000000, 0x0, 'client0\x00', 0x7, "495218d51d8370ee", "27315db9f34dac3d618a687a54bb5de9e391f2f5f18f126cbd0600fc93d96590", 0x0, 0xb}) 3.025079889s ago: executing program 2 (id=902): r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000004940)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8, 0xe}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xc, 0x4}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000010}, 0x20004000) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r6) socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vcan0\x00'}) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @hyper}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1f, &(0x7f0000000000)=[0xffffffffffffffff], 0x1) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56) socket$l2tp(0x2, 0x2, 0x73) sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r8, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accb", 0x26}], 0x1}, 0x4) 3.019549278s ago: executing program 3 (id=903): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa402, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000009, 0x38011, r0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe) syz_io_uring_setup(0x3f00, &(0x7f0000000040)={0x0, 0x9a2a, 0x0, 0x3, 0x115}, &(0x7f00000000c0)=0x0, &(0x7f0000000100)) r2 = userfaultfd(0x80801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f00000002c0)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1}) r3 = dup(r2) ioctl$BLKCRYPTOIMPORTKEY(r3, 0xc0401289, &(0x7f0000000240)={&(0x7f00000001c0)="6558fc0fc100c2a970eb4a308d121190c06687696b7e8aa8d96f3cd72817f9f12e", 0x21, &(0x7f0000000200)=""/48, 0x30}) syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff}, &(0x7f00000003c0)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r3, 0x0, 0x0, 0x0, 0x80000}) r6 = syz_io_uring_setup(0x132a, &(0x7f0000000540)={0x0, 0xd7f4, 0x40, 0x1, 0x3df}, &(0x7f0000000080), &(0x7f00000000c0)) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0x12, 0x0, r7) syz_io_uring_submit(r1, r5, &(0x7f0000000180)=@IORING_OP_UNLINKAT={0x24, 0x83, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x200, 0x1, {0x0, r7}}) openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/fs/binfmt_misc/syz2\x00', 0x2, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) 2.878154553s ago: executing program 3 (id=904): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x200400c4) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x0, 0xe}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x4, 0x9}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000) r7 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r8 = openat$vcsa(0xffffff9c, &(0x7f0000000140), 0x101000, 0x0) r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280), r4) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r8, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40080}, 0xc, &(0x7f00000002c0)={&(0x7f00000007c0)={0xd0, r9, 0x200, 0xf, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0xd0}}, 0x40051) close(r7) socket$unix(0x1, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r10 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r10, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r10, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0xc, r6, 0x17}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)="27030200590214309dc2000600002fb96dbcf706e10500000086ddffff1144ee163cd4", 0x23}, {&(0x7f0000000400)="43ef6e04729e925804000000000000003193c2e0c0dbd1c8bb5cbde8bfeff81411c60900000000c25cb490991f716aa4d752edc5f07e5d7cf1639bd6c91f21d0bd2de30122000000000000", 0x4b}], 0x2000022c}, 0x44055) 2.770215779s ago: executing program 1 (id=905): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0xa0380, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000a80)={'syzkaller0\x00', @broadcast}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000040)=0x7) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0xfffffffc, 0xff, 0x80000000}, 0x1c) r5 = socket$netlink(0x10, 0x3, 0x4) write(r5, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27) r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0) syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) r8 = socket(0x400000000010, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x840) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000000000000000080c00078008000640200000000500010006000000050005000a00000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x20040000) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084) r11 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814) ioctl$sock_SIOCETHTOOL(r8, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_wolinfo={0x5, 0x1, 0xdf4, "d3e2ae09a105"}}) read(r7, 0x0, 0xff40) write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x1000000000000, 0x0}}, 0xfdbc) 2.590237405s ago: executing program 2 (id=906): r0 = socket$nl_route(0x10, 0x3, 0x0) (async) socket$nl_route(0x10, 0x3, 0x0) (async) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000bc0)=@mangle={'mangle\x00', 0x64, 0x6, 0x4e0, 0x278, 0x278, 0x278, 0x190, 0xc8, 0x418, 0x418, 0x418, 0x418, 0x418, 0x6, 0x0, {[{{@ipv6={@remote, @mcast2, [], [], 'veth1\x00', 'veth1_vlan\x00', {}, {0xff}, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xa4, 0xc8, 0x0, {0x0, 0x3a010000}}, @HL={0x24}}, {{@ipv6={@private1, @loopback, [], [], 'tunl0\x00', 'bridge_slave_1\x00', {}, {}, 0x1d}, 0x0, 0xa4, 0xc8}, @common=@unspec=@NFQUEUE0={0x24, 'NFQUEUE\x00', 0x0, {0x2}}}, {{@ipv6={@private0, @remote, [0x0, 0xff], [], 'veth0_to_team\x00', 'tunl0\x00', {}, {}, 0x11, 0x1, 0x3, 0x44}, 0x0, 0xa4, 0xe8}, @DNPT={0x44, 'DNPT\x00', 0x0, {@ipv4=@local, @ipv4=@broadcast, 0x3f, 0x26, 0xffff}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @common=@inet=@SYNPROXY={0x24}}, {{@ipv6={@loopback, @private2, [], [], 'syzkaller1\x00', 'veth0_to_batadv\x00'}, 0x0, 0xa4, 0xd8}, @common=@inet=@SET3={0x34, 'SET\x00', 0x3, {{0x0, 0x1, 0x4}, {0x1, 0x5, 0x4}, {0xffffffffffffffff, 0x5, 0x2}, 0x6, 0x100}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x53c) (async) r2 = socket$packet(0x11, 0x3, 0x300) (async) r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000180)={0x53, 0x0, 0x6, 0xa, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000280)="120183008000", 0x0, 0x0, 0x4, 0x0, 0x0}) setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth0_virt_wifi\x00'}) (async) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x70bd2a, 0x0, {0x0, 0x0, 0x74, 0x0, {0xfff1}, {0x2}, {0x0, 0x6}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) (async) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8041}, 0x4010) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', 0x0}) (async) r8 = socket$netlink(0x10, 0x3, 0x0) (async) r9 = syz_io_uring_complete(0x0) (async) r10 = socket$kcm(0x10, 0x5, 0x0) r11 = socket$nl_route(0x10, 0x3, 0x0) (async) r12 = socket$inet_udplite(0x2, 0x2, 0x88) socket(0x10, 0x5, 0xd) (async) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000000)={'bond0\x00', 0x0}) sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=ANY=[@ANYBLOB="3c00000010003b15000800"/20, @ANYRES32=0x0, @ANYBLOB="340e000000b401001400128009000100626f6e64000000000400028008000a00", @ANYRES32=r13], 0x3c}}, 0x0) (async) sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421803001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r9, 0x84, 0x8, &(0x7f0000000040)=0x9, 0x4) (async) sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="700000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r7, @ANYBLOB], 0x70}}, 0x0) (async) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000500)={r9, 0x20, &(0x7f0000000380)={&(0x7f0000000400)=""/194, 0xc2, 0x0, &(0x7f0000000300)=""/101, 0x65}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1d, 0x10, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000010100000047730000f5ffffff00ebffffb273cc4134f8ffffbc66eebb261b78391b328440f0435734cf16fe080000366cb0505a9b0309c828b80435110309bdc4033d27e83e8c42995c0f4159a75e8f3de181f011275402a81797d176f3a6bf6f26c23a76db6c5c2d1a0831e25dda0274a445c87babe71fd4c5f623eb45dbdbf06eed51e25f63c62b0af07a4558d957952b7a9f82390000", @ANYRES32=r9, @ANYBLOB="000000000000000018560000060000000000000000000000450100001000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0xffffff01, 0x52, &(0x7f0000000200)=""/82, 0x41100, 0x8, '\x00', r7, @lsm=0x1b, r9, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x2, 0xc, 0x0, 0x22}, 0x10, r14, 0xffffffffffffffff, 0x6, &(0x7f0000000540)=[r9, r9, r9, r6], &(0x7f0000000580)=[{0x5, 0x4, 0xa, 0xb}, {0x4, 0x4, 0x9, 0x6}, {0x3, 0x2, 0xc, 0x9}, {0x3, 0x3, 0x6}, {0x0, 0x2, 0xf, 0xa}, {0x3, 0x4, 0x0, 0x1}], 0x10, 0x1}, 0x94) (async) sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000001c0)=@getchain={0x34, 0x11, 0x839, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {0x7}, {0x3}}, [{0x8, 0xb, 0xb60}, {0x8, 0xb, 0x2}]}, 0x34}}, 0x0) 2.518648453s ago: executing program 3 (id=907): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r0 = syz_open_dev$loop(&(0x7f00000004c0), 0x8, 0x200000) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000900)={0x0, 0x0, 0x2, 0x4, 0x0, 0x2}, 0x14) ioctl$BLKFLSBUF(r0, 0x1261, &(0x7f0000000500)=0x9) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r2) ptrace$cont(0x18, r2, 0x7, 0x10000002) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = shmget$private(0x0, 0x3000, 0x80, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_STAT_ANY(r4, 0xf, &(0x7f0000000180)=""/61) write$P9_RGETLOCK(r3, &(0x7f0000000640)=ANY=[], 0x200002e6) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "1a2fb0", 0x1}}}, 0xd) 2.324936478s ago: executing program 2 (id=908): socket$nl_generic(0x10, 0x3, 0x10) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) write$UHID_INPUT(r0, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153bdf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x40000000, 0x0, 0x0, 0x0, 0x0, 0x80000100], 0x0, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x4, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x9, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000010000085000000500000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x404c810) r4 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_misc(r5, &(0x7f0000000000)='+\f', 0x2) write$binfmt_misc(r5, &(0x7f0000000040), 0xe09) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4) ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000400)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) 2.105030103s ago: executing program 0 (id=909): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x110) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x8) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8000) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) openat$binderfs_ctrl(0xffffff9c, &(0x7f0000000300)='./binderfs/binder-control\x00', 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080) socket(0x1a, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r1 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b) socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)) write$FUSE_CREATE_OPEN(r1, &(0x7f0000000500)={0xa0, 0x0, 0x0, {{0x3, 0x3, 0xfffffffffffffffb, 0x432c, 0x3, 0x1, {0xffffffffffffffff, 0x6, 0x20ff, 0x7ff, 0xf7c, 0x800000000000d615, 0x3fa, 0x7fffffff, 0x9, 0x1000, 0x8, 0x0, 0x0, 0x3ff}}, {0x0, 0xa}}}, 0xa0) ptrace$ARCH_SHSTK_LOCK(0x1e, 0x0, 0x2, 0x5003) r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r2, &(0x7f0000000180)={0x1a, 0x0, 0x1, 0x2c, 0x2, 0x0, @local}, 0x10) recvmmsg(r2, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0}, 0x4}], 0x40000000000018c, 0x2, 0x0) sendmmsg(r2, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) sendfile(r1, r1, &(0x7f0000000080), 0x7f04) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) socket$kcm(0x10, 0x2, 0x0) 1.5902357s ago: executing program 3 (id=910): r0 = syz_open_procfs(0x0, &(0x7f0000002040)='net/tcp\x00') r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000900)=ANY=[@ANYBLOB="15a31ae9b77a306d5d3418def83421daef8bc61f50c603b6e2072bf9aa93746fe11ce6cc33ca4fe0f3cbfd228dd5a2951f1218dacfd2cc0e36966c9fde554cdc4ca8602ee26302ae43760573b94c", @ANYRESDEC=0x0, @ANYBLOB="2489f2ff4c07e09fa28aaf455d08a155c648b11556baff00fadda8159f18b6e4e7a72114573fc922b29302bbb534ce2e14f88c00fbf1c8d7068da0bbaa4d2073fcedfab24736f8aa1b52caa9dc7e8fc210c8c61aef60dc0b6c9bde9285aab16d91f8e551fe8636dcfa2dfdeb1a19c297dc1c9e4f1a2ba4c0607082da9e4dda7c6e70034c12891fe5163a6b9cfa6f62f012b28115f42049ddbd38b7597b28f3", @ANYRES64, @ANYRES64, @ANYRESHEX, @ANYRES16], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000280)) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0x10, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b707000014000000b7030000000000008500000005000000bf09000000000000350901000000000095000000000000008520000004000000bf9100000000000056070076000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee7, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x2, r6}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x200ce8c4) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0) syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="58000000020601080000000000000000000000040900020073797a3100000000050004000000000011000300686173683a6e65742c6e6574000000000c000780080012400000000205000500020000000500010006"], 0x58}}, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) r9 = openat$btrfs_control(0xffffff9c, &(0x7f0000000300), 0x461801, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r9, 0x6, 0x14, &(0x7f00000003c0)=0x2, 0x4) sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="500000000906010200000000000000e1020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0c00148008000140ac1414bb0c0002800800014064"], 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYRES16, @ANYBLOB="925368da551da92db50e2667f51a73368b0a780c9f682cf7d77c37af49f5d23f8957e47871c7782348035453f2d7a6054a8feaf23b", @ANYRES8, @ANYBLOB="f7b23a56f5ed4ced3b3267f6d8a671c76150cbe63ebb805f15c6bbbaf0a775a5ca4faa9faa67fedf398edef74b412ce99931562e35a57bcdc4c33ff5e55fbc06024562d9e28b55060904a6ac4a9356f3a71c8fe99dc08b0aa248cc77a980bf70caddd8fed63b846183a9b64d5fcdcd3d991a92c3ac86315d0655f71398d2415cb7a992ed83968d71479800f2a1f743a73cc7ea9c06bc22b11b8a50d4c1b6e642dfa5227eb451e159076b22c09cb2eff7a94e9570dd46eb5d14c6fdd4c0c8e6ab3beda09e72cc301a548df76a25a4239c687c5ad137999143086d0a272afc59bb1882f7230f3971313428b138b254c19dcc", @ANYBLOB="b9009a6e1df19ab7dc4eededb7c21f89fb6341b3b9d45c4d1731a9d52ae2047ebd1cae4aa0b687cf78ba44bec69993c662e911d5443b8eabdc797d49229d2fa88d1927f0180f3d578c2b5aecb854a6c5064fcc83be21f73875d551fedaffc412b40ca276ada84010732045d04970010da2537e3c00fb4326b86f2d3c565b4661d9265312ddb202df471353c85b1901532f4e8d066ae7992f050ac680b7167e50b56691daecd9601e169d51c8c214e97651f08ab41ea27041d86c52c0771c54683cffecd92351ee0caf31d6e8b94edd98b4b93316a4e6d790afb6fbd882079cb2", @ANYRESOCT=r7], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x0) read$FUSE(r0, &(0x7f0000004340)={0x2020}, 0x2020) 1.340003434s ago: executing program 2 (id=911): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4) (async) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000280)={{0x0, 0x4, 0x0, 0x9}, 'syz1\x00', 0x3f}) (async) ioctl$UI_SET_FFBIT(r1, 0x4004556b, 0x51) (async) ioctl$UI_DEV_CREATE(r1, 0x5501) (async) recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) (async) r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = syz_pidfd_open(r2, 0x0) wait4(r2, 0x0, 0x8, 0x0) (async) ioctl$FS_IOC_GETVERSION(r3, 0xff0a, &(0x7f0000000180)) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@enum={0xd, 0x0, 0x0, 0x4}, @func={0x8, 0x0, 0x0, 0xc, 0x3}, @struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x1000080}]}}, 0x0, 0x3e, 0x0, 0x0, 0x6}, 0x28) 956.541375ms ago: executing program 2 (id=912): syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) r3 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io$printer(r3, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$HIDIOCGUSAGE(r4, 0x40045b0a, &(0x7f0000000000)={0x1, 0xfffffffe, 0x7, 0x0, 0x110001}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x4001, 0xa5d9, 0x3ff}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_int(r6, 0x29, 0xce, 0x0, &(0x7f00000007c0)=0xffffff78) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) bpf$MAP_CREATE(0xc00000000000018, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYBLOB="1e000000000000000000", @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="00000000110000000200"/28], 0x50) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newlink={0x50, 0x10, 0x401, 0x2000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x13101}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x0) r9 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x20, 0xf, &(0x7f00000004c0)=ANY=[@ANYRES64=r8, @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000001000000", @ANYRES32=r1, @ANYRESHEX, @ANYBLOB="f217c348775694474dbec873eb903462a2a03a1116facf02019b42125d4074e1357b9d4bbfbc9f7d3aca9c1602d0336d18481bd5bec23682e074ff7cb0d1f6d1d758d5e226eb6fa67c608efac1f1fc366403d40c52a2e25358711a1a46401a890ea636c335d37666560dcb2f3bd631eed92efa86c16f423f2908c2196280df880ac88ada71bf9b9c55d1d654fb5fba12eb62bad7267fe88deb3e74aa6248907185167f6450f30952", @ANYRES8=r0], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000000), &(0x7f0000000140)=r10}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) r11 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0) ioctl$VIDIOC_S_SELECTION(r11, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x6}}) 0s ago: executing program 1 (id=913): socket$kcm(0x29, 0x2, 0x0) r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=0x0, &(0x7f0000000000)=0x0) r3 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000200)) syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) close_range(r4, 0xffffffffffffffff, 0x0) socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x34, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x0, 0x0, 0x0, 0x2080004, 0x0, 0x0, 0x41000, 0x39, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0x8, 0x6, 0xf}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r5], 0x4c}}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22}) io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0) kernel console output (not intermixed with test programs): : wmediumd released netlink socket, switching to perfect channel medium [ 96.588749][ T5985] usb 6-1: USB disconnect, device number 3 [ 96.660721][ T6629] FAULT_INJECTION: forcing a failure. [ 96.660721][ T6629] name failslab, interval 1, probability 0, space 0, times 0 [ 96.667859][ T6629] CPU: 3 UID: 0 PID: 6629 Comm: syz.2.162 Tainted: G L syzkaller #0 PREEMPT(full) [ 96.667890][ T6629] Tainted: [L]=SOFTLOCKUP [ 96.667896][ T6629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 96.667906][ T6629] Call Trace: [ 96.667912][ T6629] [ 96.667919][ T6629] dump_stack_lvl+0x100/0x190 [ 96.667947][ T6629] should_fail_ex.cold+0x5/0xa [ 96.667976][ T6629] should_failslab+0xc2/0x120 [ 96.668001][ T6629] kmem_cache_alloc_noprof+0x83/0x780 [ 96.668024][ T6629] ? __might_fault+0xc5/0x140 [ 96.668043][ T6629] ? getname_flags.part.0+0x4c/0x540 [ 96.668074][ T6629] ? getname_flags.part.0+0x4c/0x540 [ 96.668098][ T6629] getname_flags.part.0+0x4c/0x540 [ 96.668127][ T6629] getname_flags+0x93/0xf0 [ 96.668146][ T6629] path_removexattrat+0x3a6/0x5e0 [ 96.668263][ T6629] ? __pfx_path_removexattrat+0x10/0x10 [ 96.668301][ T6629] ? fput+0x79/0x100 [ 96.668325][ T6629] ? ksys_write+0x1ac/0x250 [ 96.668344][ T6629] ? __pfx_ksys_write+0x10/0x10 [ 96.668367][ T6629] __ia32_sys_removexattr+0x59/0x80 [ 96.668392][ T6629] __do_fast_syscall_32+0xde/0x660 [ 96.668420][ T6629] do_fast_syscall_32+0x32/0x70 [ 96.668447][ T6629] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.668469][ T6629] RIP: 0023:0xf73cd579 [ 96.668484][ T6629] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 96.668500][ T6629] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 00000000000000eb [ 96.668519][ T6629] RAX: ffffffffffffffda RBX: 0000000080000200 RCX: 0000000080000240 [ 96.668530][ T6629] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 96.668540][ T6629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 96.668551][ T6629] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 96.668562][ T6629] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 96.668584][ T6629] [ 96.947594][ T6627] loop2: detected capacity change from 0 to 7 [ 96.950727][ T6627] Dev loop2: unable to read RDB block 7 [ 96.953129][ T6627] loop2: unable to read partition table [ 96.955055][ T6627] loop2: partition table beyond EOD, truncated [ 96.957780][ T6627] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 97.865748][ T5959] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 97.868305][ T65] Bluetooth: hci2: command 0x0419 tx timeout [ 98.523011][ T1465] libceph: connect (1)[c::]:6789 error -101 [ 98.526032][ T1465] libceph: mon0 (1)[c::]:6789 connect error [ 98.564768][ T6672] Unsupported ieee802154 address type: 0 [ 98.696674][ T6679] 9pnet_fd: Insufficient options for proto=fd [ 98.715360][ T6679] netlink: 48 bytes leftover after parsing attributes in process `syz.0.175'. [ 98.811491][ T1465] libceph: connect (1)[c::]:6789 error -101 [ 98.814799][ T1465] libceph: mon0 (1)[c::]:6789 connect error [ 99.330386][ T1465] libceph: connect (1)[c::]:6789 error -101 [ 99.339362][ T6669] ceph: No mds server is up or the cluster is laggy [ 99.360569][ T1465] libceph: mon0 (1)[c::]:6789 connect error [ 99.747673][ T6262] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 99.756407][ T6697] tmpfs: Bad value for 'huge' [ 99.903218][ T6262] usb 6-1: config 64 has an invalid interface number: 146 but max is 0 [ 99.903243][ T6262] usb 6-1: config 64 has no interface number 0 [ 99.903267][ T6262] usb 6-1: config 64 interface 146 has no altsetting 0 [ 99.905270][ T6262] usb 6-1: New USB device found, idVendor=05d1, idProduct=7001, bcdDevice=53.43 [ 99.917003][ T6262] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.920411][ T6262] usb 6-1: Product: syz [ 99.922177][ T6262] usb 6-1: Manufacturer: syz [ 99.924130][ T6262] usb 6-1: SerialNumber: syz [ 100.077253][ T6700] loop2: detected capacity change from 0 to 7 [ 100.090612][ T6700] Dev loop2: unable to read RDB block 7 [ 100.093268][ T6700] loop2: unable to read partition table [ 100.096606][ T6700] loop2: partition table beyond EOD, truncated [ 100.099599][ T6700] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 100.224155][ T6262] ftdi_sio 6-1:64.146: FTDI USB Serial Device converter detected [ 100.240633][ T6262] ftdi_sio ttyUSB0: unknown device type: 0x5343 [ 100.256837][ T6262] usb 6-1: USB disconnect, device number 4 [ 100.264107][ T6262] ftdi_sio 6-1:64.146: device disconnected [ 100.679644][ T40] audit: type=1800 audit(1769440224.890:2): pid=6705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.182" name="/" dev="fuse" ino=9 res=0 errno=0 [ 100.733161][ T6716] sch_tbf: burst 19360 is lower than device lo mtu (65550) ! [ 100.942917][ T6728] fuse: Bad value for 'fd' [ 100.971384][ T6728] mkiss: ax0: crc mode is auto. [ 101.943006][ T6732] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 101.945366][ T6732] overlayfs: failed to set xattr on upper [ 101.955816][ T6732] overlayfs: ...falling back to redirect_dir=nofollow. [ 101.958299][ T6732] overlayfs: ...falling back to index=off. [ 101.961273][ T6732] overlayfs: ...falling back to uuid=null. [ 102.134525][ T6744] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 102.343775][ T6732] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9) [ 102.346656][ T6732] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 102.355815][ T6732] vhci_hcd vhci_hcd.0: Device attached [ 102.628725][ T830] usb 42-1: SetAddress Request (2) to port 0 [ 102.630714][ T830] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd [ 102.660178][ T6749] loop2: detected capacity change from 0 to 7 [ 102.665567][ T6749] Dev loop2: unable to read RDB block 7 [ 102.668054][ T6749] loop2: unable to read partition table [ 102.670609][ T6749] loop2: partition table beyond EOD, truncated [ 102.672574][ T6749] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 102.795903][ T6745] vhci_hcd: connection reset by peer [ 102.798146][ T13] vhci_hcd vhci_hcd.2: stop threads [ 102.800941][ T13] vhci_hcd vhci_hcd.2: release socket [ 102.802827][ T13] vhci_hcd vhci_hcd.2: disconnect device [ 103.125012][ T40] audit: type=1326 audit(1769440227.330:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 103.152089][ T40] audit: type=1326 audit(1769440227.340:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 103.175878][ T40] audit: type=1326 audit(1769440227.340:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 103.185804][ T40] audit: type=1326 audit(1769440227.340:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 103.192585][ T40] audit: type=1326 audit(1769440227.340:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 103.199518][ T40] audit: type=1326 audit(1769440227.340:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 103.206283][ T40] audit: type=1326 audit(1769440227.340:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 103.212949][ T40] audit: type=1326 audit(1769440227.340:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 103.219797][ T40] audit: type=1326 audit(1769440227.340:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 104.217634][ T6772] netlink: 72 bytes leftover after parsing attributes in process `syz.2.197'. [ 104.230698][ T6774] netlink: 4 bytes leftover after parsing attributes in process `syz.1.199'. [ 104.353856][ T5992] IPVS: starting estimator thread 0... [ 104.446464][ T6779] IPVS: using max 25 ests per chain, 60000 per kthread [ 104.541454][ T6785] capability: warning: `syz.3.201' uses 32-bit capabilities (legacy support in use) [ 105.686276][ T40] kauditd_printk_skb: 3040 callbacks suppressed [ 105.686446][ T40] audit: type=1326 audit(1769440229.900:3052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 105.699847][ T40] audit: type=1326 audit(1769440229.900:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 105.710409][ T40] audit: type=1326 audit(1769440229.900:3054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 105.719437][ T40] audit: type=1326 audit(1769440229.900:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 105.729195][ T40] audit: type=1326 audit(1769440229.900:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 105.739688][ T40] audit: type=1326 audit(1769440229.900:3057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 105.748916][ T40] audit: type=1326 audit(1769440229.900:3058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 105.761916][ T40] audit: type=1326 audit(1769440229.900:3059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 105.776488][ T40] audit: type=1326 audit(1769440229.900:3060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 105.785417][ T40] audit: type=1326 audit(1769440229.900:3061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.0.193" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000 [ 105.863900][ T6797] netlink: 68 bytes leftover after parsing attributes in process `syz.3.206'. [ 106.305424][ T6801] netlink: 4 bytes leftover after parsing attributes in process `syz.0.208'. [ 106.435465][ T6807] FAULT_INJECTION: forcing a failure. [ 106.435465][ T6807] name failslab, interval 1, probability 0, space 0, times 0 [ 106.446137][ T6807] CPU: 0 UID: 0 PID: 6807 Comm: syz.0.211 Tainted: G L syzkaller #0 PREEMPT(full) [ 106.446168][ T6807] Tainted: [L]=SOFTLOCKUP [ 106.446174][ T6807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 106.446183][ T6807] Call Trace: [ 106.446188][ T6807] [ 106.446195][ T6807] dump_stack_lvl+0x100/0x190 [ 106.446212][ T6807] should_fail_ex.cold+0x5/0xa [ 106.446230][ T6807] should_failslab+0xc2/0x120 [ 106.446246][ T6807] __kmalloc_cache_noprof+0x80/0x810 [ 106.446258][ T6807] ? xskq_create+0x52/0x1d0 [ 106.446271][ T6807] ? xskq_create+0x52/0x1d0 [ 106.446280][ T6807] xskq_create+0x52/0x1d0 [ 106.446291][ T6807] xsk_setsockopt+0x55f/0xa90 [ 106.446309][ T6807] ? __pfx_xsk_setsockopt+0x10/0x10 [ 106.446326][ T6807] ? find_held_lock+0x2b/0x80 [ 106.446338][ T6807] ? aa_sock_opt_perm+0xfe/0x1b0 [ 106.446352][ T6807] ? __pfx_xsk_setsockopt+0x10/0x10 [ 106.446371][ T6807] do_sock_setsockopt+0xf3/0x1d0 [ 106.446384][ T6807] __sys_setsockopt+0x119/0x190 [ 106.446403][ T6807] __ia32_sys_setsockopt+0xbc/0x160 [ 106.446418][ T6807] ? __do_fast_syscall_32+0x97/0x660 [ 106.446432][ T6807] ? lockdep_hardirqs_on+0x78/0x100 [ 106.446444][ T6807] __do_fast_syscall_32+0xde/0x660 [ 106.446459][ T6807] do_fast_syscall_32+0x32/0x70 [ 106.446473][ T6807] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 106.446487][ T6807] RIP: 0023:0xf741d579 [ 106.446496][ T6807] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 106.446506][ T6807] RSP: 002b:00000000f544650c EFLAGS: 00000292 ORIG_RAX: 000000000000016e [ 106.446517][ T6807] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000011b [ 106.446524][ T6807] RDX: 0000000000000003 RSI: 0000000080000380 RDI: 0000000000000004 [ 106.446530][ T6807] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 106.446535][ T6807] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 106.446541][ T6807] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 106.446555][ T6807] [ 106.752437][ T6818] vlan2: entered promiscuous mode [ 106.754466][ T6818] bridge0: entered promiscuous mode [ 106.837147][ T6819] /dev/sr0: Can't open blockdev [ 107.145939][ T843] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 107.305868][ T843] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 107.309120][ T843] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 107.312798][ T843] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 107.317499][ T843] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 107.321082][ T843] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 107.329461][ T843] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 107.332528][ T843] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 107.335409][ T843] usb 5-1: Product: syz [ 107.336992][ T843] usb 5-1: Manufacturer: syz [ 107.356456][ T843] cdc_wdm 5-1:1.0: skipping garbage [ 107.358540][ T843] cdc_wdm 5-1:1.0: skipping garbage [ 107.365725][ T843] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 107.369532][ T843] cdc_wdm 5-1:1.0: Unknown control protocol [ 107.554528][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 107.556767][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 107.559208][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 107.561290][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 107.563437][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 107.565521][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 107.567934][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 107.570096][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 107.571540][ T6828] netlink: 4076 bytes leftover after parsing attributes in process `syz.2.218'. [ 107.572296][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 107.575045][ T6828] netlink: 1032 bytes leftover after parsing attributes in process `syz.2.218'. [ 107.576967][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 107.577403][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 107.581654][ T6828] netlink: 4 bytes leftover after parsing attributes in process `syz.2.218'. [ 107.582113][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 107.589919][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 107.592185][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 107.594594][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 107.596660][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 107.599138][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 107.601184][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 107.603695][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 107.606363][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 107.626387][ T5992] usb 5-1: USB disconnect, device number 4 [ 107.629025][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 107.696386][ T830] usb 42-1: device descriptor read/8, error -110 [ 107.774079][ T6839] bond1: Removing last ns target with arp_interval on [ 107.799038][ T6839] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 107.801177][ T6839] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 107.815878][ T6839] vhci_hcd vhci_hcd.0: Device attached [ 108.096724][ T830] usb usb42-port1: attempt power cycle [ 108.576016][ T6852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 108.604089][ T6841] vhci_hcd: connection closed [ 108.604443][ T1147] vhci_hcd vhci_hcd.3: stop threads [ 108.608790][ T1147] vhci_hcd vhci_hcd.3: release socket [ 108.612715][ T6852] netlink: 60 bytes leftover after parsing attributes in process `syz.0.224'. [ 108.615966][ T1147] vhci_hcd vhci_hcd.3: disconnect device [ 108.619477][ T6851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 108.657644][ T830] usb usb42-port1: unable to enumerate USB device [ 108.902561][ T843] vhci_hcd vhci_hcd.3: vhci_device speed not set [ 109.092541][ T6858] netlink: 24 bytes leftover after parsing attributes in process `syz.2.226'. [ 109.100932][ T6858] xt_hashlimit: overflow, try lower: 60585/0 [ 109.104561][ T6858] IPVS: Unknown mcast interface: pim6reg [ 109.403796][ T6867] netlink: 8 bytes leftover after parsing attributes in process `syz.0.229'. [ 109.455063][ T6871] netlink: 4 bytes leftover after parsing attributes in process `syz.0.231'. [ 109.534615][ T6878] syzkaller0: entered promiscuous mode [ 109.538754][ T6878] syzkaller0: entered allmulticast mode [ 109.582993][ T6880] loop2: detected capacity change from 0 to 7 [ 109.586164][ T6880] Dev loop2: unable to read RDB block 7 [ 109.588703][ T6880] loop2: unable to read partition table [ 109.591303][ T6880] loop2: partition table beyond EOD, truncated [ 109.595228][ T6880] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 109.750988][ T6887] NILFS (nbd1): device size too small [ 109.792119][ T6887] atomic_op ffff88804c98a998 conn xmit_atomic 0000000000000000 [ 109.858137][ T6890] bond1: Removing last arp target with arp_interval on [ 110.577803][ T6900] netlink: 4 bytes leftover after parsing attributes in process `syz.3.242'. [ 110.655801][ T65] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 110.655840][ T5959] Bluetooth: hci2: command 0x0419 tx timeout [ 111.177407][ T5959] Bluetooth: hci1: command tx timeout [ 111.818917][ T6921] FAULT_INJECTION: forcing a failure. [ 111.818917][ T6921] name failslab, interval 1, probability 0, space 0, times 0 [ 111.824174][ T6921] CPU: 0 UID: 0 PID: 6921 Comm: syz.0.248 Tainted: G L syzkaller #0 PREEMPT(full) [ 111.824200][ T6921] Tainted: [L]=SOFTLOCKUP [ 111.824205][ T6921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.824214][ T6921] Call Trace: [ 111.824219][ T6921] [ 111.824225][ T6921] dump_stack_lvl+0x100/0x190 [ 111.824249][ T6921] should_fail_ex.cold+0x5/0xa [ 111.824275][ T6921] should_failslab+0xc2/0x120 [ 111.824300][ T6921] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 111.824322][ T6921] ? copy_process+0x402/0x7890 [ 111.824343][ T6921] ? copy_process+0x402/0x7890 [ 111.824361][ T6921] ? copy_process+0x48b/0x7890 [ 111.824385][ T6921] ? copy_process+0x48b/0x7890 [ 111.824406][ T6921] copy_process+0x48b/0x7890 [ 111.824429][ T6921] ? __pfx__kstrtoull+0x10/0x10 [ 111.824459][ T6921] ? __pfx_copy_process+0x10/0x10 [ 111.824487][ T6921] ? _copy_from_user+0x59/0xd0 [ 111.824512][ T6921] kernel_clone+0xfc/0x930 [ 111.824530][ T6921] ? find_held_lock+0x2b/0x80 [ 111.824547][ T6921] ? __pfx_kernel_clone+0x10/0x10 [ 111.824571][ T6921] ? proc_fail_nth_write+0x9f/0x220 [ 111.824592][ T6921] ? find_held_lock+0x2b/0x80 [ 111.824614][ T6921] __do_sys_clone3+0x214/0x290 [ 111.824637][ T6921] ? __pfx___do_sys_clone3+0x10/0x10 [ 111.824655][ T6921] ? ksys_write+0x190/0x250 [ 111.824684][ T6921] ? __fget_files+0x21f/0x3d0 [ 111.824708][ T6921] ? __pfx_ksys_write+0x10/0x10 [ 111.824730][ T6921] __do_fast_syscall_32+0xde/0x660 [ 111.824756][ T6921] do_fast_syscall_32+0x32/0x70 [ 111.824779][ T6921] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.824798][ T6921] RIP: 0023:0xf741d579 [ 111.824811][ T6921] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 111.824825][ T6921] RSP: 002b:00000000f54463dc EFLAGS: 00000286 ORIG_RAX: 00000000000001b3 [ 111.824840][ T6921] RAX: ffffffffffffffda RBX: 00000000f5446410 RCX: 0000000000000058 [ 111.824849][ T6921] RDX: 0000000000000000 RSI: 000000004c000000 RDI: 0000000000000000 [ 111.824858][ T6921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 111.824866][ T6921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.824874][ T6921] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 111.824896][ T6921] [ 112.232809][ T6929] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 112.284881][ T6929] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 112.347751][ T6932] overlayfs: inode number too big (/, ino=4611686018427387905, xinobits=3) [ 112.606565][ T6933] loop7: detected capacity change from 0 to 7 [ 112.693324][ T5957] Dev loop7: unable to read RDB block 7 [ 112.695111][ T5957] loop7: unable to read partition table [ 112.697505][ T5957] loop7: partition table beyond EOD, truncated [ 112.764249][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x880700 phys_seg 1 prio class 2 [ 112.776153][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 112.779363][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 112.802099][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 112.805202][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 112.808929][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 112.812089][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 112.814767][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 112.817910][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 112.820782][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 112.823764][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 112.827075][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 112.830138][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 112.833087][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 112.836572][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 112.841092][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 112.844882][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 112.848520][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 112.851621][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 112.855153][ T6933] ldm_validate_partition_table(): Disk read failed. [ 112.857474][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 112.861679][ T6933] Dev loop7: unable to read RDB block 0 [ 112.864622][ T6933] loop7: unable to read partition table [ 112.869533][ T6933] loop7: partition table beyond EOD, truncated [ 112.871631][ T6933] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü¾CêjÌ–ã¢P=ý?ã}X‹ºÐ œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö˜Èµ4FLQkÝŠ) failed (rc=-5) [ 112.895522][ T5346] ldm_validate_partition_table(): Disk read failed. [ 112.898187][ T5346] Dev loop7: unable to read RDB block 0 [ 112.900238][ T5346] loop7: unable to read partition table [ 112.902175][ T5346] loop7: partition table beyond EOD, truncated [ 113.002664][ T6941] fuse: Unknown parameter 'grou00000000000000000000' [ 113.100468][ T6943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.256'. [ 113.159837][ T6948] 9p: Bad value for 'wfdno' [ 113.239854][ T6954] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 113.254740][ T6954] netlink: 60 bytes leftover after parsing attributes in process `syz.3.260'. [ 113.264599][ T6952] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 114.605071][ T6970] loop2: detected capacity change from 0 to 7 [ 114.633355][ T6970] Dev loop2: unable to read RDB block 7 [ 114.639868][ T6970] loop2: unable to read partition table [ 114.642372][ T6970] loop2: partition table beyond EOD, truncated [ 114.655127][ T6970] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 114.714884][ T6973] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 115.220358][ T6985] netlink: 16 bytes leftover after parsing attributes in process `syz.2.264'. [ 115.296141][ T5959] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 115.298696][ T65] Bluetooth: hci2: command 0x0419 tx timeout [ 115.784738][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.0.267'. [ 118.309454][ T7038] netlink: 'syz.3.276': attribute type 10 has an invalid length. [ 118.537479][ T7036] binder: 7035:7036 ioctl c0306201 80000640 returned -22 [ 118.674759][ T7050] netlink: 4 bytes leftover after parsing attributes in process `syz.2.278'. [ 119.653295][ T7061] syzkaller0: entered promiscuous mode [ 119.657889][ T7061] syzkaller0: entered allmulticast mode [ 119.936021][ T7068] netlink: 24 bytes leftover after parsing attributes in process `syz.3.285'. [ 119.943762][ T7068] xt_hashlimit: overflow, try lower: 60585/0 [ 119.951845][ T7068] IPVS: Unknown mcast interface: pim6reg [ 120.281457][ T7076] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 120.299468][ T7076] netlink: 60 bytes leftover after parsing attributes in process `syz.3.288'. [ 120.320602][ T7074] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 120.495477][ T7079] syzkaller0: entered promiscuous mode [ 120.509940][ T7079] syzkaller0: entered allmulticast mode [ 120.576941][ T7078] netlink: 4 bytes leftover after parsing attributes in process `syz.2.289'. [ 120.580979][ T7078] netlink: 12 bytes leftover after parsing attributes in process `syz.2.289'. [ 121.732828][ T7086] syzkaller0: entered promiscuous mode [ 121.734650][ T7086] syzkaller0: entered allmulticast mode [ 121.847572][ T843] libceph: connect (1)[c::]:6789 error -101 [ 121.850251][ T843] libceph: mon0 (1)[c::]:6789 connect error [ 121.881951][ T6012] libceph: connect (1)[c::]:6789 error -101 [ 121.884686][ T6012] libceph: mon0 (1)[c::]:6789 connect error [ 122.015811][ T65] Bluetooth: hci2: command 0x0419 tx timeout [ 122.019154][ T5959] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 122.106135][ T843] libceph: connect (1)[c::]:6789 error -101 [ 122.108529][ T843] libceph: mon0 (1)[c::]:6789 connect error [ 122.111955][ T6012] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 122.147305][ T843] libceph: connect (1)[c::]:6789 error -101 [ 122.149392][ T843] libceph: mon0 (1)[c::]:6789 connect error [ 122.277475][ T6012] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 122.281525][ T6012] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 122.287531][ T6012] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 122.291303][ T6012] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.444635][ T7123] tipc: Enabling of bearer rejected, failed to enable media [ 122.512115][ T6012] usb 7-1: usb_control_msg returned -32 [ 122.514735][ T6012] usbtmc 7-1:16.0: can't read capabilities [ 122.616253][ T6012] libceph: connect (1)[c::]:6789 error -101 [ 122.619393][ T6012] libceph: mon0 (1)[c::]:6789 connect error [ 122.652901][ T7107] ceph: No mds server is up or the cluster is laggy [ 122.652999][ T7114] ceph: No mds server is up or the cluster is laggy [ 122.657991][ T6012] libceph: connect (1)[c::]:6789 error -101 [ 122.660470][ T6012] libceph: mon0 (1)[c::]:6789 connect error [ 122.852534][ T7128] overlayfs: failed to resolve './file1': -2 [ 122.899911][ T7134] netlink: zone id is out of range [ 122.947197][ T7134] netlink: set zone limit has 4 unknown bytes [ 123.158690][ T40] kauditd_printk_skb: 386 callbacks suppressed [ 123.158701][ T40] audit: type=1326 audit(1769440247.370:3448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7137 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 123.170589][ T40] audit: type=1326 audit(1769440247.380:3449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7137 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 123.178277][ T40] audit: type=1326 audit(1769440247.380:3450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7137 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 123.186809][ T40] audit: type=1326 audit(1769440247.380:3451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7137 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 123.194223][ T40] audit: type=1326 audit(1769440247.380:3452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7137 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 123.201673][ T40] audit: type=1326 audit(1769440247.380:3453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7137 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 123.212732][ T40] audit: type=1326 audit(1769440247.380:3454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7137 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=238 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 123.219613][ T40] audit: type=1326 audit(1769440247.380:3455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7137 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 123.228393][ T40] audit: type=1326 audit(1769440247.380:3456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7137 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 123.236254][ T40] audit: type=1326 audit(1769440247.390:3457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7137 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 123.934750][ T7145] syzkaller0: entered promiscuous mode [ 123.939396][ T7145] syzkaller0: entered allmulticast mode [ 124.095798][ T5959] Bluetooth: hci2: command 0x0419 tx timeout [ 124.198900][ T7149] tmpfs: Bad value for 'huge' [ 124.887641][ T5992] usb 7-1: USB disconnect, device number 5 [ 125.112423][ T7158] 9p: Bad value for 'rfdno' [ 125.130633][ T7158] tipc: Started in network mode [ 125.132953][ T7158] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 125.137272][ T7158] tipc: New replicast peer: fc00:0000:0000:0000:0000:0000:0000:0000 [ 125.140046][ T7158] tipc: Enabled bearer , priority 10 [ 125.269475][ T7165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.312'. [ 125.307421][ T7169] netlink: 'syz.0.313': attribute type 21 has an invalid length. [ 125.310579][ T7169] IPv6: NLM_F_CREATE should be specified when creating new route [ 125.313818][ T7169] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 125.317058][ T7169] IPv6: NLM_F_CREATE should be set when creating new route [ 125.319953][ T7169] IPv6: NLM_F_CREATE should be set when creating new route [ 125.322954][ T7169] IPv6: NLM_F_CREATE should be set when creating new route [ 125.328852][ T7169] netlink: 'syz.0.313': attribute type 21 has an invalid length. [ 125.332192][ T7169] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 125.394989][ T7174] syzkaller0: entered promiscuous mode [ 125.397439][ T7174] syzkaller0: entered allmulticast mode [ 125.497203][ T7177] netlink: 24 bytes leftover after parsing attributes in process `syz.2.314'. [ 125.503925][ T7177] xt_hashlimit: overflow, try lower: 60585/0 [ 125.513413][ T7177] IPVS: Unknown mcast interface: pim6reg [ 126.267479][ T6217] tipc: Node number set to 1 [ 126.950838][ T7184] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 126.962015][ T7184] Error validating options; rc = [-22] [ 127.153417][ T7196] syz_tun: entered allmulticast mode [ 127.164681][ T7195] syz_tun: left allmulticast mode [ 127.288427][ T7202] netlink: 24 bytes leftover after parsing attributes in process `syz.0.320'. [ 127.535811][ T5959] Bluetooth: hci1: command tx timeout [ 127.640150][ T7215] syzkaller0: entered promiscuous mode [ 127.642027][ T7215] syzkaller0: entered allmulticast mode [ 127.957817][ T6217] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 128.107139][ T6217] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 128.110337][ T6217] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 128.114427][ T6217] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 128.117955][ T6217] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.329936][ T6217] usb 5-1: usb_control_msg returned -32 [ 128.335080][ T6217] usbtmc 5-1:16.0: can't read capabilities [ 128.404328][ T843] usb 5-1: USB disconnect, device number 5 [ 128.638084][ T7224] comedi comedi0: board detection failed [ 129.182458][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.0.335'. [ 129.866922][ T7247] netlink: 8 bytes leftover after parsing attributes in process `syz.3.336'. [ 129.870380][ T7247] netlink: 4 bytes leftover after parsing attributes in process `syz.3.336'. [ 129.873913][ T7247] netlink: 'syz.3.336': attribute type 11 has an invalid length. [ 129.930989][ T7251] syzkaller0: entered promiscuous mode [ 129.933332][ T7251] syzkaller0: entered allmulticast mode [ 130.187844][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.191351][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.573924][ T7264] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.138287][ T7264] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.206528][ T7264] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.275719][ T7264] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.325793][ T10] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 131.360412][ T63] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.363222][ T63] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.366021][ T63] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.368734][ T63] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.506161][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 131.512600][ T10] usb 5-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config [ 131.517164][ T10] usb 5-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82 [ 131.521218][ T10] usb 5-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 131.524709][ T10] usb 5-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 131.532914][ T10] usb 5-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30 [ 131.536186][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.538814][ T10] usb 5-1: Product: syz [ 131.540480][ T10] usb 5-1: Manufacturer: syz [ 131.542057][ T10] usb 5-1: SerialNumber: syz [ 131.553192][ C0] imon 5-1:155.0: imon usb_rx_callback_intf0: status(-71) [ 131.559332][ T10] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/input/input13 [ 131.776338][ T10] imon 5-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR [ 131.779649][ T10] (id 0x00) [ 131.826527][ T10] rc_core: IR keymap rc-imon-pad not found [ 131.829013][ T10] Registered IR keymap rc-empty [ 131.845860][ T10] imon 5-1:155.0: Looks like you're trying to use an IR protocol this device does not support [ 131.850758][ T10] imon 5-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 131.976439][ T10] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/rc/rc0 [ 131.980677][ T10] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/rc/rc0/input14 [ 131.988052][ T10] imon 5-1:155.0: iMON device (15c2:ffdc, intf0) on usb<5:6> initialized [ 132.212055][ T10] usb 5-1: USB disconnect, device number 6 [ 132.212055][ T7267] imon:send_packet: packet tx failed (-71) [ 132.246143][ T7267] imon:vfd_write: send packet #0 failed [ 133.023384][ T7289] tmpfs: Bad value for 'huge' [ 133.511376][ T7291] tmpfs: Bad value for 'huge' [ 133.529162][ T7295] netlink: 16 bytes leftover after parsing attributes in process `syz.1.352'. [ 133.532582][ T7295] mac80211_hwsim hwsim3 wlan1: Device is already in use. [ 133.554904][ T7295] bond0: (slave wlan1): Releasing backup interface [ 133.622832][ T7291] 9pnet_virtio: no channels available for device syz [ 133.808846][ T7298] netlink: 4 bytes leftover after parsing attributes in process `syz.1.353'. [ 134.745786][ T6012] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 134.875832][ T6012] usb 8-1: device descriptor read/64, error -71 [ 135.125838][ T6012] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 135.180299][ T7321] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 135.188390][ T7323] virtio-fs: tag not found [ 135.191223][ T7321] netlink: 60 bytes leftover after parsing attributes in process `syz.2.360'. [ 135.194198][ T7323] virtio-fs: tag not found [ 135.201392][ T7320] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 135.228910][ T7328] netlink: zone id is out of range [ 135.229038][ T7326] gfs2: path_lookup on c::: returned error -2 [ 135.256246][ T6012] usb 8-1: device descriptor read/64, error -71 [ 135.272527][ T7328] netlink: set zone limit has 4 unknown bytes [ 135.338830][ T7331] tmpfs: Bad value for 'huge' [ 135.366095][ T6012] usb usb8-port1: attempt power cycle [ 135.716021][ T6012] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 135.845214][ T6012] usb 8-1: device descriptor read/8, error -71 [ 136.095911][ T6012] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 136.126289][ T6012] usb 8-1: device descriptor read/8, error -71 [ 136.235985][ T6012] usb usb8-port1: unable to enumerate USB device [ 137.225851][ T65] Bluetooth: hci2: command 0x0419 tx timeout [ 137.229289][ T5959] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 137.432912][ T7358] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 137.452736][ T7358] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 137.466160][ T7358] batman_adv: batadv0: Adding interface: ip6gretap1 [ 137.469014][ T7358] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 137.515722][ T7358] batman_adv: batadv0: Interface activated: ip6gretap1 [ 137.679234][ T7363] fuse: Bad value for 'fd' [ 137.893218][ T7367] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 137.908832][ T7367] netlink: 60 bytes leftover after parsing attributes in process `syz.0.374'. [ 137.917555][ T7366] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 138.862526][ T7395] trusted_key: syz.0.381 sent an empty control message without MSG_MORE. [ 138.875859][ T6012] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 139.026290][ T6012] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 139.029697][ T6012] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.032547][ T6012] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.037033][ T6012] usb 7-1: config 0 interface 0 has no altsetting 0 [ 139.040946][ T6012] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.043828][ T6012] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.048165][ T6012] usb 7-1: config 0 interface 0 has no altsetting 0 [ 139.051594][ T6012] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.054455][ T6012] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.058283][ T6012] usb 7-1: config 0 interface 0 has no altsetting 0 [ 139.061358][ T6012] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.064313][ T6012] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.068262][ T6012] usb 7-1: config 0 interface 0 has no altsetting 0 [ 139.071336][ T6012] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.074186][ T6012] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.078073][ T6012] usb 7-1: config 0 interface 0 has no altsetting 0 [ 139.081166][ T6012] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.084015][ T6012] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.089197][ T6012] usb 7-1: config 0 interface 0 has no altsetting 0 [ 139.093863][ T6012] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.097110][ T6012] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.100615][ T6012] usb 7-1: config 0 interface 0 has no altsetting 0 [ 139.105928][ T6012] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 139.108779][ T6012] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 139.112184][ T6012] usb 7-1: config 0 interface 0 has no altsetting 0 [ 139.171304][ T6012] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 139.174643][ T6012] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 139.181442][ T6012] usb 7-1: Product: syz [ 139.182891][ T6012] usb 7-1: Manufacturer: syz [ 139.184368][ T6012] usb 7-1: SerialNumber: syz [ 139.235542][ T7403] loop2: detected capacity change from 0 to 7 [ 139.239417][ T5957] Dev loop2: unable to read RDB block 7 [ 139.241268][ T5957] loop2: unable to read partition table [ 139.243163][ T5957] loop2: partition table beyond EOD, truncated [ 139.258230][ T7403] Dev loop2: unable to read RDB block 7 [ 139.260245][ T7403] loop2: unable to read partition table [ 139.262587][ T7403] loop2: partition table beyond EOD, truncated [ 139.264574][ T7403] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 139.272306][ T6012] usb 7-1: config 0 descriptor?? [ 139.284287][ T6012] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 139.792875][ T7413] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 139.810231][ T7413] netlink: 60 bytes leftover after parsing attributes in process `syz.3.387'. [ 139.818881][ T7412] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 139.937741][ T65] Bluetooth: hci2: command 0x0419 tx timeout [ 139.965780][ T5959] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 140.040855][ C2] usb 7-1: yurex_control_callback - control failed: -71 [ 140.046595][ T5985] usb 7-1: USB disconnect, device number 6 [ 140.053849][ T5985] yurex 7-1:0.0: USB YUREX #0 now disconnected [ 140.480994][ T7428] netlink: 32 bytes leftover after parsing attributes in process `syz.1.391'. [ 140.732537][ T7432] netlink: 24 bytes leftover after parsing attributes in process `syz.3.392'. [ 141.652112][ T7451] loop2: detected capacity change from 0 to 7 [ 141.663363][ T5957] Dev loop2: unable to read RDB block 7 [ 141.667568][ T5957] loop2: unable to read partition table [ 141.670142][ T5957] loop2: partition table beyond EOD, truncated [ 142.020452][ T7451] Dev loop2: unable to read RDB block 7 [ 142.022876][ T7451] loop2: unable to read partition table [ 142.025248][ T7451] loop2: partition table beyond EOD, truncated [ 142.028038][ T7451] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 142.324702][ T7458] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 142.343211][ T7458] netlink: 60 bytes leftover after parsing attributes in process `syz.2.400'. [ 142.350738][ T7457] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 142.515582][ T7468] overlayfs: failed to resolve './file1': -2 [ 142.555938][ T5952] cgroup: fork rejected by pids controller in /syz0 [ 142.642743][ T7477] sit0: entered promiscuous mode [ 142.646342][ T7477] netlink: 'syz.1.403': attribute type 1 has an invalid length. [ 142.648856][ T7477] netlink: 1 bytes leftover after parsing attributes in process `syz.1.403'. [ 142.815767][ T65] Bluetooth: hci2: command 0x0419 tx timeout [ 142.818369][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 142.818907][ T5959] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 142.820876][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 142.912634][ T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.000307][ T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.028786][ T7482] loop2: detected capacity change from 0 to 7 [ 143.031949][ T7482] Dev loop2: unable to read RDB block 7 [ 143.033818][ T7482] loop2: unable to read partition table [ 143.035865][ T7482] loop2: partition table beyond EOD, truncated [ 143.038146][ T7482] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 143.071608][ T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.110241][ T65] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 143.115104][ T65] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 143.118961][ T65] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 143.122335][ T65] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 143.127409][ T65] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 143.148774][ T7489] loop7: detected capacity change from 0 to 2640 [ 143.156962][ T7489] buffer_io_error: 23 callbacks suppressed [ 143.156973][ T7489] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 143.161517][ T7489] Buffer I/O error on dev loop7, logical block 1, lost async page write [ 143.164160][ T7489] Buffer I/O error on dev loop7, logical block 2, lost async page write [ 143.167363][ T7489] Buffer I/O error on dev loop7, logical block 3, lost async page write [ 143.170489][ T7489] Buffer I/O error on dev loop7, logical block 4, lost async page write [ 143.173259][ T7489] Buffer I/O error on dev loop7, logical block 5, lost async page write [ 143.176317][ T7489] Buffer I/O error on dev loop7, logical block 6, lost async page write [ 143.179104][ T7489] Buffer I/O error on dev loop7, logical block 7, lost async page write [ 143.182019][ T7489] Buffer I/O error on dev loop7, logical block 8, lost async page write [ 143.199596][ T7489] Buffer I/O error on dev loop7, logical block 9, lost async page write [ 143.228770][ T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.346769][ T7488] chnl_net:caif_netlink_parms(): no params data found [ 143.506140][ T7488] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.508547][ T7488] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.510851][ T7488] bridge_slave_0: entered allmulticast mode [ 143.513456][ T7488] bridge_slave_0: entered promiscuous mode [ 143.518769][ T7488] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.521877][ T7488] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.526479][ T7488] bridge_slave_1: entered allmulticast mode [ 143.552446][ T7488] bridge_slave_1: entered promiscuous mode [ 143.558975][ T46] bridge_slave_1: left allmulticast mode [ 143.560992][ T46] bridge_slave_1: left promiscuous mode [ 143.563970][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.578252][ T46] bridge_slave_0: left allmulticast mode [ 143.581299][ T46] bridge_slave_0: left promiscuous mode [ 143.584154][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.846686][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 143.853009][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 143.857745][ T46] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 143.872489][ T46] bond0 (unregistering): Released all slaves [ 143.877938][ T46] bond1 (unregistering): Released all slaves [ 143.919659][ T7488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 143.931688][ T7488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 143.965814][ T7488] team0: Port device team_slave_0 added [ 143.968522][ T46] tipc: Disabling bearer [ 143.972885][ T7488] team0: Port device team_slave_1 added [ 143.975878][ T46] tipc: Left network mode [ 144.017181][ T7488] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 144.019397][ T7488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 144.029047][ T7488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 144.034026][ T7488] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 144.045692][ T7488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 144.053827][ T7488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 144.099883][ T7488] hsr_slave_0: entered promiscuous mode [ 144.102295][ T7488] hsr_slave_1: entered promiscuous mode [ 144.104473][ T7488] debugfs: 'hsr0' already exists in 'hsr' [ 144.106534][ T7488] Cannot create hsr debugfs directory [ 144.448503][ T46] hsr_slave_0: left promiscuous mode [ 144.452016][ T46] hsr_slave_1: left promiscuous mode [ 144.454997][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 144.458492][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 144.462574][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 144.465873][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 144.484338][ T46] veth1_macvtap: left promiscuous mode [ 144.487189][ T46] veth0_macvtap: left promiscuous mode [ 144.489267][ T46] veth1_vlan: left promiscuous mode [ 144.491093][ T46] veth0_vlan: left promiscuous mode [ 144.802541][ T46] team0 (unregistering): Port device team_slave_1 removed [ 144.850809][ T46] team0 (unregistering): Port device team_slave_0 removed [ 144.898899][ T65] Bluetooth: hci2: command 0x0419 tx timeout [ 144.959909][ T7541] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 145.010436][ T7541] netlink: 60 bytes leftover after parsing attributes in process `syz.2.420'. [ 145.141286][ T5959] Bluetooth: hci3: command tx timeout [ 145.191800][ T7539] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 145.461099][ T7488] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 145.465430][ T7488] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 145.477177][ T7488] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 145.482050][ T7488] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 145.565261][ T7488] 8021q: adding VLAN 0 to HW filter on device bond0 [ 145.587314][ T7488] 8021q: adding VLAN 0 to HW filter on device team0 [ 145.597309][ T1058] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.600293][ T1058] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.604892][ T1058] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.608013][ T1058] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.660853][ T46] IPVS: stop unused estimator thread 0... [ 145.817096][ T7488] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 145.854679][ T7488] veth0_vlan: entered promiscuous mode [ 145.861243][ T7488] veth1_vlan: entered promiscuous mode [ 145.886557][ T7488] veth0_macvtap: entered promiscuous mode [ 145.891453][ T7488] veth1_macvtap: entered promiscuous mode [ 145.904006][ T7488] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 145.944759][ T7488] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 145.960310][ T1147] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.968126][ T1147] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.972909][ T1147] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.977376][ T1147] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.053156][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.057104][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.077121][ T7581] tipc: Enabling of bearer rejected, failed to enable media [ 146.080828][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.083028][ T7581] syzkaller0: entered promiscuous mode [ 146.084134][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.088596][ T7581] syzkaller0: entered allmulticast mode [ 146.211455][ T7588] FAULT_INJECTION: forcing a failure. [ 146.211455][ T7588] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 146.216756][ T7588] CPU: 0 UID: 0 PID: 7588 Comm: syz.2.426 Tainted: G L syzkaller #0 PREEMPT(full) [ 146.216785][ T7588] Tainted: [L]=SOFTLOCKUP [ 146.216789][ T7588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 146.216807][ T7588] Call Trace: [ 146.216811][ T7588] [ 146.216816][ T7588] dump_stack_lvl+0x100/0x190 [ 146.216834][ T7588] should_fail_ex.cold+0x5/0xa [ 146.216852][ T7588] _copy_from_user+0x2e/0xd0 [ 146.216869][ T7588] get_compat_msghdr+0xb3/0x4b0 [ 146.216887][ T7588] ? __pfx_get_compat_msghdr+0x10/0x10 [ 146.216916][ T7588] ___sys_sendmsg+0x1b6/0x1e0 [ 146.216930][ T7588] ? __pfx____sys_sendmsg+0x10/0x10 [ 146.216959][ T7588] __sys_sendmsg+0x170/0x220 [ 146.216977][ T7588] ? __pfx___sys_sendmsg+0x10/0x10 [ 146.216997][ T7588] ? __pfx_ksys_write+0x10/0x10 [ 146.217013][ T7588] __do_fast_syscall_32+0xde/0x660 [ 146.217029][ T7588] do_fast_syscall_32+0x32/0x70 [ 146.217044][ T7588] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 146.217063][ T7588] RIP: 0023:0xf73cd579 [ 146.217075][ T7588] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 146.217089][ T7588] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 146.217105][ T7588] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480 [ 146.217117][ T7588] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 146.217125][ T7588] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 146.217134][ T7588] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 146.217143][ T7588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 146.217164][ T7588] [ 146.221230][ T7587] tipc: Enabling of bearer rejected, failed to enable media [ 146.296154][ T7587] syzkaller0: entered promiscuous mode [ 146.298517][ T7587] syzkaller0: entered allmulticast mode [ 147.055750][ T65] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 147.055931][ T5959] Bluetooth: hci2: command 0x0419 tx timeout [ 147.148986][ T7598] tipc: Enabling not permitted [ 147.151480][ T7598] tipc: Enabling of bearer rejected, failed to enable media [ 147.216295][ T5959] Bluetooth: hci3: command tx timeout [ 147.497968][ T7591] loop2: detected capacity change from 0 to 7 [ 147.570151][ T7591] Dev loop2: unable to read RDB block 7 [ 147.571965][ T7591] loop2: unable to read partition table [ 147.573897][ T7591] loop2: partition table beyond EOD, truncated [ 147.656037][ T7591] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 148.259275][ T1147] Bluetooth: hci4: Frame reassembly failed (-84) [ 148.267360][ T12] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 148.858554][ T7617] tipc: Enabling of bearer rejected, failed to enable media [ 148.862854][ T7617] syzkaller0: entered promiscuous mode [ 148.865267][ T7617] syzkaller0: entered allmulticast mode [ 149.296046][ T65] Bluetooth: hci3: command tx timeout [ 149.345533][ T7620] syzkaller0: entered promiscuous mode [ 149.348111][ T7620] syzkaller0: entered allmulticast mode [ 150.268256][ T5959] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 150.269567][ T65] Bluetooth: hci4: command 0x1003 tx timeout [ 150.867914][ T7635] openvswitch: netlink: Message has 4 unknown bytes. [ 150.871447][ T7635] netlink: 'syz.3.440': attribute type 1 has an invalid length. [ 150.874881][ T7635] netlink: 224 bytes leftover after parsing attributes in process `syz.3.440'. [ 151.002349][ T7642] loop2: detected capacity change from 0 to 7 [ 151.051970][ T7642] Dev loop2: unable to read RDB block 7 [ 151.054916][ T7642] loop2: unable to read partition table [ 151.064699][ T7642] loop2: partition table beyond EOD, truncated [ 151.195772][ T7642] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 151.377062][ T5959] Bluetooth: hci3: command tx timeout [ 152.580930][ T7663] tmpfs: Bad value for 'huge' [ 152.741764][ T7669] fuse: Unknown parameter 'use00000000000000000000' [ 153.161628][ T7674] syzkaller1: entered promiscuous mode [ 153.163598][ T7674] syzkaller1: entered allmulticast mode [ 153.511371][ T7684] x_tables: duplicate underflow at hook 2 [ 153.910338][ T7690] loop2: detected capacity change from 0 to 7 [ 153.914929][ T5957] Dev loop2: unable to read RDB block 7 [ 153.917887][ T5957] loop2: unable to read partition table [ 153.921900][ T5957] loop2: partition table beyond EOD, truncated [ 153.932250][ T7690] Dev loop2: unable to read RDB block 7 [ 153.938050][ T7690] loop2: unable to read partition table [ 153.943356][ T7690] loop2: partition table beyond EOD, truncated [ 153.949790][ T7690] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 154.402801][ T7692] netlink: 4 bytes leftover after parsing attributes in process `syz.0.458'. [ 154.614458][ T7706] netlink: 40 bytes leftover after parsing attributes in process `syz.1.460'. [ 154.732433][ T7720] fuse: Unknown parameter 'user_i00000000000000000000' [ 155.544084][ T7728] netlink: 'syz.1.465': attribute type 4 has an invalid length. [ 155.598062][ T7728] netlink: 'syz.1.465': attribute type 4 has an invalid length. [ 155.942516][ T7735] syzkaller1: entered promiscuous mode [ 155.950220][ T7735] syzkaller1: entered allmulticast mode [ 156.010938][ T7738] syzkaller0: entered promiscuous mode [ 156.012716][ T7738] syzkaller0: entered allmulticast mode [ 157.158723][ T7750] fuse: Unknown parameter 'user_i00000000000000000000' [ 158.934078][ T5985] IPVS: starting estimator thread 0... [ 158.945423][ T7772] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 159.029871][ T7776] netlink: 28 bytes leftover after parsing attributes in process `syz.3.480'. [ 159.038289][ T7775] IPVS: using max 43 ests per chain, 103200 per kthread [ 159.069799][ T7780] fuse: Unknown parameter 'user_i00000000000000000000' [ 159.282308][ T7784] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 159.288804][ T7784] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 159.292908][ T7784] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 159.296392][ T7784] UDF-fs: Scanning with blocksize 512 failed [ 159.300360][ T7784] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 159.304529][ T7784] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 159.308711][ T7784] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 159.312063][ T7784] UDF-fs: Scanning with blocksize 1024 failed [ 159.315146][ T7784] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 159.319477][ T7784] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 159.323550][ T7784] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 159.326778][ T7784] UDF-fs: Scanning with blocksize 2048 failed [ 159.329978][ T7784] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 159.334571][ T7784] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 159.339264][ T7784] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 159.342713][ T7784] UDF-fs: Scanning with blocksize 4096 failed [ 159.345446][ T7784] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 159.761589][ T7788] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 159.763715][ T7788] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 159.766533][ T7788] vhci_hcd vhci_hcd.0: Device attached [ 159.889041][ T7788] wg2 speed is unknown, defaulting to 1000 [ 159.894781][ T7788] wg2 speed is unknown, defaulting to 1000 [ 159.902430][ T7788] wg2 speed is unknown, defaulting to 1000 [ 160.035382][ T7788] infiniband syz2: set active [ 160.037363][ T7788] infiniband syz2: added wg2 [ 160.045897][ T54] usb 44-1: SetAddress Request (2) to port 0 [ 160.047207][ T5985] wg2 speed is unknown, defaulting to 1000 [ 160.053277][ T54] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd [ 160.160869][ T7788] RDS/IB: syz2: added [ 160.162474][ T7788] smc: adding ib device syz2 with port count 1 [ 160.164531][ T7788] smc: ib device syz2 port 1 has no pnetid [ 160.177018][ T60] wg2 speed is unknown, defaulting to 1000 [ 160.194887][ T7788] wg2 speed is unknown, defaulting to 1000 [ 160.303584][ T7789] vhci_hcd: connection reset by peer [ 160.319875][ T46] vhci_hcd vhci_hcd.3: stop threads [ 160.321700][ T46] vhci_hcd vhci_hcd.3: release socket [ 160.324232][ T46] vhci_hcd vhci_hcd.3: disconnect device [ 160.359294][ T5959] Bluetooth: hci0: ACL packet for unknown connection handle 29 [ 160.563175][ T7788] wg2 speed is unknown, defaulting to 1000 [ 160.784889][ T7788] wg2 speed is unknown, defaulting to 1000 [ 160.909021][ T7800] FAULT_INJECTION: forcing a failure. [ 160.909021][ T7800] name failslab, interval 1, probability 0, space 0, times 0 [ 160.914019][ T7800] CPU: 3 UID: 0 PID: 7800 Comm: syz.2.487 Tainted: G L syzkaller #0 PREEMPT(full) [ 160.914050][ T7800] Tainted: [L]=SOFTLOCKUP [ 160.914055][ T7800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 160.914066][ T7800] Call Trace: [ 160.914073][ T7800] [ 160.914080][ T7800] dump_stack_lvl+0x100/0x190 [ 160.914105][ T7800] should_fail_ex.cold+0x5/0xa [ 160.914135][ T7800] should_failslab+0xc2/0x120 [ 160.914158][ T7800] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 160.914184][ T7800] ? __alloc_skb+0x156/0x410 [ 160.914206][ T7800] ? __alloc_skb+0x35d/0x410 [ 160.914230][ T7800] ? __alloc_skb+0x156/0x410 [ 160.914251][ T7800] __alloc_skb+0x156/0x410 [ 160.914272][ T7800] ? __alloc_skb+0x35d/0x410 [ 160.914294][ T7800] ? __pfx___alloc_skb+0x10/0x10 [ 160.914323][ T7800] ? netlink_autobind.isra.0+0x130/0x370 [ 160.914358][ T7800] netlink_alloc_large_skb+0x69/0x150 [ 160.914385][ T7800] netlink_sendmsg+0x680/0xda0 [ 160.914410][ T7800] ? __pfx_netlink_sendmsg+0x10/0x10 [ 160.914436][ T7800] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 160.914459][ T7800] ____sys_sendmsg+0xa54/0xc30 [ 160.914479][ T7800] ? __pfx_____sys_sendmsg+0x10/0x10 [ 160.914507][ T7800] ___sys_sendmsg+0x190/0x1e0 [ 160.914527][ T7800] ? __pfx____sys_sendmsg+0x10/0x10 [ 160.914573][ T7800] __sys_sendmsg+0x170/0x220 [ 160.914599][ T7800] ? __pfx___sys_sendmsg+0x10/0x10 [ 160.914632][ T7800] ? __pfx_ksys_write+0x10/0x10 [ 160.914659][ T7800] __do_fast_syscall_32+0xde/0x660 [ 160.914685][ T7800] do_fast_syscall_32+0x32/0x70 [ 160.914707][ T7800] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 160.914728][ T7800] RIP: 0023:0xf73cd579 [ 160.914742][ T7800] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 160.914757][ T7800] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 160.914774][ T7800] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0 [ 160.914785][ T7800] RDX: 0000000000048000 RSI: 0000000000000000 RDI: 0000000000000000 [ 160.914795][ T7800] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 160.914805][ T7800] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 160.914816][ T7800] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 160.914839][ T7800] [ 160.986252][ T7788] wg2 speed is unknown, defaulting to 1000 [ 161.117557][ T7808] FAULT_INJECTION: forcing a failure. [ 161.117557][ T7808] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.123264][ T7808] CPU: 2 UID: 0 PID: 7808 Comm: syz.2.490 Tainted: G L syzkaller #0 PREEMPT(full) [ 161.123290][ T7808] Tainted: [L]=SOFTLOCKUP [ 161.123296][ T7808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 161.123305][ T7808] Call Trace: [ 161.123311][ T7808] [ 161.123318][ T7808] dump_stack_lvl+0x100/0x190 [ 161.123343][ T7808] should_fail_ex.cold+0x5/0xa [ 161.123370][ T7808] _copy_from_iter+0x1f4/0x1690 [ 161.123399][ T7808] ? __alloc_skb+0x220/0x410 [ 161.123420][ T7808] ? __alloc_skb+0x35d/0x410 [ 161.123441][ T7808] ? __pfx__copy_from_iter+0x10/0x10 [ 161.123466][ T7808] ? netlink_autobind.isra.0+0x130/0x370 [ 161.123502][ T7808] netlink_sendmsg+0x808/0xda0 [ 161.123534][ T7808] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.123562][ T7808] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 161.123588][ T7808] ____sys_sendmsg+0xa54/0xc30 [ 161.123616][ T7808] ? __pfx_____sys_sendmsg+0x10/0x10 [ 161.123646][ T7808] ___sys_sendmsg+0x190/0x1e0 [ 161.123667][ T7808] ? __pfx____sys_sendmsg+0x10/0x10 [ 161.123717][ T7808] __sys_sendmsg+0x170/0x220 [ 161.123741][ T7808] ? __pfx___sys_sendmsg+0x10/0x10 [ 161.123776][ T7808] ? __pfx_ksys_write+0x10/0x10 [ 161.123801][ T7808] __do_fast_syscall_32+0xde/0x660 [ 161.123827][ T7808] do_fast_syscall_32+0x32/0x70 [ 161.123848][ T7808] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 161.123871][ T7808] RIP: 0023:0xf73cd579 [ 161.123885][ T7808] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 161.123902][ T7808] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 161.123920][ T7808] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 161.123930][ T7808] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 161.123939][ T7808] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 161.123949][ T7808] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 161.123958][ T7808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 161.123981][ T7808] [ 161.377020][ T7811] binder: 7809:7811 ioctl 8008662c 80000240 returned -22 [ 162.496756][ T7845] sctp: [Deprecated]: syz.2.500 (pid 7845) Use of int in max_burst socket option deprecated. [ 162.496756][ T7845] Use struct sctp_assoc_value instead [ 162.543381][ T7844] bond1: (slave bond_slave_1): Device is not bonding slave [ 162.545990][ T7844] bond1: option active_slave: invalid value (bond_slave_1) [ 163.055730][ T5959] Bluetooth: hci3: command tx timeout [ 163.154939][ T7844] bond1 (unregistering): Released all slaves [ 163.287358][ T7851] netlink: 17780 bytes leftover after parsing attributes in process `syz.0.502'. [ 163.739215][ T7866] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.783622][ T7867] overlayfs: failed to get index nlink (file1/file0, err=-61) [ 163.841056][ T7866] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.029399][ T7866] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.150498][ T7866] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.249805][ T13] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.261900][ T13] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.273693][ T13] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.284026][ T13] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.714310][ T7890] loop2: detected capacity change from 0 to 7 [ 164.715767][ T5957] Dev loop2: unable to read RDB block 7 [ 164.715802][ T5957] loop2: unable to read partition table [ 164.715964][ T5957] loop2: partition table beyond EOD, truncated [ 164.729093][ T7890] Dev loop2: unable to read RDB block 7 [ 164.729129][ T7890] loop2: unable to read partition table [ 164.729326][ T7890] loop2: partition table beyond EOD, truncated [ 164.729527][ T7890] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 165.135776][ T54] usb 44-1: device descriptor read/8, error -110 [ 165.431622][ T7907] loop2: detected capacity change from 0 to 7 [ 165.433527][ T7907] Dev loop2: unable to read RDB block 7 [ 165.436917][ T7907] loop2: unable to read partition table [ 165.437137][ T7907] loop2: partition table beyond EOD, truncated [ 165.437190][ T7907] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 165.541437][ T7909] netlink: 36 bytes leftover after parsing attributes in process `syz.0.518'. [ 165.552874][ T54] usb usb44-port1: attempt power cycle [ 165.873905][ T7911] block device autoloading is deprecated and will be removed. [ 166.139557][ T5346] Dev loop2: unable to read RDB block 7 [ 166.141517][ T5346] loop2: unable to read partition table [ 166.143412][ T5346] loop2: partition table beyond EOD, truncated [ 166.457507][ T7922] netlink: zone id is out of range [ 166.504708][ T7922] netlink: set zone limit has 4 unknown bytes [ 166.645861][ T54] usb usb44-port1: unable to enumerate USB device [ 166.666029][ T5959] Bluetooth: hci3: command tx timeout [ 166.908801][ T7931] tmpfs: Bad value for 'huge' [ 166.921231][ T7927] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 167.090100][ T7927] netlink: 'syz.3.520': attribute type 1 has an invalid length. [ 167.174791][ T60] wg2 speed is unknown, defaulting to 1000 [ 167.718084][ T7928] loop2: detected capacity change from 0 to 7 [ 167.721739][ T7928] Dev loop2: unable to read RDB block 7 [ 167.724191][ T7928] loop2: unable to read partition table [ 167.726914][ T7928] loop2: partition table beyond EOD, truncated [ 167.729705][ T7928] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 168.806220][ T7954] loop2: detected capacity change from 0 to 7 [ 169.120947][ T7954] Dev loop2: unable to read RDB block 7 [ 169.120989][ T7954] loop2: unable to read partition table [ 169.121150][ T7954] loop2: partition table beyond EOD, truncated [ 169.122150][ T7954] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 169.251343][ T7956] netlink: 48 bytes leftover after parsing attributes in process `syz.3.529'. [ 169.267039][ T7956] 9p: Bad value for 'rfdno' [ 169.365777][ T7958] netlink: zone id is out of range [ 169.417687][ T7958] netlink: set zone limit has 4 unknown bytes [ 170.007970][ T7978] FAULT_INJECTION: forcing a failure. [ 170.007970][ T7978] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 170.013047][ T7978] CPU: 3 UID: 0 PID: 7978 Comm: syz.0.538 Tainted: G L syzkaller #0 PREEMPT(full) [ 170.013072][ T7978] Tainted: [L]=SOFTLOCKUP [ 170.013077][ T7978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 170.013086][ T7978] Call Trace: [ 170.013091][ T7978] [ 170.013098][ T7978] dump_stack_lvl+0x100/0x190 [ 170.013119][ T7978] should_fail_ex.cold+0x5/0xa [ 170.013142][ T7978] _copy_from_iter+0x1f4/0x1690 [ 170.013167][ T7978] ? alloc_pages_mpol+0x25a/0x550 [ 170.013186][ T7978] ? __pfx__copy_from_iter+0x10/0x10 [ 170.013206][ T7978] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 170.013251][ T7978] copy_page_from_iter+0xde/0x180 [ 170.013276][ T7978] tun_build_skb.constprop.0+0x2ea/0x15d0 [ 170.013306][ T7978] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 170.013329][ T7978] ? __lock_acquire+0x4a5/0x2630 [ 170.013357][ T7978] ? find_held_lock+0x2b/0x80 [ 170.013370][ T7978] ? aa_file_perm+0x268/0x1540 [ 170.013386][ T7978] tun_get_user+0x16d0/0x3e10 [ 170.013415][ T7978] ? __pfx_tun_get_user+0x10/0x10 [ 170.013437][ T7978] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 170.013456][ T7978] ? find_held_lock+0x2b/0x80 [ 170.013469][ T7978] ? tun_get+0x191/0x370 [ 170.013486][ T7978] ? tun_get+0x191/0x370 [ 170.013510][ T7978] tun_chr_write_iter+0xdc/0x200 [ 170.013533][ T7978] vfs_write+0x6ac/0x1070 [ 170.013549][ T7978] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 170.013572][ T7978] ? __pfx_vfs_write+0x10/0x10 [ 170.013591][ T7978] ? find_held_lock+0x2b/0x80 [ 170.013616][ T7978] ksys_write+0x12a/0x250 [ 170.013631][ T7978] ? __pfx_ksys_write+0x10/0x10 [ 170.013645][ T7978] ? fput+0x79/0x100 [ 170.013667][ T7978] do_int80_emulation+0x101/0x470 [ 170.013687][ T7978] asm_int80_emulation+0x1a/0x20 [ 170.013701][ T7978] RIP: 0023:0xf710572b [ 170.013713][ T7978] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 170.013726][ T7978] RSP: 002b:00000000f53c644c EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 170.013741][ T7978] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 170.013749][ T7978] RDX: 000000000000004f RSI: 0000000000000000 RDI: 0000000000000000 [ 170.013757][ T7978] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 170.013768][ T7978] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 170.013776][ T7978] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 170.013794][ T7978] [ 170.558903][ T7991] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 170.561119][ T7991] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 170.566439][ T7991] vhci_hcd vhci_hcd.0: Device attached [ 170.836230][ T5985] usb 38-1: SetAddress Request (6) to port 0 [ 170.836286][ T5985] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd [ 170.838844][ T8000] netlink: zone id is out of range [ 170.877846][ T8000] netlink: set zone limit has 4 unknown bytes [ 170.988752][ T8004] loop2: detected capacity change from 0 to 7 [ 170.990666][ T8004] Dev loop2: unable to read RDB block 7 [ 170.990701][ T8004] loop2: unable to read partition table [ 170.990839][ T8004] loop2: partition table beyond EOD, truncated [ 170.990856][ T8004] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 171.290969][ T7988] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 171.695971][ T5959] Bluetooth: hci1: command tx timeout [ 173.143961][ T7993] vhci_hcd: connection reset by peer [ 173.226314][ T63] vhci_hcd vhci_hcd.0: stop threads [ 173.228396][ T63] vhci_hcd vhci_hcd.0: release socket [ 173.230748][ T63] vhci_hcd vhci_hcd.0: disconnect device [ 173.686315][ T8020] overlayfs: failed to resolve './file1': -2 [ 174.044367][ T8028] netlink: zone id is out of range [ 174.076762][ T8028] netlink: set zone limit has 4 unknown bytes [ 174.742454][ T40] kauditd_printk_skb: 39 callbacks suppressed [ 174.742469][ T40] audit: type=1326 audit(1769440298.954:3497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 174.753831][ T40] audit: type=1326 audit(1769440298.974:3498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 174.776112][ T40] audit: type=1326 audit(1769440298.984:3499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.554" exe="/syz-executor" sig=0 arch=40000003 syscall=183 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 174.784879][ T40] audit: type=1326 audit(1769440298.984:3500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 174.792437][ T40] audit: type=1326 audit(1769440298.984:3501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 174.799519][ T40] audit: type=1326 audit(1769440298.984:3502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.554" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 174.806482][ T40] audit: type=1326 audit(1769440298.984:3503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 174.813206][ T40] audit: type=1326 audit(1769440298.984:3504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 174.820889][ T40] audit: type=1326 audit(1769440298.984:3505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.554" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 174.828857][ T40] audit: type=1326 audit(1769440298.984:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 175.014675][ T8047] loop2: detected capacity change from 0 to 7 [ 175.015776][ T8047] Dev loop2: unable to read RDB block 7 [ 175.015859][ T8047] loop2: unable to read partition table [ 175.016723][ T8047] loop2: partition table beyond EOD, truncated [ 175.016805][ T8047] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 175.345735][ T5992] usb 8-1: new full-speed USB device number 7 using dummy_hcd [ 175.478016][ T8054] syz_tun: entered allmulticast mode [ 175.482812][ T8053] syz_tun: left allmulticast mode [ 175.508181][ T5992] usb 8-1: not running at top speed; connect to a high speed hub [ 175.511584][ T5992] usb 8-1: config 1 interface 0 altsetting 179 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 175.515085][ T5992] usb 8-1: config 1 interface 0 altsetting 179 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 175.519470][ T5992] usb 8-1: config 1 interface 0 has no altsetting 0 [ 175.522143][ T5992] usb 8-1: string descriptor 0 read error: -22 [ 175.524248][ T5992] usb 8-1: New USB device found, idVendor=046d, idProduct=00fe, bcdDevice= 0.40 [ 175.527227][ T5992] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.532286][ T8042] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 175.692955][ T8058] netlink: 'syz.1.561': attribute type 11 has an invalid length. [ 175.696817][ T8058] netlink: 132 bytes leftover after parsing attributes in process `syz.1.561'. [ 175.858250][ T8065] fuse: Unknown parameter '0x0000000000000004' [ 175.935927][ T5985] usb 38-1: device descriptor read/8, error -110 [ 176.272196][ T8074] loop2: detected capacity change from 0 to 7 [ 176.329348][ T8074] Dev loop2: unable to read RDB block 7 [ 176.331372][ T8074] loop2: unable to read partition table [ 176.334720][ T8074] loop2: partition table beyond EOD, truncated [ 176.338058][ T8074] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 176.341167][ T5985] usb usb38-port1: attempt power cycle [ 176.699387][ T5992] usbhid 8-1:1.0: can't add hid device: -71 [ 176.701552][ T5992] usbhid 8-1:1.0: probe with driver usbhid failed with error -71 [ 176.939265][ T5985] usb usb38-port1: unable to enumerate USB device [ 176.990139][ T5992] usb 8-1: USB disconnect, device number 7 [ 177.031124][ T8084] binder: 8083:8084 unknown command 0 [ 177.033392][ T8084] binder: 8083:8084 ioctl c0306201 800001c0 returned -22 [ 177.139022][ T8082] loop2: detected capacity change from 0 to 7 [ 177.157135][ T8082] Dev loop2: unable to read RDB block 7 [ 177.158974][ T8082] loop2: unable to read partition table [ 177.160840][ T8082] loop2: partition table beyond EOD, truncated [ 177.169507][ T8082] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 177.197476][ T8092] fuse: Unknown parameter '0x0000000000000004' [ 178.543781][ T8105] tipc: Started in network mode [ 178.545503][ T8105] tipc: Node identity cefd618486ed, cluster identity 4711 [ 178.556010][ T8105] tipc: Enabled bearer , priority 0 [ 178.566695][ T8105] syzkaller0: entered promiscuous mode [ 178.571993][ T8105] syzkaller0: entered allmulticast mode [ 178.607859][ T8104] tipc: Resetting bearer [ 178.646954][ T8104] tipc: Disabling bearer [ 178.862209][ T8113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 178.885956][ T8108] netlink: 60 bytes leftover after parsing attributes in process `syz.1.577'. [ 178.899612][ T8107] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 179.000919][ T8122] netlink: zone id is out of range [ 179.033418][ T8122] netlink: set zone limit has 4 unknown bytes [ 179.070881][ T8125] netlink: 56 bytes leftover after parsing attributes in process `syz.3.582'. [ 179.101310][ T8114] loop2: detected capacity change from 0 to 7 [ 179.107751][ T8114] Dev loop2: unable to read RDB block 7 [ 179.110074][ T8114] loop2: unable to read partition table [ 179.112387][ T8114] loop2: partition table beyond EOD, truncated [ 179.114576][ T8114] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 179.721819][ T8138] loop2: detected capacity change from 0 to 7 [ 179.722850][ T8138] Dev loop2: unable to read RDB block 7 [ 179.722891][ T8138] loop2: unable to read partition table [ 179.723104][ T8138] loop2: partition table beyond EOD, truncated [ 179.723116][ T8138] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 179.794257][ T8145] ubi31: attaching mtd0 [ 179.806964][ T8145] ubi31: scanning is finished [ 179.820982][ T8145] ubi31: empty MTD device detected [ 179.860483][ T8149] netlink: 12 bytes leftover after parsing attributes in process `syz.3.585'. [ 179.879894][ T8147] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 179.902488][ T8147] netlink: 60 bytes leftover after parsing attributes in process `syz.1.589'. [ 179.983387][ T8145] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 179.988877][ T8145] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 179.991381][ T8145] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 179.993768][ T8145] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 180.005826][ T8145] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 180.008782][ T8145] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 180.011488][ T8145] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4288157096 [ 180.014738][ T8145] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 180.023477][ T8146] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 180.033775][ T8156] ubi31: background thread "ubi_bgt31d" started, PID 8156 [ 180.895724][ T5959] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 180.895735][ T65] Bluetooth: hci2: command 0x0419 tx timeout [ 180.913873][ T8162] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 180.916001][ T8162] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 180.918690][ T8162] vhci_hcd vhci_hcd.0: Device attached [ 180.947920][ T8167] vhci_hcd: connection closed [ 180.951488][ T1058] vhci_hcd vhci_hcd.1: stop threads [ 180.955241][ T1058] vhci_hcd vhci_hcd.1: release socket [ 180.973285][ T1058] vhci_hcd vhci_hcd.1: disconnect device [ 182.176998][ T8197] loop2: detected capacity change from 0 to 7 [ 182.179305][ T5957] Dev loop2: unable to read RDB block 7 [ 182.179340][ T5957] loop2: unable to read partition table [ 182.179499][ T5957] loop2: partition table beyond EOD, truncated [ 182.199669][ T8197] Dev loop2: unable to read RDB block 7 [ 182.199708][ T8197] loop2: unable to read partition table [ 182.199873][ T8197] loop2: partition table beyond EOD, truncated [ 182.199891][ T8197] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 182.973945][ T8209] fuse: Unknown parameter 'fd0x0000000000000004' [ 185.076126][ T8236] loop2: detected capacity change from 0 to 7 [ 185.077956][ T8236] Dev loop2: unable to read RDB block 7 [ 185.077991][ T8236] loop2: unable to read partition table [ 185.078138][ T8236] loop2: partition table beyond EOD, truncated [ 185.078154][ T8236] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 185.296453][ T5346] Dev loop2: unable to read RDB block 7 [ 185.298684][ T5346] loop2: unable to read partition table [ 185.301169][ T5346] loop2: partition table beyond EOD, truncated [ 185.388514][ T8242] fuse: Unknown parameter 'fd0x0000000000000004' [ 185.441642][ T8244] FAULT_INJECTION: forcing a failure. [ 185.441642][ T8244] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 185.450569][ T8244] CPU: 3 UID: 0 PID: 8244 Comm: syz.2.619 Tainted: G L syzkaller #0 PREEMPT(full) [ 185.450601][ T8244] Tainted: [L]=SOFTLOCKUP [ 185.450607][ T8244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 185.450618][ T8244] Call Trace: [ 185.450624][ T8244] [ 185.450631][ T8244] dump_stack_lvl+0x100/0x190 [ 185.450659][ T8244] should_fail_ex.cold+0x5/0xa [ 185.450688][ T8244] _copy_from_user+0x2e/0xd0 [ 185.450716][ T8244] get_compat_msghdr+0xb3/0x4b0 [ 185.450744][ T8244] ? __pfx_get_compat_msghdr+0x10/0x10 [ 185.450780][ T8244] ___sys_sendmsg+0x1b6/0x1e0 [ 185.450804][ T8244] ? __pfx____sys_sendmsg+0x10/0x10 [ 185.450858][ T8244] __sys_sendmsg+0x170/0x220 [ 185.450885][ T8244] ? __pfx___sys_sendmsg+0x10/0x10 [ 185.450920][ T8244] ? __pfx_ksys_write+0x10/0x10 [ 185.450948][ T8244] __do_fast_syscall_32+0xde/0x660 [ 185.450975][ T8244] do_fast_syscall_32+0x32/0x70 [ 185.450997][ T8244] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 185.451020][ T8244] RIP: 0023:0xf73cd579 [ 185.451033][ T8244] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 185.451050][ T8244] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 185.451067][ T8244] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0 [ 185.451077][ T8244] RDX: 0000000004004050 RSI: 0000000000000000 RDI: 0000000000000000 [ 185.451087][ T8244] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 185.451097][ T8244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.451107][ T8244] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 185.451130][ T8244] [ 185.556821][ T8249] syzkaller0: entered promiscuous mode [ 185.558704][ T8249] syzkaller0: entered allmulticast mode [ 185.866797][ T5949] Bluetooth: hci0: command 0x0406 tx timeout [ 185.869008][ T5949] Bluetooth: hci1: command 0x0406 tx timeout [ 185.870980][ T5949] Bluetooth: hci2: command 0x0419 tx timeout [ 186.809679][ T5959] Bluetooth: hci0: unexpected event for opcode 0x0c7a [ 187.827335][ T8283] loop2: detected capacity change from 0 to 7 [ 187.839540][ T8283] Dev loop2: unable to read RDB block 7 [ 187.839577][ T8283] loop2: unable to read partition table [ 187.839724][ T8283] loop2: partition table beyond EOD, truncated [ 187.847175][ T8283] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 188.791918][ T8310] syzkaller0: entered promiscuous mode [ 188.793825][ T8310] syzkaller0: entered allmulticast mode [ 190.185828][ T5959] Bluetooth: hci0: command 0x0406 tx timeout [ 191.237271][ T5959] Bluetooth: hci2: command 0x0419 tx timeout [ 191.279913][ T8347] binfmt_misc: register: failed to install interpreter file ./bus [ 191.916288][ T8362] fuse: Bad value for 'fd' [ 193.545981][ T5959] Bluetooth: hci1: command 0x0406 tx timeout [ 194.279994][ T8392] loop2: detected capacity change from 0 to 7 [ 194.282915][ T8392] Dev loop2: unable to read RDB block 7 [ 194.283109][ T8392] loop2: unable to read partition table [ 194.283766][ T8392] loop2: partition table beyond EOD, truncated [ 194.283869][ T8392] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 194.728325][ T8396] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 194.735286][ T8396] netlink: 60 bytes leftover after parsing attributes in process `syz.1.667'. [ 194.796240][ T8393] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 195.025776][ T6217] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 195.155832][ T6217] usb 8-1: device descriptor read/64, error -71 [ 195.312108][ T8402] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 195.332213][ T8402] netlink: 60 bytes leftover after parsing attributes in process `syz.2.669'. [ 195.349561][ T8400] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 195.396168][ T6217] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 195.416055][ T8410] syzkaller1: entered promiscuous mode [ 195.417865][ T8410] syzkaller1: entered allmulticast mode [ 195.533005][ T8418] sch_tbf: burst 274 is lower than device lo mtu (11337746) ! [ 195.536200][ T6217] usb 8-1: device descriptor read/64, error -71 [ 195.658098][ T6217] usb usb8-port1: attempt power cycle [ 196.006096][ T6217] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 196.057829][ T6217] usb 8-1: device descriptor read/8, error -71 [ 196.315970][ T6217] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 196.354913][ T6217] usb 8-1: device descriptor read/8, error -71 [ 196.466007][ T6217] usb usb8-port1: unable to enumerate USB device [ 196.695472][ T8436] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 196.709768][ T8429] netlink: 60 bytes leftover after parsing attributes in process `syz.1.681'. [ 196.717911][ T8428] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 196.735790][ T5959] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 196.738994][ T5944] Bluetooth: hci2: command 0x0419 tx timeout [ 197.360309][ T8482] syzkaller1: entered promiscuous mode [ 197.362512][ T8482] syzkaller1: entered allmulticast mode [ 198.787589][ T8511] syzkaller1: entered promiscuous mode [ 198.789312][ T8511] syzkaller1: entered allmulticast mode [ 198.848030][ T8516] netlink: 'syz.3.696': attribute type 1 has an invalid length. [ 198.914116][ T8518] netlink: 'syz.0.698': attribute type 4 has an invalid length. [ 198.944317][ T8520] syzkaller0: entered promiscuous mode [ 198.950658][ T8520] syzkaller0: entered allmulticast mode [ 199.060679][ T8523] syzkaller0: entered promiscuous mode [ 199.062962][ T8523] syzkaller0: entered allmulticast mode [ 199.067278][ T8523] FAULT_INJECTION: forcing a failure. [ 199.067278][ T8523] name failslab, interval 1, probability 0, space 0, times 0 [ 199.071422][ T8523] CPU: 0 UID: 0 PID: 8523 Comm: syz.3.700 Tainted: G L syzkaller #0 PREEMPT(full) [ 199.071440][ T8523] Tainted: [L]=SOFTLOCKUP [ 199.071444][ T8523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 199.071450][ T8523] Call Trace: [ 199.071455][ T8523] [ 199.071459][ T8523] dump_stack_lvl+0x100/0x190 [ 199.071476][ T8523] should_fail_ex.cold+0x5/0xa [ 199.071494][ T8523] should_failslab+0xc2/0x120 [ 199.071510][ T8523] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 199.071526][ T8523] ? __alloc_skb+0x156/0x410 [ 199.071545][ T8523] ? __alloc_skb+0x156/0x410 [ 199.071558][ T8523] __alloc_skb+0x156/0x410 [ 199.071572][ T8523] ? __alloc_skb+0x35d/0x410 [ 199.071586][ T8523] ? __pfx___alloc_skb+0x10/0x10 [ 199.071606][ T8523] alloc_skb_with_frags+0xe0/0x810 [ 199.071616][ T8523] ? __might_fault+0xc5/0x140 [ 199.071628][ T8523] ? __might_fault+0xc5/0x140 [ 199.071643][ T8523] sock_alloc_send_pskb+0x801/0x980 [ 199.071658][ T8523] ? _copy_from_iter+0x270/0x1690 [ 199.071678][ T8523] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 199.071695][ T8523] ? find_held_lock+0x2b/0x80 [ 199.071706][ T8523] ? iov_iter_advance+0xac/0x6d0 [ 199.071721][ T8523] ? aa_file_perm+0x268/0x1540 [ 199.071733][ T8523] tun_get_user+0x8f7/0x3e10 [ 199.071757][ T8523] ? __pfx_tun_get_user+0x10/0x10 [ 199.071775][ T8523] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 199.071790][ T8523] ? find_held_lock+0x2b/0x80 [ 199.071800][ T8523] ? tun_get+0x191/0x370 [ 199.071815][ T8523] ? tun_get+0x191/0x370 [ 199.071834][ T8523] tun_chr_write_iter+0xdc/0x200 [ 199.071853][ T8523] vfs_write+0x6ac/0x1070 [ 199.071866][ T8523] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 199.071885][ T8523] ? __pfx_vfs_write+0x10/0x10 [ 199.071896][ T8523] ? find_held_lock+0x2b/0x80 [ 199.071915][ T8523] ksys_write+0x12a/0x250 [ 199.071927][ T8523] ? __pfx_ksys_write+0x10/0x10 [ 199.071939][ T8523] ? __pfx_ksys_write+0x10/0x10 [ 199.071954][ T8523] __do_fast_syscall_32+0xde/0x660 [ 199.071970][ T8523] do_fast_syscall_32+0x32/0x70 [ 199.071984][ T8523] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 199.071998][ T8523] RIP: 0023:0xf73ed579 [ 199.072007][ T8523] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 199.072018][ T8523] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 199.072029][ T8523] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000280 [ 199.072036][ T8523] RDX: 000000000000ffdd RSI: 0000000000000000 RDI: 0000000000000000 [ 199.072043][ T8523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 199.072049][ T8523] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 199.072055][ T8523] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 199.072068][ T8523] [ 199.353141][ T8536] sctp: [Deprecated]: syz.1.704 (pid 8536) Use of int in maxseg socket option. [ 199.353141][ T8536] Use struct sctp_assoc_value instead [ 199.631311][ T8549] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 199.633408][ T8549] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 199.635832][ T8552] random: crng reseeded on system resumption [ 199.639552][ T8549] vhci_hcd vhci_hcd.0: Device attached [ 199.642127][ T8550] vhci_hcd: cannot find the pending unlink 4294967288 [ 199.644580][ T8549] netlink: 28 bytes leftover after parsing attributes in process `syz.0.708'. [ 199.647832][ T8549] netlink: 28 bytes leftover after parsing attributes in process `syz.0.708'. [ 199.675959][ T10] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 199.845892][ T10] usb 6-1: Using ep0 maxpacket: 8 [ 199.852731][ T10] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 199.855993][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.865745][ T54] vhci_hcd vhci_hcd.0: vhci_device speed not set [ 199.885867][ T830] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 199.886585][ T10] pvrusb2: Hardware description: Terratec Grabster AV400 [ 199.900090][ T10] pvrusb2: ********** [ 199.905723][ T10] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 199.911191][ T10] pvrusb2: Important functionality might not be entirely working. [ 199.913953][ T10] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 199.918419][ T10] pvrusb2: ********** [ 200.025877][ T830] usb 5-1: device descriptor read/64, error -71 [ 200.092715][ T2486] pvrusb2: Invalid write control endpoint [ 200.125832][ T54] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 200.133900][ T2486] pvrusb2: Invalid write control endpoint [ 200.138632][ T2486] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 200.141766][ T2486] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 200.144128][ T2486] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 200.149123][ T2486] pvrusb2: Device being rendered inoperable [ 200.153215][ T2486] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 200.156340][ T2486] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 200.164840][ T2486] pvrusb2: Attached sub-driver cx25840 [ 200.177584][ T2486] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 200.181006][ T2486] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 200.286663][ T8540] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 200.294222][ T830] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 200.297067][ T5992] usb 6-1: USB disconnect, device number 5 [ 200.426696][ T830] usb 5-1: device descriptor read/64, error -71 [ 200.535882][ T830] usb usb5-port1: attempt power cycle [ 200.896140][ T5959] Bluetooth: hci1: command 0x0406 tx timeout [ 200.975468][ T830] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 200.998371][ T830] usb 5-1: device descriptor read/8, error -71 [ 201.345837][ T830] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 201.421634][ T830] usb 5-1: device descriptor read/8, error -71 [ 201.526647][ T830] usb usb5-port1: unable to enumerate USB device [ 202.381534][ T8599] netlink: 4 bytes leftover after parsing attributes in process `syz.2.723'. [ 202.438182][ T8601] FAULT_INJECTION: forcing a failure. [ 202.438182][ T8601] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 202.444578][ T8601] CPU: 2 UID: 0 PID: 8601 Comm: syz.2.724 Tainted: G L syzkaller #0 PREEMPT(full) [ 202.444608][ T8601] Tainted: [L]=SOFTLOCKUP [ 202.444614][ T8601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 202.444623][ T8601] Call Trace: [ 202.444629][ T8601] [ 202.444639][ T8601] dump_stack_lvl+0x100/0x190 [ 202.444665][ T8601] should_fail_ex.cold+0x5/0xa [ 202.444689][ T8601] ? prepare_alloc_pages+0x16d/0x5f0 [ 202.444719][ T8601] should_fail_alloc_page+0xeb/0x140 [ 202.444747][ T8601] prepare_alloc_pages+0x1f0/0x5f0 [ 202.444777][ T8601] __alloc_frozen_pages_noprof+0x193/0x2410 [ 202.444800][ T8601] ? __pfx_stack_trace_save+0x10/0x10 [ 202.444823][ T8601] ? look_up_lock_class+0x64/0x120 [ 202.444846][ T8601] ? register_lock_class+0x40/0x560 [ 202.444868][ T8601] ? find_held_lock+0x2b/0x80 [ 202.444886][ T8601] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 202.444904][ T8601] ? ima_match_policy+0x8c4/0x2350 [ 202.444968][ T8601] ? __lock_acquire+0x4a5/0x2630 [ 202.445000][ T8601] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 202.445023][ T8601] ? policy_nodemask+0xed/0x4f0 [ 202.445049][ T8601] alloc_pages_mpol+0x1fb/0x550 [ 202.445076][ T8601] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 202.445107][ T8601] alloc_pages_noprof+0x131/0x390 [ 202.445133][ T8601] __pmd_alloc+0x3b/0x9c0 [ 202.445162][ T8601] __handle_mm_fault+0xa99/0x2b50 [ 202.445185][ T8601] ? mt_find+0x45e/0x8e0 [ 202.445208][ T8601] ? __pfx___handle_mm_fault+0x10/0x10 [ 202.445224][ T8601] ? __pfx_mt_find+0x10/0x10 [ 202.445258][ T8601] ? find_vma+0xbf/0x140 [ 202.445281][ T8601] ? __pfx_find_vma+0x10/0x10 [ 202.445305][ T8601] handle_mm_fault+0x36d/0xa20 [ 202.445330][ T8601] do_user_addr_fault+0x74c/0x12f0 [ 202.445358][ T8601] exc_page_fault+0x6f/0xd0 [ 202.445375][ T8601] asm_exc_page_fault+0x26/0x30 [ 202.445398][ T8601] RIP: 0010:_copy_to_user+0x9f/0xd0 [ 202.445428][ T8601] Code: 89 ee 48 89 ef e8 e1 59 21 fd 4d 85 ff 75 26 e8 b7 5f 21 fd 89 de 4c 89 e7 e8 dd bb 8a fd 0f 01 cb 48 89 d9 48 89 ef 4c 89 e6 a4 0f 1f 00 0f 01 ca 48 89 cb e8 91 5f 21 fd 48 89 d8 5b 5d 41 [ 202.445444][ T8601] RSP: 0018:ffffc900034bfaa8 EFLAGS: 00050297 [ 202.445459][ T8601] RAX: 0000000000000001 RBX: 0000000000000054 RCX: 0000000000000054 [ 202.445471][ T8601] RDX: 0000000000000001 RSI: ffffc900034bfb70 RDI: 0000000080000140 [ 202.445481][ T8601] RBP: 0000000080000140 R08: 0000000000000000 R09: fffff52000697f78 [ 202.445491][ T8601] R10: 0000000000000003 R11: 0000000000000000 R12: ffffc900034bfb70 [ 202.445502][ T8601] R13: 0000000080000194 R14: 00007ffffffff000 R15: 0000000000000000 [ 202.445525][ T8601] ? _copy_to_user+0x93/0xd0 [ 202.445553][ T8601] copy_compat_shmid_to_user+0x412/0x4c0 [ 202.445583][ T8601] ? __pfx_copy_compat_shmid_to_user+0x10/0x10 [ 202.445615][ T8601] ? from_kgid_munged+0xab/0x130 [ 202.445663][ T8601] ? shmctl_stat+0x501/0x720 [ 202.445691][ T8601] compat_ksys_shmctl+0x27f/0x620 [ 202.445711][ T8601] ? __pfx_compat_ksys_shmctl+0x10/0x10 [ 202.445727][ T8601] ? proc_fail_nth_write+0x9f/0x220 [ 202.445747][ T8601] ? find_held_lock+0x2b/0x80 [ 202.445770][ T8601] ? find_held_lock+0x2b/0x80 [ 202.445788][ T8601] ? ksys_write+0x190/0x250 [ 202.445809][ T8601] ? ksys_write+0x190/0x250 [ 202.445832][ T8601] ? __mutex_unlock_slowpath+0x15c/0x790 [ 202.445856][ T8601] ? __fget_files+0x215/0x3d0 [ 202.445876][ T8601] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 202.445902][ T8601] ? __fget_files+0x21f/0x3d0 [ 202.445928][ T8601] ? __pfx_ksys_write+0x10/0x10 [ 202.445970][ T8601] __do_fast_syscall_32+0xde/0x660 [ 202.445994][ T8601] do_fast_syscall_32+0x32/0x70 [ 202.446017][ T8601] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 202.446038][ T8601] RIP: 0023:0xf73cd579 [ 202.446053][ T8601] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 202.446068][ T8601] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 000000000000018c [ 202.446085][ T8601] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000000000d [ 202.446094][ T8601] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000 [ 202.446104][ T8601] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 202.446115][ T8601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.446126][ T8601] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 202.446148][ T8601] [ 202.634516][ T8550] vhci_hcd: connection reset by peer [ 202.637740][ T1058] vhci_hcd vhci_hcd.0: stop threads [ 202.639433][ T1058] vhci_hcd vhci_hcd.0: release socket [ 202.641274][ T1058] vhci_hcd vhci_hcd.0: disconnect device [ 203.295784][ T5959] Bluetooth: hci0: command 0x0406 tx timeout [ 204.160013][ T8638] syz.3.735 uses obsolete (PF_INET,SOCK_PACKET) [ 204.258268][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.260548][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.701934][ T8657] netlink: 4 bytes leftover after parsing attributes in process `syz.0.740'. [ 204.807692][ T8646] overlayfs: failed to resolve './file1': -2 [ 204.848038][ T8668] netlink: 80 bytes leftover after parsing attributes in process `syz.2.747'. [ 204.898345][ T8663] /dev/sr0: Can't open blockdev [ 204.986201][ T5959] Bluetooth: hci2: command 0x0419 tx timeout [ 205.395725][ T54] vhci_hcd vhci_hcd.0: vhci_device speed not set [ 205.474656][ T8699] overlayfs: failed to resolve './file1': -2 [ 205.675542][ T8707] Bluetooth: MGMT ver 1.23 [ 205.854492][ T8712] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 205.857267][ T8712] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 205.861646][ T8712] vhci_hcd vhci_hcd.0: Device attached [ 205.866793][ T8711] bond0: (slave bond_slave_1): Releasing backup interface [ 206.156873][ T6217] usb 42-1: SetAddress Request (6) to port 0 [ 206.161680][ T6217] usb 42-1: new SuperSpeed USB device number 6 using vhci_hcd [ 206.751263][ T8713] vhci_hcd: connection reset by peer [ 206.765200][ T12] vhci_hcd vhci_hcd.2: stop threads [ 206.767026][ T12] vhci_hcd vhci_hcd.2: release socket [ 206.768805][ T12] vhci_hcd vhci_hcd.2: disconnect device [ 206.915378][ T8727] overlayfs: failed to resolve './file1': -2 [ 207.055884][ T5959] Bluetooth: hci2: command 0x0419 tx timeout [ 207.226205][ T10] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 207.391763][ T10] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 207.401229][ T10] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 207.404357][ T10] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 207.410386][ T10] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 207.414714][ T10] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 207.419252][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.432220][ T10] hub 6-1:1.0: bad descriptor, ignoring hub [ 207.434823][ T10] hub 6-1:1.0: probe with driver hub failed with error -5 [ 207.454118][ T10] cdc_wdm 6-1:1.0: skipping garbage [ 207.459405][ T10] cdc_wdm 6-1:1.0: skipping garbage [ 207.471137][ T10] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 207.474655][ T10] cdc_wdm 6-1:1.0: Unknown control protocol [ 207.634029][ T8732] netlink: 4 bytes leftover after parsing attributes in process `syz.1.766'. [ 208.003443][ T8750] overlayfs: failed to resolve './file0': -2 [ 208.006124][ T8737] nbd0: detected capacity change from 0 to 549764202496 [ 208.110254][ T8732] usb 6-1: reset full-speed USB device number 6 using dummy_hcd [ 208.249428][ T8732] usb 6-1: device descriptor read/64, error -71 [ 208.251243][ T8765] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 208.261293][ T8765] netlink: 60 bytes leftover after parsing attributes in process `syz.3.775'. [ 208.266976][ T8763] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 208.506054][ T8732] usb 6-1: reset full-speed USB device number 6 using dummy_hcd [ 208.681741][ T8769] loop2: detected capacity change from 0 to 7 [ 208.683860][ T8769] Dev loop2: unable to read RDB block 7 [ 208.683913][ T8769] loop2: unable to read partition table [ 208.684192][ T8769] loop2: partition table beyond EOD, truncated [ 208.684240][ T8769] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 208.765738][ T8732] usb 6-1: device descriptor read/64, error -71 [ 209.007468][ T8732] usb 6-1: reset full-speed USB device number 6 using dummy_hcd [ 209.026551][ T8732] usb 6-1: device descriptor read/8, error -71 [ 209.065880][ T65] Bluetooth: hci3: command tx timeout [ 209.275929][ T8732] usb 6-1: reset full-speed USB device number 6 using dummy_hcd [ 209.296780][ T8732] usb 6-1: device descriptor read/8, error -71 [ 209.410823][ T54] usb 6-1: USB disconnect, device number 6 [ 209.413458][ T8732] cdc_wdm 6-1:1.0: Error autopm - -16 [ 209.555816][ T54] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 209.685753][ T54] usb 6-1: device descriptor read/64, error -71 [ 209.907713][ T8790] syzkaller1: entered promiscuous mode [ 209.909597][ T8790] syzkaller1: entered allmulticast mode [ 209.926082][ T54] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 209.990895][ T8794] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 210.006392][ T5959] block nbd0: Receive control failed (result -104) [ 210.022690][ T8794] netlink: 60 bytes leftover after parsing attributes in process `syz.3.786'. [ 210.108107][ T8793] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 210.335784][ T5959] Bluetooth: hci2: command 0x0419 tx timeout [ 210.335785][ T5944] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 210.841493][ T8813] loop2: detected capacity change from 0 to 7 [ 210.857949][ T8813] Dev loop2: unable to read RDB block 7 [ 210.860367][ T8813] loop2: unable to read partition table [ 210.864639][ T8813] loop2: partition table beyond EOD, truncated [ 210.867850][ T8813] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 211.135741][ T5959] Bluetooth: hci3: command tx timeout [ 211.221323][ T8826] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 211.223705][ T8829] 9pnet_virtio: no channels available for device syz [ 211.225238][ T8826] /dev/nullb0: Can't open blockdev [ 211.229669][ T6217] usb 42-1: device descriptor read/8, error -110 [ 211.626542][ T6217] usb usb42-port1: attempt power cycle [ 212.025930][ T8841] netlink: 8 bytes leftover after parsing attributes in process `syz.2.801'. [ 212.092441][ T8843] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 212.101485][ T8843] netlink: 60 bytes leftover after parsing attributes in process `syz.2.802'. [ 212.106582][ T8842] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 212.206590][ T6217] usb usb42-port1: unable to enumerate USB device [ 212.327880][ T8853] syzkaller0: entered promiscuous mode [ 212.330085][ T8853] syzkaller0: entered allmulticast mode [ 212.337446][ T8851] syzkaller1: entered promiscuous mode [ 212.340038][ T8851] syzkaller1: entered allmulticast mode [ 212.811738][ T8860] netlink: 32 bytes leftover after parsing attributes in process `syz.2.809'. [ 212.863704][ T8863] netlink: 'syz.2.809': attribute type 10 has an invalid length. [ 212.898305][ T5944] Bluetooth: hci0: command 0x0406 tx timeout [ 213.594948][ T8863] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 213.676393][ T8868] tipc: Started in network mode [ 213.678131][ T8868] tipc: Node identity 62381a8bcfb7, cluster identity 4711 [ 213.680528][ T8868] tipc: Enabled bearer , priority 0 [ 213.684002][ T8872] netlink: 'syz.3.812': attribute type 1 has an invalid length. [ 213.686636][ T8868] syzkaller0: entered promiscuous mode [ 213.689494][ T8872] netlink: 104088 bytes leftover after parsing attributes in process `syz.3.812'. [ 213.689526][ T8868] syzkaller0: entered allmulticast mode [ 213.698980][ T8872] IPVS: set_ctl: invalid protocol: 137 172.30.1.4:20002 [ 213.709666][ T8868] tipc: Resetting bearer [ 213.713061][ T8867] tipc: Resetting bearer [ 213.721813][ T8867] tipc: Disabling bearer [ 213.786793][ T6012] libceph: connect (1)[c::]:6789 error -101 [ 213.789089][ T6012] libceph: mon0 (1)[c::]:6789 connect error [ 213.835422][ T8880] ceph: No mds server is up or the cluster is laggy [ 214.175712][ T5959] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 214.175771][ T5944] Bluetooth: hci2: command 0x0419 tx timeout [ 215.103721][ T8895] syzkaller0: entered promiscuous mode [ 215.105537][ T8895] syzkaller0: entered allmulticast mode [ 215.636216][ T8902] tmpfs: Bad value for 'huge' [ 216.040469][ T8908] loop2: detected capacity change from 0 to 7 [ 216.041352][ T8908] Dev loop2: unable to read RDB block 7 [ 216.041385][ T8908] loop2: unable to read partition table [ 216.041546][ T8908] loop2: partition table beyond EOD, truncated [ 216.041564][ T8908] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 218.265008][ T8937] syzkaller1: entered promiscuous mode [ 218.269870][ T8937] syzkaller1: entered allmulticast mode [ 218.397486][ T8939] netlink: 'syz.3.829': attribute type 12 has an invalid length. [ 218.402327][ T8940] netlink: 'syz.3.829': attribute type 12 has an invalid length. [ 218.733716][ T8947] loop2: detected capacity change from 0 to 7 [ 218.785842][ T8947] Dev loop2: unable to read RDB block 7 [ 218.785881][ T8947] loop2: unable to read partition table [ 218.786059][ T8947] loop2: partition table beyond EOD, truncated [ 218.786097][ T8947] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 219.139749][ T8952] tmpfs: Bad value for 'huge' [ 219.430180][ T5346] Dev loop2: unable to read RDB block 7 [ 219.432282][ T5346] loop2: unable to read partition table [ 219.434546][ T5346] loop2: partition table beyond EOD, truncated [ 219.620017][ T8957] syzkaller0: entered promiscuous mode [ 219.633026][ T8957] syzkaller0: entered allmulticast mode [ 221.249437][ T8989] syzkaller0: entered promiscuous mode [ 221.251830][ T8989] syzkaller0: entered allmulticast mode [ 221.300045][ T8989] tipc: Enabled bearer , priority 0 [ 221.304969][ T8988] tipc: Resetting bearer [ 221.323915][ T8988] tipc: Disabling bearer [ 221.504220][ T8997] netlink: 'syz.1.846': attribute type 1 has an invalid length. [ 221.509045][ T8997] netlink: 104088 bytes leftover after parsing attributes in process `syz.1.846'. [ 221.651724][ T9002] netlink: 220 bytes leftover after parsing attributes in process `syz.3.844'. [ 221.738222][ T9004] netlink: 'syz.3.844': attribute type 3 has an invalid length. [ 221.740328][ T9003] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 221.745031][ T9003] block device autoloading is deprecated and will be removed. [ 222.487493][ T8999] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.543740][ T8986] loop2: detected capacity change from 0 to 7 [ 222.547664][ T5948] Dev loop2: unable to read RDB block 7 [ 222.550049][ T5948] loop2: unable to read partition table [ 222.552775][ T5948] loop2: partition table beyond EOD, truncated [ 222.572196][ T8986] Dev loop2: unable to read RDB block 7 [ 222.574650][ T8986] loop2: unable to read partition table [ 222.585148][ T8986] loop2: partition table beyond EOD, truncated [ 222.587526][ T8986] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 222.752061][ T9009] netlink: 224 bytes leftover after parsing attributes in process `syz.1.848'. [ 222.969500][ T8999] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.031573][ T8999] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.321533][ T8999] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.395881][ T1058] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.399409][ T1058] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.402888][ T1058] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.407507][ T1058] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.626725][ T9020] syzkaller0: entered promiscuous mode [ 223.628843][ T9020] syzkaller0: entered allmulticast mode [ 225.074756][ T9026] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 225.212239][ T9039] tipc: Enabled bearer , priority 0 [ 225.218504][ T9040] syzkaller0: entered promiscuous mode [ 225.220252][ T9040] syzkaller0: entered allmulticast mode [ 225.243160][ T9055] wg2 speed is unknown, defaulting to 1000 [ 225.292170][ T9059] futex_wake_op: syz.2.858 tries to shift op by 144; fix this program [ 225.303979][ T9059] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 225.306243][ T9059] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 225.310159][ T9059] vhci_hcd vhci_hcd.0: Device attached [ 225.358098][ T9040] tipc: Resetting bearer [ 225.374840][ T9040] tipc: Disabling bearer [ 225.496857][ T6012] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 225.555845][ T6012] usb 41-1: new full-speed USB device number 2 using vhci_hcd [ 226.140220][ T9060] vhci_hcd: connection reset by peer [ 226.142462][ T78] vhci_hcd vhci_hcd.2: stop threads [ 226.144517][ T78] vhci_hcd vhci_hcd.2: release socket [ 226.146645][ T78] vhci_hcd vhci_hcd.2: disconnect device [ 226.393652][ T9105] binder: 9104:9105 ioctl c0306201 80000640 returned -22 [ 226.843004][ T9130] 9pnet_virtio: no channels available for device syz [ 227.929779][ T24] usb 7-1: new low-speed USB device number 7 using dummy_hcd [ 228.119942][ T24] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 228.123213][ T24] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 228.126368][ T24] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8 [ 228.129807][ T24] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 228.132684][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.139139][ T9143] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 228.142349][ T24] hub 7-1:1.0: bad descriptor, ignoring hub [ 228.144484][ T24] hub 7-1:1.0: probe with driver hub failed with error -5 [ 228.147239][ T24] cdc_wdm 7-1:1.0: skipping garbage [ 228.148925][ T24] cdc_wdm 7-1:1.0: skipping garbage [ 228.151351][ T24] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 228.153262][ T24] cdc_wdm 7-1:1.0: Unknown control protocol [ 228.479630][ T60] usb 7-1: USB disconnect, device number 7 [ 228.481863][ T78] usb 7-1: Failed to suspend device, error -71 [ 228.696130][ T9167] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.882'. [ 228.790416][ T9172] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 228.809927][ T9172] netlink: 60 bytes leftover after parsing attributes in process `syz.0.884'. [ 228.817866][ T9171] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 230.155844][ T54] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 230.299745][ T9204] fuse: Unknown parameter ''ro—' [ 230.327748][ T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 230.332032][ T54] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 230.335085][ T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.342930][ T54] usb 6-1: config 0 descriptor?? [ 230.343607][ T9208] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 230.410923][ T9212] mac80211_hwsim hwsim12 syzkaller0: entered promiscuous mode [ 230.414265][ T9212] mac80211_hwsim hwsim12 syzkaller0: entered allmulticast mode [ 230.552825][ T54] usbhid 6-1:0.0: can't add hid device: -71 [ 230.554935][ T54] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 230.562363][ T54] usb 6-1: USB disconnect, device number 9 [ 230.665789][ T6012] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 230.819536][ T5959] Bluetooth: hci2: command 0x0419 tx timeout [ 230.821739][ T5944] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 231.098990][ T9223] loop2: detected capacity change from 0 to 7 [ 231.106031][ T9223] Dev loop2: unable to read RDB block 7 [ 231.108807][ T9223] loop2: unable to read partition table [ 231.113178][ T9223] loop2: partition table beyond EOD, truncated [ 231.116161][ T9223] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 231.186354][ T54] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 231.420906][ T54] usb 6-1: Using ep0 maxpacket: 32 [ 231.456991][ T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 231.460481][ T54] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 231.463451][ T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.509803][ T54] usb 6-1: config 0 descriptor?? [ 231.526166][ T54] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 231.543733][ T54] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 231.648334][ T9231] netlink: 'syz.3.901': attribute type 1 has an invalid length. [ 231.650812][ T9231] netlink: 60 bytes leftover after parsing attributes in process `syz.3.901'. [ 231.653633][ T9231] netlink: 'syz.3.901': attribute type 1 has an invalid length. [ 231.835705][ T24] usb 6-1: USB disconnect, device number 10 [ 231.859962][ T24] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 231.877062][ T9242] syzkaller0: entered promiscuous mode [ 231.879422][ T9242] syzkaller0: entered allmulticast mode [ 232.101040][ T9245] syzkaller0: entered promiscuous mode [ 232.103663][ T9245] syzkaller0: entered allmulticast mode [ 232.274986][ T9253] netlink: 4 bytes leftover after parsing attributes in process `syz.2.906'. [ 232.288477][ T9253] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 232.309910][ T9247] loop2: detected capacity change from 0 to 7 [ 232.324544][ T5942] Dev loop2: unable to read RDB block 7 [ 232.328369][ T5942] loop2: unable to read partition table [ 232.330796][ T5942] loop2: partition table beyond EOD, truncated [ 232.335089][ T9247] Dev loop2: unable to read RDB block 7 [ 232.342394][ T9247] loop2: unable to read partition table [ 232.352888][ T9247] loop2: partition table beyond EOD, truncated [ 232.358664][ T9247] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 232.816073][ T9268] loop2: detected capacity change from 0 to 7 [ 232.817071][ T5948] Dev loop2: unable to read RDB block 7 [ 232.817092][ T5948] loop2: unable to read partition table [ 232.817182][ T5948] loop2: partition table beyond EOD, truncated [ 232.825050][ T9268] Dev loop2: unable to read RDB block 7 [ 232.825074][ T9268] loop2: unable to read partition table [ 232.825290][ T9268] loop2: partition table beyond EOD, truncated [ 232.825305][ T9268] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 232.910705][ T5944] Bluetooth: hci2: command 0x0419 tx timeout [ 233.493572][ T9278] input: syz1 as /devices/virtual/input/input15 [ 234.027637][ T10] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 234.346023][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 234.537238][ T10] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 234.540074][ T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 234.543133][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 234.547475][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 234.550575][ T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 234.554703][ T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 234.558067][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.607787][ T9283] team0 (unregistering): Port device team_slave_0 removed [ 234.614388][ T9283] team0 (unregistering): Port device team_slave_1 removed [ 234.742434][ T9285] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 234.745189][ T9285] IPv6: NLM_F_CREATE should be set when creating new route [ 234.747326][ T9285] IPv6: NLM_F_CREATE should be set when creating new route [ 234.751425][ T9285] ------------[ cut here ]------------ [ 234.753314][ T9285] i != fen6_info->nsiblings [ 234.753323][ T9285] WARNING: drivers/net/netdevsim/fib.c:831 at nsim_fib_event_nb+0xbc1/0xe40, CPU#2: syz.1.913/9285 [ 234.759172][ T9285] Modules linked in: SYZFAIL: failed to recv rpc [ 234.761865][ T9285] CPU: 2 UID: 0 PID: 9285 Comm: syz.1.913 Tainted: G L syzkaller #0 PREEMPT(full) fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 234.766591][ T9285] Tainted: [L]=SOFTLOCKUP [ 234.768192][ T9285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 234.771922][ T9285] RIP: 0010:nsim_fib_event_nb+0xbc1/0xe40 [ 234.773800][ T9285] Code: 20 48 8b 6c 24 28 e8 4e 29 df fa e8 49 29 df fa 44 89 fe 44 89 ef e8 2e 23 df fa 45 39 fd 0f 84 6a fd ff ff e8 30 29 df fa 90 <0f> 0b 90 e9 5c fd ff ff e8 22 29 df fa 48 c7 c7 c0 ad 5b 8c e8 c6 [ 234.778878][ T10] usb 7-1: GET_CAPABILITIES returned 0 [ 234.780025][ T9285] RSP: 0018:ffffc900068df010 EFLAGS: 00010283 [ 234.782014][ T10] usbtmc 7-1:16.0: can't read capabilities [ 234.783882][ T9285] RAX: 0000000000002368 RBX: ffffc900068df150 RCX: ffffc9000c001000 [ 234.783895][ T9285] RDX: 0000000000080000 RSI: ffffffff87272150 RDI: ffff888029028018 [ 234.783903][ T9285] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 234.783911][ T9285] R10: 0000000000000002 R11: 0000000000000000 R12: ffff888026337000 [ 234.783919][ T9285] R13: 0000000000000002 R14: ffff88802847a580 R15: ffff888029028000 [ 234.783927][ T9285] FS: 0000000000000000(0000) GS:ffff8880975e3000(0063) knlGS:00000000f5426b40 [ 234.783955][ T9285] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 234.804273][ T9285] CR2: 00000000ff8ff034 CR3: 0000000076a97000 CR4: 0000000000352ef0 [ 234.807043][ T9285] Call Trace: [ 234.808132][ T9285] [ 234.809121][ T9285] notifier_call_chain+0x99/0x3b0 [ 234.810746][ T9285] atomic_notifier_call_chain+0x71/0x1c0 [ 234.812556][ T9285] call_fib_notifiers+0x33/0x70 [ 234.814168][ T9285] call_fib6_multipath_entry_notifiers+0x112/0x170 [ 234.816770][ T9285] ? __pfx_call_fib6_multipath_entry_notifiers+0x10/0x10 [ 234.819021][ T9285] ? find_held_lock+0x2b/0x80 [ 234.820899][ T9285] ? ip6_route_multipath_add+0x11e2/0x1ba0 [ 234.822796][ T9285] ? ip6_route_multipath_add+0x11e2/0x1ba0 [ 234.824665][ T9285] ip6_route_multipath_add+0x128f/0x1ba0 [ 234.826572][ T9285] ? __pfx_ip6_route_multipath_add+0x10/0x10 [ 234.828514][ T9285] ? kasan_quarantine_put+0x104/0x240 [ 234.830290][ T9285] ? lockdep_hardirqs_on+0x78/0x100 [ 234.832287][ T9285] ? inet6_rtm_newroute+0xf5/0x160 [ 234.834403][ T9285] inet6_rtm_newroute+0xf5/0x160 [ 234.836720][ T9285] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 234.839088][ T9285] ? __lock_acquire+0x4a5/0x2630 [ 234.841243][ T9285] ? find_held_lock+0x2b/0x80 [ 234.843279][ T9285] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 234.845493][ T9285] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 234.847781][ T9285] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 234.850102][ T9285] rtnetlink_rcv_msg+0x95e/0xe90 [ 234.852184][ T9285] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 234.854523][ T9285] ? ref_tracker_free+0x37e/0x6c0 [ 234.856891][ T9285] netlink_rcv_skb+0x159/0x420 [ 234.858970][ T9285] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 234.861504][ T9285] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 234.863636][ T9285] ? netlink_deliver_tap+0x1ae/0xcc0 [ 234.865495][ T9285] netlink_unicast+0x5aa/0x870 [ 234.867488][ T9285] ? __pfx_netlink_unicast+0x10/0x10 [ 234.869234][ T9285] netlink_sendmsg+0x8b0/0xda0 [ 234.870770][ T9285] ? __pfx_netlink_sendmsg+0x10/0x10 [ 234.872471][ T9285] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 234.874565][ T9285] ____sys_sendmsg+0xa54/0xc30 [ 234.876273][ T9285] ? __pfx_____sys_sendmsg+0x10/0x10 [ 234.877980][ T9285] ? futex_unqueue+0x133/0x2c0 [ 234.879517][ T9285] ___sys_sendmsg+0x190/0x1e0 [ 234.881045][ T9285] ? __pfx____sys_sendmsg+0x10/0x10 [ 234.882728][ T9285] ? __pfx___futex_wait+0x10/0x10 [ 234.884351][ T9285] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 234.886413][ T9285] ? find_held_lock+0x2b/0x80 [ 234.887952][ T9285] __sys_sendmmsg+0x2ff/0x430 [ 234.889660][ T9285] ? __pfx___sys_sendmmsg+0x10/0x10 [ 234.891586][ T9285] ? __secure_computing+0x1e4/0x2c0 [ 234.893406][ T9285] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 234.895205][ T9285] __do_fast_syscall_32+0xde/0x660 [ 234.897000][ T9285] do_fast_syscall_32+0x32/0x70 [ 234.898571][ T9285] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 234.900628][ T9285] RIP: 0023:0xf73fd579 [ 234.901991][ T9285] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 234.908313][ T9285] RSP: 002b:00000000f542650c EFLAGS: 00000292 ORIG_RAX: 0000000000000159 [ 234.910974][ T9285] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00000000800002c0 [ 234.913490][ T9285] RDX: 000000000000009f RSI: 0000000000000000 RDI: 0000000000000000 [ 234.916024][ T9285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 234.918486][ T9285] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 234.921037][ T9285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 234.923560][ T9285] [ 234.924569][ T9285] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 234.926901][ T9285] CPU: 2 UID: 0 PID: 9285 Comm: syz.1.913 Tainted: G L syzkaller #0 PREEMPT(full) [ 234.930211][ T9285] Tainted: [L]=SOFTLOCKUP [ 234.931576][ T9285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 234.934848][ T9285] Call Trace: [ 234.935903][ T9285] [ 234.936859][ T9285] dump_stack_lvl+0x100/0x190 [ 234.938357][ T9285] vpanic+0x20d/0x630 [ 234.939634][ T9285] panic+0xd1/0xd1 [ 234.940829][ T9285] ? __pfx_panic+0x10/0x10 [ 234.942236][ T9285] check_panic_on_warn.cold+0x19/0x34 [ 234.943931][ T9285] ? nsim_fib_event_nb+0xbc1/0xe40 [ 234.945583][ T9285] __warn.cold+0x191/0x2f8 [ 234.947036][ T9285] __report_bug+0x296/0x3d0 [ 234.948489][ T9285] ? nsim_fib_event_nb+0xbc1/0xe40 [ 234.950163][ T9285] ? __pfx___report_bug+0x10/0x10 [ 234.951765][ T9285] ? nsim_fib_event_nb+0xbc1/0xe40 [ 234.953438][ T9285] report_bug+0xb2/0x220 [ 234.954803][ T9285] ? nsim_fib_event_nb+0xbc1/0xe40 [ 234.956447][ T9285] handle_bug+0x166/0x2a0 [ 234.957847][ T9285] exc_invalid_op+0x17/0x50 [ 234.959310][ T9285] asm_exc_invalid_op+0x1a/0x20 [ 234.960892][ T9285] RIP: 0010:nsim_fib_event_nb+0xbc1/0xe40 [ 234.962729][ T9285] Code: 20 48 8b 6c 24 28 e8 4e 29 df fa e8 49 29 df fa 44 89 fe 44 89 ef e8 2e 23 df fa 45 39 fd 0f 84 6a fd ff ff e8 30 29 df fa 90 <0f> 0b 90 e9 5c fd ff ff e8 22 29 df fa 48 c7 c7 c0 ad 5b 8c e8 c6 [ 234.968824][ T9285] RSP: 0018:ffffc900068df010 EFLAGS: 00010283 [ 234.970739][ T9285] RAX: 0000000000002368 RBX: ffffc900068df150 RCX: ffffc9000c001000 [ 234.973259][ T9285] RDX: 0000000000080000 RSI: ffffffff87272150 RDI: ffff888029028018 [ 234.975833][ T9285] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 234.978326][ T9285] R10: 0000000000000002 R11: 0000000000000000 R12: ffff888026337000 [ 234.980821][ T9285] R13: 0000000000000002 R14: ffff88802847a580 R15: ffff888029028000 [ 234.983357][ T9285] ? nsim_fib_event_nb+0xbc0/0xe40 [ 234.985009][ T9285] notifier_call_chain+0x99/0x3b0 [ 234.986664][ T9285] atomic_notifier_call_chain+0x71/0x1c0 [ 234.988535][ T9285] call_fib_notifiers+0x33/0x70 [ 234.990115][ T9285] call_fib6_multipath_entry_notifiers+0x112/0x170 [ 234.992209][ T9285] ? __pfx_call_fib6_multipath_entry_notifiers+0x10/0x10 [ 234.994382][ T9285] ? find_held_lock+0x2b/0x80 [ 234.995890][ T9285] ? ip6_route_multipath_add+0x11e2/0x1ba0 [ 234.997700][ T9285] ? ip6_route_multipath_add+0x11e2/0x1ba0 [ 234.999557][ T9285] ip6_route_multipath_add+0x128f/0x1ba0 [ 235.001355][ T9285] ? __pfx_ip6_route_multipath_add+0x10/0x10 [ 235.003295][ T9285] ? kasan_quarantine_put+0x104/0x240 [ 235.005030][ T9285] ? lockdep_hardirqs_on+0x78/0x100 [ 235.006720][ T9285] ? inet6_rtm_newroute+0xf5/0x160 [ 235.008370][ T9285] inet6_rtm_newroute+0xf5/0x160 [ 235.009992][ T9285] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 235.011777][ T9285] ? __lock_acquire+0x4a5/0x2630 [ 235.013438][ T9285] ? find_held_lock+0x2b/0x80 [ 235.014894][ T9285] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 235.016697][ T9285] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 235.018327][ T9285] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 235.020093][ T9285] rtnetlink_rcv_msg+0x95e/0xe90 [ 235.021715][ T9285] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 235.023482][ T9285] ? ref_tracker_free+0x37e/0x6c0 [ 235.025123][ T9285] netlink_rcv_skb+0x159/0x420 [ 235.027069][ T9285] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 235.029433][ T9285] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 235.031706][ T9285] ? netlink_deliver_tap+0x1ae/0xcc0 [ 235.033775][ T9285] netlink_unicast+0x5aa/0x870 [ 235.035785][ T9285] ? __pfx_netlink_unicast+0x10/0x10 [ 235.037994][ T9285] netlink_sendmsg+0x8b0/0xda0 [ 235.039957][ T9285] ? __pfx_netlink_sendmsg+0x10/0x10 [ 235.042082][ T9285] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 235.044319][ T9285] ____sys_sendmsg+0xa54/0xc30 [ 235.046308][ T9285] ? __pfx_____sys_sendmsg+0x10/0x10 [ 235.048024][ T9285] ? futex_unqueue+0x133/0x2c0 [ 235.049585][ T9285] ___sys_sendmsg+0x190/0x1e0 [ 235.051268][ T9285] ? __pfx____sys_sendmsg+0x10/0x10 [ 235.053411][ T9285] ? __pfx___futex_wait+0x10/0x10 [ 235.054960][ T9285] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 235.057372][ T9285] ? find_held_lock+0x2b/0x80 [ 235.059273][ T9285] __sys_sendmmsg+0x2ff/0x430 [ 235.061042][ T9285] ? __pfx___sys_sendmmsg+0x10/0x10 [ 235.063109][ T9285] ? __secure_computing+0x1e4/0x2c0 [ 235.065242][ T9285] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 235.067633][ T9285] __do_fast_syscall_32+0xde/0x660 [ 235.069850][ T9285] do_fast_syscall_32+0x32/0x70 [ 235.071917][ T9285] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 235.074570][ T9285] RIP: 0023:0xf73fd579 [ 235.076126][ T9285] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 235.083709][ T9285] RSP: 002b:00000000f542650c EFLAGS: 00000292 ORIG_RAX: 0000000000000159 [ 235.087289][ T9285] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00000000800002c0 [ 235.090603][ T9285] RDX: 000000000000009f RSI: 0000000000000000 RDI: 0000000000000000 [ 235.093425][ T9285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 235.096748][ T9285] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 235.099993][ T9285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 235.103327][ T9285] [ 235.105068][ T9285] Kernel Offset: disabled [ 235.106394][ T9285] Rebooting in 86400 seconds..