last executing test programs: 2.95632768s ago: executing program 0 (id=627): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x94, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x94}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0xa4, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x10, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e21}]}]}]}, 0xa4}}, 0x0) 2.826752431s ago: executing program 0 (id=629): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) epoll_wait(0xffffffffffffffff, &(0x7f0000000080)=[{}, {}], 0x2, 0x8) 2.144256644s ago: executing program 4 (id=639): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0xfffff000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.980164973s ago: executing program 4 (id=642): r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f00000002c0)={0xf0f045, 0x800}) poll(&(0x7f0000000140)=[{r0, 0x19f23}], 0x1, 0x1fffffc) poll(&(0x7f0000000040)=[{r0, 0x40}], 0x1, 0xfffffffc) 1.902962807s ago: executing program 1 (id=643): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000000)) 1.805152418s ago: executing program 4 (id=644): r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0) syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f0000000040)=ANY=[], 0x0) ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, 0x0) ioctl$SNAPSHOT_FREE(r0, 0x3305) 1.751756503s ago: executing program 1 (id=645): ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0) shmget$private(0x0, 0x4000, 0x0, &(0x7f0000b3b000/0x4000)=nil) shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) unshare(0x8020400) 1.719048147s ago: executing program 0 (id=647): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x80000004, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000640)={0x1, &(0x7f0000000680)=[{0x6, 0x0, 0x0, 0x2}]}, 0x10) listen(r0, 0xb) 1.623515991s ago: executing program 3 (id=648): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000002c0)={0x6, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1c) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000040)={0x0, 0x8, 0x5c}) 1.549479124s ago: executing program 0 (id=649): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) inotify_rm_watch(0xffffffffffffffff, 0x0) 1.548387473s ago: executing program 1 (id=650): openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0xc0, 0x61) r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) mount(&(0x7f0000000500)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000040)='udf\x00', 0x8007, 0x0) ioctl$NBD_CLEAR_SOCK(r0, 0x1261) 1.490047429s ago: executing program 3 (id=652): r0 = syz_io_uring_setup(0x1b49, &(0x7f0000000180)={0x0, 0xffffffff, 0x30c0, 0x1, 0x18b}, &(0x7f0000000100), &(0x7f0000000140)) r1 = epoll_create(0xaf2) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0xe000200f}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)={0x11}) 1.082824942s ago: executing program 3 (id=653): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, 0x0}], 0x1, 0x48, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 1.002060897s ago: executing program 3 (id=655): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @dev={0xac, 0x14, 0x14, 0x11}}, 0xc) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000002c0)={0x6, {{0x2, 0x0, @multicast2}}}, 0x88) getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000000)=""/137, &(0x7f0000695ffc)=0xbf) 907.196146ms ago: executing program 0 (id=656): r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000001080), 0x2002, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000040)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000080), 0x2) write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f0000000180)={0x2, 0x4}, 0x2) 866.035653ms ago: executing program 4 (id=658): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="12000000050000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 807.100894ms ago: executing program 3 (id=659): r0 = socket$tipc(0x1e, 0x2, 0x0) connect$tipc(r0, &(0x7f0000003100)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10) sendmmsg$inet(r0, &(0x7f0000002f40)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000002c0)="91199893b794f675ec88239fef317c764ee3a8ecbdc2a8c32d46f77944d1de9f924d05d3566b8eb8f5750393c669559d05543efa2927ef0d2b10e3d4f8541f34e1c7c8ca2d1e811f67f3dc50fdd469af72a49e684e28a364f5da124dff2b55a5536aa670b82da70bf0f19cd420371848ddc41d65649fde307c1971599f2fec84845e32bb2b6ebda099de12e8b64842024389524a1c5a97608000d1030d99e2a6e23a0bc8", 0xa4}, {&(0x7f0000000380)="11a68683394e1541cc444dff7adf30f079408cb066a6f8f4d33c4f11850de78c586d1a2ccff92e8e83fb82e447d9b88de42182e9e8c97415f41ef8a504215a2b2fdb1404c9659fdb988d0f527c3675cf2b", 0x51}, {&(0x7f0000000400)="875ad17d55c11f1ea6ec6cd17661afc73209e32142961e4660591bf3ca40d05a507ac0b0e71f7ed4c63f52a003cc8102f20dc6e33b5dc6de64ac815cf87867507cc072f0cb762aa5deb8731a699d3c7c69f85266ba51eb244f20129de491adaeb0c2d2eb13c1f215ddff92b05148f0ad513018b14798e45e55ecb916d4dd89f2df7e33c470998f325bf453f929d86196", 0x90}, {&(0x7f00000004c0)="1273dd9951adeaefffe3c4957c86dbff8693adf2202b620b3aec000cf330bb7249", 0x21}, {&(0x7f0000000500)="4167c4fd9ea8b423c01e798bbd631e888a04e31e6865a2d55b31833b82989759c0f3241bb5ebe979636a5f22244112d95d11a07cb172724ec37ef9faaf227d64f5190c9d82dfe194b2cf6d77e917e513170fa1e8e4c82dd9898b4ad23e677261595ec62844104d7ca15aa7eec90685ad92f2cd5b745910e47d703315a0d1d3a6d143575da2604e54bb1ddb295e590a1392770befa52aaf1651d375682bcf94e5da4ea37e1cde1d2a80890d896cfe4d08801bc50d9bc08480de2b2710b694ff7fb5bda12cd8a8cb8dc18bf0c265b71aef50ec0ee22e1968a4f3487d8487026bc2b721692064dcfdd1b6b6aec3e8da3d0ab7d3cc51e2db33c169e6354ea425fbfc1bc39057e64d3aff3749d60edcf0a50fe0e973b5ee3a7cd45ad967564fdbc9832869346037dabe420448b5089ab553c2c87e94befac8d3a0c2a56ca2ab778c2f34f571217c837580e8a524db35baea8024482bb32306182faaf39bb1c4e992c4440889e274952ed3d17d5e87224fec8048e6b7344270e046ab2fdda270ad4e5f651fd6eede5d42d9599265520d45d6f500fd733372a62ab4f496b56839b0d6418961a3b6016c26409daba4f2beeceeb38cc6ba75f57e8ee45d8a6c2ecc031c9469d937b9d7db91ded158ebd7f7d512d445f4104130a429ce7fce52d3fec37df953fc6e6adaa781b820b4bb6d4ffd2c10a16f9583890118793bae09157d3ac5625ad8e66a367488e2722bb82161661711d91a5540a92e3de7506861875575d40465cda28989cbc46fb3d80c2bc7e96afbde1cbd2e89103c55bde669c77b774ea570b26e93a1be5e50269ea5f3355869ac5a9701ac0e7d8f69b0a3186e118c6e2ce8e946c95bd729d94d237e5915e2711cc82826f147176a8a0555b9e11fb9a8ad736d016d202cea43b10a5102e48387ab70069b876051ac0557528c14748aa9cc0e0d9bf512533bdc83610d9f801ec4ed512a4a877e2f45b0cbe87ee25a314d481153eefe8643fb2f3e0478353552b0ae863635ab12e7bf0e4f046e8ba9cb7ce3189d52b2a27ff9e4eb5bf8b12d09d610705eec149589bdd38c951de63de4e3065e45eeb261a72c980349387514cb42467e1fe5812abaf4670e993c6fb561e5cccf7a472ee874bbfe73412bc63f706424f174afd1a3f16fb8b8305d932d33ab211d473d210b87e2f20b6ba951a2b98206793c04516fd57fc7365cec4a1831548470ebefe7f9487cc7b287b2f45eb69b4e165b9f3404d8ac84b2b57ace34de669a85fd885ecb055a6fd2ba5d5396737c702c082bfb35f3ccace91eacfc7a71b2bca1e228170ad6d194aa7c2dc2cf5f0bce153ac1befb2b82e6cf1f12d28812e309f5da0dbe1cad03172d296fa13247b1952ec988316f668aa65e1ca7e9e383b115ce5c25130955c118a0b4567bd180c07ce18bd0c459cc33ed7ba1c43262034a60711315ed81bbc95b7e3088dbd22b976fcd18bae330f08c89236f770478305fac20b5d9bd5cbc98c5c0f9713345c7362bc0e0bc78d212433bcdc6142989bc6ab82160df897825aa906d739dac905a434c90b2cbc72223011ea11480278b681cdcdf5fa63ac5f8b8f1f3ef7d4eb02f422e9fc52b98163630cd2f130f076a33bb011bb8e42800c9475f5cbee042b79fda44b6432b126f085a17553b82d9cae519ec239a9cccb99444f24b8f11e255e31e0d53a28e36949a3f8238c2ea3f4e3d8cf3b85b031c962504d00a4e7928b5fa2fab311bcc54d68738086ce70a8e5bdaf425033036a85e59aa3bb1b01f8b6c6a2e221c69e48565b55a196b2dc9cb067b4ccf8a7c81e31795a8b74e8940455126f19c8bbb9b941cc66c9443fd13e20c2074a9c3bc1740262c1fcb8e9ca5ac5729dfe6e25561eba41ccae8ca2e851affc1ab4ec912925ef7ccf72e97c577413260ccda170d75741336f837258a59da907460a2917f652c6e4ebc0467da8a95f2ceae9afcc4e0d1f4b95fc68b2f5e32af96fb12a8e7f3140dd235a30e5ad94e78cf58ad75ca8a871a70820090ba510e7563c0f78cf364369a51fa6683ff8d24924ceb922927eb0ba1395b7a4f37d92913a9688ef8428a887f1161f10aeab749f5ea8ca24e579008f542a9b785841dae071b94b5a8ba79985930f60ac2c93aa002d84b212e2e2b6c9c2a0694595dad99fd1f27d0044481ef5b364a059599ef982a114a61094b3b7d0f9a7b78d7615cc8573430e676987ab7421fde9abeb29e4529beb6a2724bed86a7b1d27ee73585892f083fad4307696a4166356b9c20a9579bbf3e8cda9ad7ec2b2bb973d05cf8d9457dc03eee2cfbf630dd917768ae652c0627e32ebb4c62951dfbd8e074dfdf02c5517ace50d5813c8d8d7f1fc0fc63a4fae5c2bcf26560c627500e03692384630be287790d545403adc500ef732d66e269b8b051aa57bb865a9b709c7a0426188daf29caf1d062b104592b4f6acc86895956d8085424dba0bfafdf900419f2227db1eca75b338091d23da2067566c6d54de1604bf8d4cce8a0b4484c4645a305861bc46ebccafbe500e01d51236b40027d1b2c7a72937b15899bb982c880d83ed6b70502bd0d68d2a2146a85c6518a11c386df610243ec513e7a284a81c841f9201ee3b9d3a8f44cdf52ec842e07c1f2f35e2a5b17278dce1f9b7fa09866ecb0d2e78fc8095b7dee81d3e308fd10a1490036194bfa89c118bd9c72d4747b90724d7bd0a7ead28c89c23cc6667c1a8b362ca5385d24b2c1265957764a4e46176365a5348bcf85c457921e7fa6c9e165b6c4d8bd9e8782c96839a5fd2679cd08f656ca5b41d00f8429d517a0d776049918e73b4a258fd2a1576b6420b67fc9ff3520556881ef4838e973f552edebde686af1d55e6172e5bb9b01543d32c0c7753b380dd9ed3f5c0b663a9b1bcb4bd36a365172aeee96a8d69c1e5c5b6c88fc9453ace6aa24bdfc1cfa27ea8cc36c80cace296259545a4e155d154ccbf00ae4ff912c583c871b7cdb46813584ea14bb6943d16b3f12e8fe149076e5e646e1dca0bf121a2e2fa09816e9056aa1143988ff17c21c49981445d98d88fd4bba6a59d9f97d301d90e3754103389b36308713c1ba31031e42f2d759343a95bbae9c01a3bb3e6b537b658d1c028c8ec3126bf79db223a3320e25a671ef834c924f02c1bbab338517accb8378f945cb1d65d4dff90f1e3af8168e33a5a124aef715b656075f6a62099afa110f2fe5eb83e0b3e36df91be2125be6500e5f3a81f8bc116f42734c784f6bb6c7e968610243b06026a9def4e85f8344fae36602aa3795cf71ecf7e57a3da0bef859daf649abc6390e86edaa84eefe48999ddba9067b90dd5ea2477f150ab588dadfe79ab7524157d1b94c738ca3345ce8657bfac981cb30b7c0f05f96dafcdce3e41471943609b121de1eda3e95a1c31bada084beec699512c7d5cec71e06a57c177ca1f383120bf46a9c805c9220d3d0c6807d60e6b7f9c80de1d815bdf1ebe62338862719eab55ef4971a69c76aa2f25c3c9d0c2e5c7857a86f9ab26c3c6aa395f2c366548f60a40abbe14dd011358d9b3695b8a091e16552478aeee1e2e91abd67deeb15732f428c3304a2bf2e4cbb3768875b35d126ca46d29e506ee1e0aba7a17eba27c19d7626064c0a17d7ee7f2f220e5e28bd7d691dffa84f2a2f92c924b87da382ae9a688ad4322fa0cc72604fc43e17002b8f3844a7431205de46818310d0fcf4676f45c9941dde767c9a4376e13cd7e91308cc0df25a4c79e390674fa0161695cc9e9bee12620d8571a4b3800370cd01bf0546758a048563539edf15d58b108159ea5fe0f038281c7855bbd92cc86de38df60b8597f4bce4ae9cae1647b5024bfb73630cdf4d1827a5f0ff779a1e6c6efbc6561d06b249986703b9dc61a63e2068e4786e6a8be34a808143301ef00f21bee8399d88ecffddb4867790d4d1cbe827a5a220834ba831d3ba424ff8fc9a99b175d2feca9f581e24bb69bdc4f64a6ea0c9c37d6976d15e9388519a2bed100a2a8358215a8b63b6e25a677875ee2bc3fd9c77783b39a166b863376b496775b83804a2c7f5363cca9ade819034afc2f7b40ffc316089556dec2e55e1bd92c9b905d6b1b9160d6c492d4384acd7e380874939b1ab02dbbacfbedd74cd524b4eab643e8b92d38d9fae446afd8d774d1c933bce8c341f0ff283acec3bbbbfdb06a15eb88ca6600542dda45334a374e31bae", 0xba7}], 0x5}}], 0x300, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x3, 0x3}, 0x10) 794.236783ms ago: executing program 0 (id=660): r0 = semget$private(0x0, 0x6, 0x0) semtimedop(r0, &(0x7f0000000040)=[{0x0, 0xfffd}], 0x1, 0x0) semop(r0, &(0x7f00000000c0)=[{0x0, 0xfffd}], 0x1) semtimedop(r0, &(0x7f0000000440)=[{0x0, 0x8}, {}], 0x2, &(0x7f0000000480)={0x0, 0x3938700}) 691.092998ms ago: executing program 2 (id=661): r0 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000100)={0x0, 0x11, r1, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000fc0)={0x0, 0x0, r1, r2, 0x9c, 0x6, 0x5f, 0xfcde, {0x7, 0x800, 0x81, 0x7, 0x2, 0xbc2, 0xd, 0x8, 0x7, 0x7, 0xd, 0x0, 0x7fff, 0x80000000, "a3f1d6cb5d9bbcf55d6e4889c09b0237d47a019646535f7a5b5fbc1d00"}}) 604.383998ms ago: executing program 3 (id=662): r0 = syz_io_uring_setup(0x88c, &(0x7f0000000140)={0x0, 0x35a, 0x0, 0x20000002, 0xbfdffffc}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x10, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x1}}) io_uring_enter(r0, 0x47f6, 0x0, 0x2, 0x0, 0x0) 593.139122ms ago: executing program 4 (id=663): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x34, r1, 0x5, 0x100000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @crypto_settings=[@NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0xc, 0x49, [0xfac0a, 0xfac09]}]]}, 0x34}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000800) 523.182868ms ago: executing program 2 (id=664): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe) 497.858311ms ago: executing program 4 (id=665): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x600) 472.498663ms ago: executing program 1 (id=666): unshare(0x22020600) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000001680)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c0000009500000000000000eb4779fcbb3e3bbff2971871b1b1c0b4f0fca28377f3aa77d6c8d949060c54d53bd61b3561319f7b346f8cadae05957ee562fe28a5d0b564a59c30cb37ebb90e516d9c72b9d81817f7a04496e4261b41dae579bd93d38e2740ac98d6108c318a35d29534fd3c6bf14ef7a5c59c3d48f092e6b6bb43ec765d850f71052de0718c08"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r1}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0) 395.05479ms ago: executing program 2 (id=667): r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000010010000000ffdbdf2530000000", @ANYRES32=r2, @ANYBLOB="20000000000000001c0012800b0001006d616373656300000c00028005000f"], 0x3c}}, 0x0) 227.182941ms ago: executing program 2 (id=668): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000240)='kfree\x00', r0, 0x0, 0x800000000}, 0x18) r1 = memfd_create(&(0x7f0000000900)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b \x00\x00\x00\x00\x00\x00\x01\x00\x00\xf7\xffg\xf5\x12oP\xfe\xe6\xd2SLR\xa1\x00\x00\x17\x1f$^\xe1\x00\x00\x00\x00\x00\x00\a\xff;\xeb\xf1\xd0\xce\xe5\x19\x12\b\x01\xd9\xae>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xdcc\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x05\x00\xfd\xc7\x00\x00\x00\x00\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4h$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?P\xac\x86\x13b\xa8D\x0f\x93\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\x9b\xcc\x9b\f\xa7\x8f9\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hCu\x01\x00\x00\x00\x00\x00\x00\x00\x04K%yH\xe5\xf4\x8b\x03Ca8\x1e\xe9\\#\xf8O\fw\xd9\xf5cF\xcc\x1a2ex\xb4\x0fi$\x97\x81.\x02\x04m\xfbT2\xd4\"\x1e\xf0\x16\x0f\x97\xe6j}J\xca\xb8)f\xd5\xfd>\x9bU\xb0\x03Zt0\xc0b\xad\xef@o\xc1\xd6\x17T\f\xc30\xe2\x89\xf6L\x1b1\x9c\t\xa7\x80\x1b:\xbb\x04\xd7\xd1\x06\xa0\xe9\xbah\xb6\xb2\xea/{Q\xca\x14\x13\x9ajWt\xc9\xecd\r\xd5)\x1d\xaf\n\xc0\xc1\x1d}DY\x95&\xe7\xf4U\xff\xcd&\a\x9f\x1bg\xe5|~\xc1\xc5n\x12%ur\xa1\x9e`\xc2\x01\b,\x18\xaf\xccD\xdeag\xc6\xf3\xd6\x94\x9d\xae\x8bl\xee\x7fu\xe5bu\x84\x04\xb3@\xa1\xf7\xc6\x13\xf9I\xfa\x12\xfc\x96\",aT\xfd\"\x01\x92\xb1\xbf\x8a\x15\x88\xfd\x8f\x88\x87\x82\x9c:L\xd2\xb8\xfa5\x066\x82\xf3_LUr\xfa\xd2\x99d \x97c9G\x99\xe3\xcc$\x96cu\x97\xe7\xc7a\tm\xe8F\xc7j\xf8\x98\x81\xe7\xf7\xab3F\xf4u\xdaav\xd21\v\x99HG\xdfx\x1cPl\t#\xc1\x8e\xddW\x00'/668, 0x7) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x80}) 197.447964ms ago: executing program 1 (id=669): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0xfffff000) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) mremap(&(0x7f0000807000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000ffe000/0x1000)=nil) mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil) 99.249165ms ago: executing program 2 (id=670): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000000)='/proc\x02\x00et/\xfd\xffv4\x00\x00s/\x98\x8d\x9b\xbc\x00\x00le\xf44\x8cm\xa0\x00\xd1l,\x00\x00\x00\x00'}, 0x30) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x3, 0x0, &(0x7f0000000000)) 14.171679ms ago: executing program 1 (id=671): r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x3, &(0x7f00000000c0)={{0x0, 0x989680}, {0x77359400}}, 0x0) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) readv(r0, &(0x7f0000000080)=[{&(0x7f00000016c0)=""/149, 0x95}], 0x1) 0s ago: executing program 2 (id=672): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xb, 0x2, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) request_key(0x0, 0x0, 0x0, 0xfffffffffffffff8) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.102' (ED25519) to the list of known hosts. [ 65.945136][ T5805] cgroup: Unknown subsys name 'net' [ 66.119094][ T5805] cgroup: Unknown subsys name 'cpuset' [ 66.128426][ T5805] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 67.507609][ T5805] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 69.984900][ T5820] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.004908][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.007177][ T5831] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 70.013108][ T5827] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.020243][ T5831] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.029057][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.042264][ T5827] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.046304][ T5831] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.056857][ T5827] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 70.064852][ T5827] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.072361][ T5831] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.073362][ T5827] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.087244][ T5831] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.087768][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.101859][ T5830] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 70.103130][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.109973][ T5830] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 70.119681][ T5834] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.125358][ T5830] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 70.130898][ T5138] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.147600][ T5834] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 70.169337][ T5834] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 70.177366][ T5834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 70.192879][ T5834] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 70.206648][ T5834] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 70.770415][ T5816] chnl_net:caif_netlink_parms(): no params data found [ 70.863432][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 70.962141][ T5815] chnl_net:caif_netlink_parms(): no params data found [ 70.993057][ T5822] chnl_net:caif_netlink_parms(): no params data found [ 71.023883][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 71.202032][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.210155][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.217845][ T5823] bridge_slave_0: entered allmulticast mode [ 71.225015][ T5823] bridge_slave_0: entered promiscuous mode [ 71.233086][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.240431][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.247868][ T5816] bridge_slave_0: entered allmulticast mode [ 71.254846][ T5816] bridge_slave_0: entered promiscuous mode [ 71.297302][ T5815] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.304453][ T5815] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.312532][ T5815] bridge_slave_0: entered allmulticast mode [ 71.320565][ T5815] bridge_slave_0: entered promiscuous mode [ 71.329221][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.337524][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.344683][ T5823] bridge_slave_1: entered allmulticast mode [ 71.353611][ T5823] bridge_slave_1: entered promiscuous mode [ 71.360864][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.368134][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.375271][ T5816] bridge_slave_1: entered allmulticast mode [ 71.382696][ T5816] bridge_slave_1: entered promiscuous mode [ 71.429300][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.435774][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.454895][ T5815] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.462497][ T5815] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.471702][ T5815] bridge_slave_1: entered allmulticast mode [ 71.478898][ T5815] bridge_slave_1: entered promiscuous mode [ 71.522842][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.530187][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.537647][ T5822] bridge_slave_0: entered allmulticast mode [ 71.545398][ T5822] bridge_slave_0: entered promiscuous mode [ 71.552803][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.562072][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.569318][ T5828] bridge_slave_0: entered allmulticast mode [ 71.576392][ T5828] bridge_slave_0: entered promiscuous mode [ 71.618941][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.626501][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.633646][ T5822] bridge_slave_1: entered allmulticast mode [ 71.641615][ T5822] bridge_slave_1: entered promiscuous mode [ 71.648703][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.656555][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.663689][ T5828] bridge_slave_1: entered allmulticast mode [ 71.670817][ T5828] bridge_slave_1: entered promiscuous mode [ 71.691866][ T5815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.703944][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.716224][ T5816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.766607][ T5815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.779548][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.805164][ T5816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.816531][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.829822][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.841130][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.853598][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.932801][ T5823] team0: Port device team_slave_0 added [ 71.976618][ T5815] team0: Port device team_slave_0 added [ 71.984720][ T5823] team0: Port device team_slave_1 added [ 71.993666][ T5816] team0: Port device team_slave_0 added [ 72.002231][ T5822] team0: Port device team_slave_0 added [ 72.012709][ T5828] team0: Port device team_slave_0 added [ 72.021488][ T5815] team0: Port device team_slave_1 added [ 72.041367][ T5816] team0: Port device team_slave_1 added [ 72.058751][ T5822] team0: Port device team_slave_1 added [ 72.068749][ T5828] team0: Port device team_slave_1 added [ 72.110500][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.117841][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.144006][ T5816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.190177][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.197438][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.223806][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.235151][ T5829] Bluetooth: hci3: command tx timeout [ 72.235155][ T5834] Bluetooth: hci2: command tx timeout [ 72.235588][ T5829] Bluetooth: hci0: command tx timeout [ 72.240822][ T5834] Bluetooth: hci1: command tx timeout [ 72.251393][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.264045][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.290342][ T5816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.305878][ T5834] Bluetooth: hci4: command tx timeout [ 72.328423][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.335387][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.361489][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.374794][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.381813][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.408373][ T5815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.420239][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.427265][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.453240][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.478053][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.485028][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.511934][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.524308][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.531641][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.557606][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.569417][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.576635][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.602608][ T5815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.622524][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.629555][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.655510][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.749353][ T5816] hsr_slave_0: entered promiscuous mode [ 72.756438][ T5816] hsr_slave_1: entered promiscuous mode [ 72.804990][ T5822] hsr_slave_0: entered promiscuous mode [ 72.811652][ T5822] hsr_slave_1: entered promiscuous mode [ 72.817976][ T5822] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.826651][ T5822] Cannot create hsr debugfs directory [ 72.862060][ T5815] hsr_slave_0: entered promiscuous mode [ 72.869130][ T5815] hsr_slave_1: entered promiscuous mode [ 72.875182][ T5815] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.882873][ T5815] Cannot create hsr debugfs directory [ 72.893580][ T5823] hsr_slave_0: entered promiscuous mode [ 72.901714][ T5823] hsr_slave_1: entered promiscuous mode [ 72.908088][ T5823] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.915866][ T5823] Cannot create hsr debugfs directory [ 72.947895][ T5828] hsr_slave_0: entered promiscuous mode [ 72.953995][ T5828] hsr_slave_1: entered promiscuous mode [ 72.960223][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.967894][ T5828] Cannot create hsr debugfs directory [ 73.536825][ T5822] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.557703][ T5822] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.591764][ T5822] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.609706][ T5822] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.628613][ T5823] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 73.639913][ T5823] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 73.661709][ T5823] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 73.680874][ T5823] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 73.732340][ T5816] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 73.748169][ T5816] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 73.765829][ T5816] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 73.793089][ T5816] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 73.870883][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 73.882222][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 73.892308][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 73.918416][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 74.048638][ T5815] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 74.062959][ T5815] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 74.073874][ T5815] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 74.085370][ T5815] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 74.143870][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.194400][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.212069][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.242690][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.250076][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.262072][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.290691][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.297841][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.305786][ T5834] Bluetooth: hci1: command tx timeout [ 74.306014][ T5829] Bluetooth: hci0: command tx timeout [ 74.311187][ T5834] Bluetooth: hci2: command tx timeout [ 74.318550][ T5829] Bluetooth: hci3: command tx timeout [ 74.345514][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.352697][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.370579][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.377778][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.391281][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.392825][ T5829] Bluetooth: hci4: command tx timeout [ 74.479479][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.555222][ T5816] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.583563][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.620760][ T78] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.627965][ T78] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.638782][ T78] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.645985][ T78] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.669923][ T5815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.681029][ T78] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.688254][ T78] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.742044][ T78] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.749255][ T78] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.777919][ T5815] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.793166][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.800370][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.855381][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.862662][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.937966][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.160250][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.172531][ T5823] veth0_vlan: entered promiscuous mode [ 75.247247][ T5823] veth1_vlan: entered promiscuous mode [ 75.362769][ T5822] veth0_vlan: entered promiscuous mode [ 75.396372][ T5822] veth1_vlan: entered promiscuous mode [ 75.405347][ T5823] veth0_macvtap: entered promiscuous mode [ 75.436251][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.451250][ T5823] veth1_macvtap: entered promiscuous mode [ 75.584855][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.611360][ T5822] veth0_macvtap: entered promiscuous mode [ 75.623815][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.640270][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.653896][ T5822] veth1_macvtap: entered promiscuous mode [ 75.663791][ T5823] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.673570][ T5823] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.683543][ T5823] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.693487][ T5823] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.720800][ T5815] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.828191][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.864273][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.920506][ T5822] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.930079][ T5822] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.939495][ T5822] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.948546][ T5822] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.998402][ T5815] veth0_vlan: entered promiscuous mode [ 76.015895][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.032295][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.042579][ T5815] veth1_vlan: entered promiscuous mode [ 76.082394][ T5828] veth0_vlan: entered promiscuous mode [ 76.122709][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.124995][ T5828] veth1_vlan: entered promiscuous mode [ 76.135501][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.237706][ T5823] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 76.262874][ T5816] veth0_vlan: entered promiscuous mode [ 76.297453][ T5815] veth0_macvtap: entered promiscuous mode [ 76.335329][ T5815] veth1_macvtap: entered promiscuous mode [ 76.342141][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.357236][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.374367][ T5816] veth1_vlan: entered promiscuous mode [ 76.385864][ T5829] Bluetooth: hci3: command tx timeout [ 76.386015][ T5834] Bluetooth: hci2: command tx timeout [ 76.391293][ T5829] Bluetooth: hci0: command tx timeout [ 76.396736][ T5820] Bluetooth: hci1: command tx timeout [ 76.421589][ T5828] veth0_macvtap: entered promiscuous mode [ 76.443653][ T5828] veth1_macvtap: entered promiscuous mode [ 76.468089][ T5829] Bluetooth: hci4: command tx timeout [ 76.521523][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.531882][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.559118][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.595161][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.618537][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.649566][ T5815] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.662032][ T5815] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.673250][ T5815] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.682247][ T5815] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.714253][ T5816] veth0_macvtap: entered promiscuous mode [ 76.730247][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.766404][ T5828] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.786879][ T5828] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.801698][ T5828] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.811280][ T5828] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.836892][ T5816] veth1_macvtap: entered promiscuous mode [ 76.979990][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.018201][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.029208][ T2977] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.048789][ T2977] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.071253][ T5816] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.110892][ T5816] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.122773][ T5816] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.135555][ T5816] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.199992][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.229571][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.256443][ T5948] process 'syz.0.10' launched './file0' with NULL argv: empty string added [ 77.332400][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.352352][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.460238][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.468163][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.548562][ T5950] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 77.561736][ T5950] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 77.682368][ T5950] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.694605][ T5950] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.718589][ T5950] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.731039][ T5950] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.745256][ T5957] netlink: 'syz.2.13': attribute type 10 has an invalid length. [ 77.810622][ T5957] team0: Device ipvlan1 failed to register rx_handler [ 77.823726][ T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.839659][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.858135][ T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.903705][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.046236][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.054091][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.310184][ T5968] mkiss: ax0: crc mode is auto. [ 78.468540][ T5829] Bluetooth: hci0: command tx timeout [ 78.468594][ T5834] Bluetooth: hci2: command tx timeout [ 78.474037][ T5829] Bluetooth: hci1: command tx timeout [ 78.482060][ T5830] Bluetooth: hci3: command tx timeout [ 78.546506][ T5834] Bluetooth: hci4: command tx timeout [ 78.598084][ T5978] loop9: detected capacity change from 0 to 524288000 [ 78.855176][ T5983] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 80.994833][ T6039] netlink: 28 bytes leftover after parsing attributes in process `syz.0.40'. [ 81.022515][ T6039] netlink: 'syz.0.40': attribute type 7 has an invalid length. [ 81.059930][ T6039] netlink: 'syz.0.40': attribute type 8 has an invalid length. [ 81.095643][ T6039] netlink: 4 bytes leftover after parsing attributes in process `syz.0.40'. [ 81.517701][ T6058] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 82.113566][ T6076] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.57'. [ 82.210680][ T5929] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 82.407530][ T5929] usb 4-1: Using ep0 maxpacket: 8 [ 82.438899][ T5929] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 82.482988][ T5929] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 82.526333][ T5929] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 82.577536][ T5929] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 82.609484][ T5929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.658709][ T5929] usb 4-1: Product: syz [ 82.662923][ T5929] usb 4-1: Manufacturer: syz [ 82.687501][ T5929] usb 4-1: SerialNumber: syz [ 82.926667][ T5929] usb 4-1: 0:2 : does not exist [ 83.022270][ T5929] usb 4-1: USB disconnect, device number 2 [ 83.143343][ T6103] netlink: 4 bytes leftover after parsing attributes in process `syz.0.68'. [ 83.352948][ T6110] loop9: detected capacity change from 0 to 524288000 [ 83.398955][ T5993] udevd[5993]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 85.293781][ T6169] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 85.375564][ T5878] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 85.555521][ T5878] usb 5-1: Using ep0 maxpacket: 16 [ 85.571324][ T5878] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 85.601636][ T5878] usb 5-1: config 0 has no interfaces? [ 85.655612][ T5878] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 85.664701][ T5878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 85.705593][ T5878] usb 5-1: Product: syz [ 85.718789][ T5878] usb 5-1: Manufacturer: syz [ 85.723605][ T5878] usb 5-1: SerialNumber: syz [ 85.754430][ T5878] usb 5-1: config 0 descriptor?? [ 86.096930][ T5929] usb 5-1: USB disconnect, device number 2 [ 86.814394][ T55] cfg80211: failed to load regulatory.db [ 86.857190][ T5929] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 87.028025][ T5929] usb 4-1: Using ep0 maxpacket: 32 [ 87.045311][ T5929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.085975][ T5929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.103713][ T5929] usb 4-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00 [ 87.151707][ T5929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.194438][ T5929] usb 4-1: config 0 descriptor?? [ 87.259851][ T6224] warning: `syz.4.119' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 87.631890][ T5929] macally 0003:060B:0001.0001: unknown main item tag 0x0 [ 87.645764][ T5929] macally 0003:060B:0001.0001: unknown main item tag 0x0 [ 87.659291][ T5929] macally 0003:060B:0001.0001: unknown main item tag 0x0 [ 87.685662][ T5929] macally 0003:060B:0001.0001: unknown main item tag 0x0 [ 87.714071][ T5929] macally 0003:060B:0001.0001: hidraw0: USB HID vff.ff Device [HID 060b:0001] on usb-dummy_hcd.3-1/input0 [ 87.871844][ T55] usb 4-1: USB disconnect, device number 3 [ 87.989064][ T6236] fido_id[6236]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 88.338521][ T6254] dummy0: entered allmulticast mode [ 88.353810][ T6254] dummy0: left allmulticast mode [ 88.463313][ T6256] mmap: syz.1.135 (6256) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 89.495730][ T5878] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 89.496741][ T6301] bpf: Bad value for 'gid' [ 89.667471][ T5878] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 89.682976][ T5878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.701646][ T5878] usb 3-1: config 0 descriptor?? [ 89.713411][ T5878] cp210x 3-1:0.0: cp210x converter detected [ 89.865638][ T55] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 89.905637][ T1603] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 90.037645][ T55] usb 1-1: Using ep0 maxpacket: 32 [ 90.047461][ T55] usb 1-1: config 0 has an invalid interface number: 12 but max is 0 [ 90.056931][ T55] usb 1-1: config 0 has no interface number 0 [ 90.063106][ T55] usb 1-1: config 0 interface 12 has no altsetting 0 [ 90.078586][ T55] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 90.085528][ T1603] usb 2-1: Using ep0 maxpacket: 32 [ 90.098954][ T55] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.109569][ T55] usb 1-1: Product: syz [ 90.113780][ T55] usb 1-1: Manufacturer: syz [ 90.120244][ T55] usb 1-1: SerialNumber: syz [ 90.132732][ T55] usb 1-1: config 0 descriptor?? [ 90.134473][ T5878] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 90.145615][ T1603] usb 2-1: config 0 interface 0 has no altsetting 0 [ 90.152246][ T1603] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00 [ 90.215596][ T1603] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.230542][ T5878] usb 3-1: cp210x converter now attached to ttyUSB0 [ 90.244159][ T1603] usb 2-1: config 0 descriptor?? [ 90.255838][ T6320] netlink: 'syz.3.165': attribute type 4 has an invalid length. [ 90.419566][ T5929] usb 3-1: USB disconnect, device number 2 [ 90.441425][ T5929] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 90.491239][ T5929] cp210x 3-1:0.0: device disconnected [ 90.493664][ T6325] Attempt to restore checkpoint with obsolete wellknown handles [ 90.614584][ T6329] program syz.3.169 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 90.690270][ T6331] capability: warning: `syz.3.170' uses deprecated v2 capabilities in a way that may be insecure [ 90.839202][ T6335] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 90.964266][ T55] f81534 1-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71 [ 90.979317][ T55] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71 [ 90.987021][ T55] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 90.994708][ T55] f81534 1-1:0.12: probe with driver f81534 failed with error -71 [ 91.018137][ T55] usb 1-1: USB disconnect, device number 2 [ 91.051023][ T1603] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0 [ 91.075895][ T1603] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0 [ 91.087636][ T1603] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0 [ 91.095695][ T1603] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0 [ 91.103565][ T1603] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0 [ 91.130251][ T1603] corsair-psu 0003:1B1C:1C09.0002: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.1-1/input0 [ 91.493863][ T1603] corsair-psu 0003:1B1C:1C09.0002: unable to initialize device (-110) [ 91.540858][ T1603] corsair-psu 0003:1B1C:1C09.0002: probe with driver corsair-psu failed with error -110 [ 91.564425][ T6347] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.581097][ T1603] usb 2-1: USB disconnect, device number 2 [ 92.167149][ T5929] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 92.347509][ T5929] usb 4-1: Using ep0 maxpacket: 32 [ 92.395258][ T5929] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 92.412576][ T5929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.434560][ T5929] usb 4-1: Product: syz [ 92.450111][ T5929] usb 4-1: Manufacturer: syz [ 92.460479][ T5929] usb 4-1: SerialNumber: syz [ 92.478632][ T5929] usb 4-1: config 0 descriptor?? [ 92.503518][ T5929] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 92.847842][ T1603] kernel write not supported for file /input/mice (pid: 1603 comm: kworker/0:2) [ 93.328426][ T5929] gspca_ov534_9: reg_w failed -71 [ 93.625541][ T5929] gspca_ov534_9: Unknown sensor 0000 [ 93.625635][ T5929] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22 [ 93.673534][ T5929] usb 4-1: USB disconnect, device number 4 [ 94.356892][ T6463] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.217'. [ 94.811088][ T6482] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 94.866693][ T6485] netlink: 'syz.4.226': attribute type 5 has an invalid length. [ 95.084232][ T6494] netlink: 'syz.3.232': attribute type 25 has an invalid length. [ 95.093046][ T6495] capability: warning: `syz.0.229' uses 32-bit capabilities (legacy support in use) [ 95.110045][ T6494] netlink: 'syz.3.232': attribute type 7 has an invalid length. [ 95.534083][ T6511] pim6reg1: tun_chr_ioctl cmd 1074025677 [ 95.553856][ T6511] pim6reg1: linktype set to 780 [ 95.679686][ T6519] netlink: 24 bytes leftover after parsing attributes in process `syz.0.242'. [ 96.417757][ T36] Bluetooth: hci5: Frame reassembly failed (-84) [ 96.446990][ T6548] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 96.577377][ T5878] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 96.626130][ T6555] netlink: 56 bytes leftover after parsing attributes in process `syz.2.260'. [ 96.642798][ T6555] netlink: 576 bytes leftover after parsing attributes in process `syz.2.260'. [ 96.739005][ T5878] usb 4-1: Using ep0 maxpacket: 8 [ 96.761725][ T5878] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 15 [ 96.781029][ T5878] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 96.802860][ T5878] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 96.814257][ T5878] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 96.830317][ T5878] usb 4-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8 [ 96.842060][ T5878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 96.872043][ T5878] usb 4-1: Product: syz [ 96.892427][ T5878] usb 4-1: Manufacturer: syz [ 96.903724][ T5878] usb 4-1: SerialNumber: syz [ 96.937721][ T5878] usb 4-1: config 0 descriptor?? [ 96.964834][ T6544] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 97.029877][ T6571] netlink: 8 bytes leftover after parsing attributes in process `syz.2.268'. [ 97.041442][ T6571] netlink: 8 bytes leftover after parsing attributes in process `syz.2.268'. [ 97.183638][ T5878] powermate: Expected payload of 3--6 bytes, found 1024 bytes! [ 97.194885][ T5878] input: Griffin SoundKnob as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input5 [ 97.255768][ T1603] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 97.458902][ C0] powermate: config urb returned -71 [ 97.462251][ T5929] usb 4-1: USB disconnect, device number 5 [ 97.464300][ C0] powermate: usb_submit_urb(config) failed [ 97.470510][ C0] powermate 4-1:0.0: powermate_irq - usb_submit_urb failed with result: -19 [ 97.485919][ T1603] usb 2-1: Using ep0 maxpacket: 32 [ 97.493506][ T1603] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 97.526040][ T1603] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 97.562741][ T1603] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 97.596592][ T1603] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 97.616750][ T1603] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.665814][ T1603] usb 2-1: config 0 descriptor?? [ 97.678242][ T6573] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 97.712923][ T1603] hub 2-1:0.0: USB hub found [ 97.905128][ T1603] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 98.141766][ T1603] usbhid 2-1:0.0: can't add hid device: -71 [ 98.165831][ T1603] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 98.209712][ T1603] usb 2-1: USB disconnect, device number 3 [ 98.359873][ T6612] Zero length message leads to an empty skb [ 98.375601][ T5929] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 98.466343][ T5830] Bluetooth: hci5: command 0x1003 tx timeout [ 98.472600][ T5834] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 98.556556][ T5929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 98.597547][ T5929] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 98.629782][ T5929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.678883][ T5929] usb 4-1: config 0 descriptor?? [ 98.843330][ T5897] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 99.030788][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 99.051233][ T5897] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 99.079891][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 99.126494][ T5897] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 99.161249][ T5897] usb 5-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 99.176006][ T5929] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor [ 99.200095][ T5929] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0003/input/input6 [ 99.211928][ T5897] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.231586][ T5897] usb 5-1: Product: syz [ 99.250839][ T5897] usb 5-1: Manufacturer: syz [ 99.272961][ T5897] usb 5-1: SerialNumber: syz [ 99.305780][ T5897] usb 5-1: config 0 descriptor?? [ 99.378536][ T5897] ums-isd200 5-1:0.0: USB Mass Storage device detected [ 99.546553][ T5929] keytouch 0003:0926:3333.0003: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0 [ 99.599495][ T5897] scsi host1: usb-storage 5-1:0.0 [ 99.704271][ T5929] usb 4-1: USB disconnect, device number 6 [ 99.801027][ T6654] fido_id[6654]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 99.837624][ T5897] usb 5-1: USB disconnect, device number 3 [ 101.011496][ T6694] netlink: 32 bytes leftover after parsing attributes in process `syz.2.308'. [ 101.227828][ T6700] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 101.839282][ T6723] netlink: 4 bytes leftover after parsing attributes in process `syz.4.321'. [ 101.852002][ T6723] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 103.859839][ T6795] Bluetooth: MGMT ver 1.23 [ 103.953870][ T6798] bridge0: port 3(syz_tun) entered blocking state [ 103.970948][ T6798] bridge0: port 3(syz_tun) entered disabled state [ 103.995683][ T6798] syz_tun: entered allmulticast mode [ 104.012696][ T6798] syz_tun: entered promiscuous mode [ 104.031636][ T6798] bridge0: port 3(syz_tun) entered blocking state [ 104.038266][ T6798] bridge0: port 3(syz_tun) entered forwarding state [ 104.080411][ T6803] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 104.080411][ T6803] The task syz.2.356 (6803) triggered the difference, watch for misbehavior. [ 104.594044][ T6822] ======================================================= [ 104.594044][ T6822] WARNING: The mand mount option has been deprecated and [ 104.594044][ T6822] and is ignored by this kernel. Remove the mand [ 104.594044][ T6822] option from the mount to silence this warning. [ 104.594044][ T6822] ======================================================= [ 104.679710][ T1603] kernel write not supported for file /uhid (pid: 1603 comm: kworker/0:2) [ 104.826404][ T5897] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 104.995710][ T5897] usb 5-1: Using ep0 maxpacket: 16 [ 105.020593][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 105.039518][ T5897] usb 5-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00 [ 105.048964][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.064320][ T5897] usb 5-1: config 0 descriptor?? [ 105.265353][ T6838] syz.0.372: attempt to access beyond end of device [ 105.265353][ T6838] nbd0: rw=0, sector=64, nr_sectors = 1 limit=0 [ 105.279003][ T30] audit: type=1326 audit(1750754715.151:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6836 comm="syz.1.373" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f82a558e929 code=0x0 [ 105.283264][ T6838] syz.0.372: attempt to access beyond end of device [ 105.283264][ T6838] nbd0: rw=0, sector=256, nr_sectors = 1 limit=0 [ 105.321426][ T6838] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 105.331522][ T6838] syz.0.372: attempt to access beyond end of device [ 105.331522][ T6838] nbd0: rw=0, sector=512, nr_sectors = 1 limit=0 [ 105.365646][ T6838] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 105.379265][ T6838] syz.0.372: attempt to access beyond end of device [ 105.379265][ T6838] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0 [ 105.396488][ T6838] syz.0.372: attempt to access beyond end of device [ 105.396488][ T6838] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0 [ 105.409971][ T6838] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 105.419864][ T6838] syz.0.372: attempt to access beyond end of device [ 105.419864][ T6838] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 105.433563][ T6838] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 105.444969][ T6838] syz.0.372: attempt to access beyond end of device [ 105.444969][ T6838] nbd0: rw=0, sector=64, nr_sectors = 4 limit=0 [ 105.458394][ T6838] syz.0.372: attempt to access beyond end of device [ 105.458394][ T6838] nbd0: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 105.471549][ T6838] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 105.481429][ T6838] syz.0.372: attempt to access beyond end of device [ 105.481429][ T6838] nbd0: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 105.494435][ T6838] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 105.519782][ T5897] logitech-djreceiver 0003:046D:C513.0004: hidraw0: USB HID v0.05 Device [HID 046d:c513] on usb-dummy_hcd.4-1/input0 [ 105.545205][ T6838] syz.0.372: attempt to access beyond end of device [ 105.545205][ T6838] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0 [ 105.585994][ T6838] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 105.601949][ T6838] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 105.612039][ T6838] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1) [ 105.727088][ T1603] usb 5-1: USB disconnect, device number 4 [ 106.205661][ T5897] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 106.407313][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.452467][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.485595][ T5897] usb 4-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00 [ 106.494686][ T5897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.559723][ T5897] usb 4-1: config 0 descriptor?? [ 107.010975][ T5897] itetech 0003:06CB:73F6.0005: unknown main item tag 0x0 [ 107.049936][ T5897] itetech 0003:06CB:73F6.0005: unbalanced collection at end of report description [ 107.086623][ T5897] itetech 0003:06CB:73F6.0005: probe with driver itetech failed with error -22 [ 107.219383][ T5897] usb 4-1: USB disconnect, device number 7 [ 107.369893][ T6910] netlink: 8 bytes leftover after parsing attributes in process `syz.1.400'. [ 108.199583][ T6936] macsec1: entered promiscuous mode [ 108.235952][ T6936] macvlan1: entered promiscuous mode [ 108.278342][ T6936] macvlan1: left promiscuous mode [ 108.577938][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.4.420'. [ 108.692900][ T6960] netlink: 277 bytes leftover after parsing attributes in process `syz.0.423'. [ 108.916818][ T6967] netlink: 'syz.4.427': attribute type 83 has an invalid length. [ 108.936650][ T6973] netlink: 'syz.0.428': attribute type 6 has an invalid length. [ 108.999207][ T1603] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 109.105828][ T30] audit: type=1326 audit(1750754718.991:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd8d18e929 code=0x7ffc0000 [ 109.141981][ T30] audit: type=1326 audit(1750754718.991:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd8d18e929 code=0x7ffc0000 [ 109.186562][ T1603] usb 2-1: Using ep0 maxpacket: 16 [ 109.197877][ T1603] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 109.222500][ T1603] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.246638][ T30] audit: type=1326 audit(1750754719.031:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7efd8d18e929 code=0x7ffc0000 [ 109.278559][ T30] audit: type=1326 audit(1750754719.031:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd8d18e929 code=0x7ffc0000 [ 109.301572][ T1603] usb 2-1: config 0 descriptor?? [ 109.307039][ T30] audit: type=1326 audit(1750754719.031:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd8d18e929 code=0x7ffc0000 [ 109.370379][ T1603] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 109.380272][ T30] audit: type=1326 audit(1750754719.031:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd8d18e929 code=0x7ffc0000 [ 109.411134][ T30] audit: type=1326 audit(1750754719.031:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd8d18e929 code=0x7ffc0000 [ 109.439613][ T30] audit: type=1326 audit(1750754719.031:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd8d18e929 code=0x7ffc0000 [ 109.491790][ T30] audit: type=1326 audit(1750754719.061:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd8d18e929 code=0x7ffc0000 [ 109.576336][ T1603] usb 2-1: Detected FT232B [ 109.783740][ T1603] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 109.804016][ T1603] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 110.022329][ T55] usb 2-1: USB disconnect, device number 4 [ 110.047228][ T55] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 110.070891][ T55] ftdi_sio 2-1:0.0: device disconnected [ 110.081338][ T7013] program syz.2.448 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 110.158822][ T7015] loop8: detected capacity change from 0 to 7 [ 110.182491][ T7015] Dev loop8: unable to read RDB block 7 [ 110.192742][ T7015] loop8: unable to read partition table [ 110.202425][ T7015] loop8: partition table beyond EOD, truncated [ 110.212930][ T7015] loop_reread_partitions: partition scan of loop8 (þ被x) failed (rc=-5) [ 110.449442][ T7026] netlink: 'syz.3.454': attribute type 2 has an invalid length. [ 110.491226][ T7026] ave_0: entered promiscuous mode [ 110.607231][ T7030] netlink: 16 bytes leftover after parsing attributes in process `syz.2.457'. [ 111.262514][ T7062] netlink: 12 bytes leftover after parsing attributes in process `syz.4.470'. [ 112.115659][ T5929] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 112.294189][ T5929] usb 2-1: config 0 has no interfaces? [ 112.303930][ T5929] usb 2-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00 [ 112.325253][ T5929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.344656][ T5929] usb 2-1: config 0 descriptor?? [ 112.560822][ T7089] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 112.623729][ T7089] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 112.662621][ T7112] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.671838][ T7112] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.681053][ T7112] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.690161][ T7112] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.725163][ T1603] usb 2-1: USB disconnect, device number 5 [ 112.799892][ T7116] netlink: 12 bytes leftover after parsing attributes in process `syz.0.494'. [ 113.215674][ T1603] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 113.403707][ T1603] usb 2-1: Using ep0 maxpacket: 8 [ 113.424980][ T1603] usb 2-1: config index 0 descriptor too short (expected 72, got 36) [ 113.440204][ T1603] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 113.501593][ T1603] usb 2-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice= 1.08 [ 113.527387][ T1603] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.553501][ T1603] usb 2-1: Product: syz [ 113.562010][ T1603] usb 2-1: Manufacturer: syz [ 113.576708][ T1603] usb 2-1: SerialNumber: syz [ 113.918331][ T5929] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 113.976148][ T1603] usb 2-1: USB disconnect, device number 6 [ 114.104520][ T5929] usb 1-1: Using ep0 maxpacket: 8 [ 114.134769][ T5929] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 114.158254][ T5929] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 114.191087][ T5929] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 114.214519][ T5929] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 114.226770][ T5929] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 114.240146][ T5929] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 114.251425][ T5929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.491436][ T7165] Driver unsupported XDP return value 0 on prog (id 51) dev N/A, expect packet loss! [ 114.517973][ T5929] usb 1-1: GET_CAPABILITIES returned 0 [ 114.548599][ T5929] usbtmc 1-1:16.0: can't read capabilities [ 114.751488][ T5929] usb 1-1: USB disconnect, device number 3 [ 115.407256][ T7196] netlink: 'syz.0.532': attribute type 1 has an invalid length. [ 115.416456][ T7196] netlink: 'syz.0.532': attribute type 4 has an invalid length. [ 115.424125][ T7196] netlink: 188 bytes leftover after parsing attributes in process `syz.0.532'. [ 115.500431][ T7196] NCSI netlink: No device for ifindex 458760 [ 117.026628][ T7240] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 117.035393][ T7240] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 117.044449][ T7240] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 117.053239][ T7240] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 117.077605][ T7240] vxlan0: entered promiscuous mode [ 117.082777][ T7240] vxlan0: entered allmulticast mode [ 117.344087][ T7252] vivid-000: ================= START STATUS ================= [ 117.364103][ T7252] vivid-000: Radio HW Seek Mode: Bounded [ 117.394032][ T7252] vivid-000: Radio Programmable HW Seek: false [ 117.398694][ T7256] netlink: 'syz.4.559': attribute type 2 has an invalid length. [ 117.426591][ T7252] vivid-000: RDS Rx I/O Mode: Block I/O [ 117.432213][ T7252] vivid-000: Generate RBDS Instead of RDS: false [ 117.455650][ T7252] vivid-000: RDS Reception: true [ 117.475576][ T7252] vivid-000: RDS Program Type: 0 inactive [ 117.500679][ T7252] vivid-000: RDS PS Name: inactive [ 117.507930][ T7252] vivid-000: RDS Radio Text: inactive [ 117.548225][ T7252] vivid-000: RDS Traffic Announcement: false inactive [ 117.555073][ T7252] vivid-000: RDS Traffic Program: false inactive [ 117.586947][ T7252] vivid-000: RDS Music: false inactive [ 117.602769][ T7252] vivid-000: ================== END STATUS ================== [ 118.775550][ T5929] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 118.846279][ T5897] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 118.945736][ T5929] usb 3-1: Using ep0 maxpacket: 16 [ 118.963053][ T5929] usb 3-1: config 0 has no interfaces? [ 118.980256][ T5929] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 119.009926][ T5929] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 119.021324][ T5929] usb 3-1: Manufacturer: syz [ 119.031174][ T5929] usb 3-1: config 0 descriptor?? [ 119.052128][ T5897] usb 5-1: config 0 has no interfaces? [ 119.079229][ T5897] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 119.106212][ T5897] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.114417][ T7319] netlink: 132 bytes leftover after parsing attributes in process `syz.3.586'. [ 119.132787][ T5897] usb 5-1: Product: syz [ 119.137710][ T5897] usb 5-1: Manufacturer: syz [ 119.142324][ T5897] usb 5-1: SerialNumber: syz [ 119.156751][ T5897] usb 5-1: config 0 descriptor?? [ 119.269435][ T5897] usb 3-1: USB disconnect, device number 3 [ 119.391613][ T5929] usb 5-1: USB disconnect, device number 5 [ 119.845740][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 120.016274][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 120.059353][ T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 120.071327][ T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 120.081820][ T9] usb 2-1: config 0 interface 0 has no altsetting 0 [ 120.111061][ T9] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 120.159595][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.189319][ T9] usb 2-1: config 0 descriptor?? [ 120.672364][ T7338] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.703400][ T7338] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.956794][ T7373] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.608'. [ 121.047011][ T5897] usb 2-1: USB disconnect, device number 7 [ 121.055979][ T7370] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.608'. [ 122.193391][ T7421] netlink: 12 bytes leftover after parsing attributes in process `syz.4.630'. [ 123.113380][ T7451] random: crng reseeded on system resumption [ 123.230593][ T7451] Restarting kernel threads ... [ 123.247651][ T7451] Done restarting kernel threads. [ 123.381059][ T7462] bio_check_eod: 2 callbacks suppressed [ 123.381076][ T7462] syz.1.650: attempt to access beyond end of device [ 123.381076][ T7462] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0 [ 123.422972][ T7462] syz.1.650: attempt to access beyond end of device [ 123.422972][ T7462] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0 [ 123.500515][ T30] audit: type=1326 audit(1750754733.331:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1ba29858e7 code=0x7ffc0000 [ 123.537497][ T7462] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 123.575293][ T7462] syz.1.650: attempt to access beyond end of device [ 123.575293][ T7462] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0 [ 123.590335][ T30] audit: type=1326 audit(1750754733.331:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1ba292ab19 code=0x7ffc0000 [ 123.611548][ C1] vkms_vblank_simulate: vblank timer overrun [ 123.612210][ T7462] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 123.617863][ T30] audit: type=1326 audit(1750754733.331:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1ba29858e7 code=0x7ffc0000 [ 123.617898][ T30] audit: type=1326 audit(1750754733.331:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1ba292ab19 code=0x7ffc0000 [ 123.617925][ T30] audit: type=1326 audit(1750754733.331:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1ba29858e7 code=0x7ffc0000 [ 123.617952][ T30] audit: type=1326 audit(1750754733.331:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1ba292ab19 code=0x7ffc0000 [ 123.617981][ T30] audit: type=1326 audit(1750754733.331:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1ba29858e7 code=0x7ffc0000 [ 123.618011][ T30] audit: type=1326 audit(1750754733.331:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1ba292ab19 code=0x7ffc0000 [ 123.618041][ T30] audit: type=1326 audit(1750754733.331:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1ba29858e7 code=0x7ffc0000 [ 123.618070][ T30] audit: type=1326 audit(1750754733.331:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1ba292ab19 code=0x7ffc0000 [ 123.850255][ T7462] syz.1.650: attempt to access beyond end of device [ 123.850255][ T7462] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0 [ 123.900155][ T7462] syz.1.650: attempt to access beyond end of device [ 123.900155][ T7462] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0 [ 123.953280][ T7462] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 123.963134][ T7462] syz.1.650: attempt to access beyond end of device [ 123.963134][ T7462] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 123.980608][ T7462] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 123.991810][ T7462] syz.1.650: attempt to access beyond end of device [ 123.991810][ T7462] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0 [ 124.035924][ T7462] syz.1.650: attempt to access beyond end of device [ 124.035924][ T7462] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 124.068637][ T7462] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 124.095815][ T7462] syz.1.650: attempt to access beyond end of device [ 124.095815][ T7462] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 124.134106][ T7462] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 124.174830][ T7462] syz.1.650: attempt to access beyond end of device [ 124.174830][ T7462] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0 [ 124.191169][ T7462] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 124.258030][ T7462] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 124.289064][ T7462] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 124.484710][ T7495] cgroup: fork rejected by pids controller in /syz3 [ 124.490861][ T7503] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 124.549237][ T7518] veth1_macvtap: left promiscuous mode [ 229.925496][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 229.932564][ C1] rcu: 0-...!: (1 GPs behind) idle=cab4/1/0x4000000000000000 softirq=24356/24357 fqs=1 [ 229.943039][ C1] rcu: (detected by 1, t=10502 jiffies, g=17101, q=553 ncpus=2) [ 229.950778][ C1] Sending NMI from CPU 1 to CPUs 0: [ 229.950818][ C0] NMI backtrace for cpu 0 [ 229.950848][ C0] CPU: 0 UID: 0 PID: 7930 Comm: syz.4.665 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 229.950866][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 229.950878][ C0] RIP: 0010:lock_release+0x25/0x3e0 [ 229.950912][ C0] Code: 90 90 90 90 90 f3 0f 1e fa 55 41 57 41 56 41 55 41 54 53 48 83 ec 30 49 89 f5 49 89 fe 65 48 8b 05 50 9e fb 10 48 89 44 24 28 <0f> 1f 44 00 00 65 8b 05 53 9e fb 10 83 f8 08 0f 83 9a 02 00 00 89 [ 229.950924][ C0] RSP: 0018:ffffc90000007bf8 EFLAGS: 00000082 [ 229.950941][ C0] RAX: bbc03236b5903400 RBX: ffff8880216e62e8 RCX: 1ffff110042dcc65 [ 229.950953][ C0] RDX: 0000000000010000 RSI: ffffffff897f343f RDI: ffff8880216e6300 [ 229.950971][ C0] RBP: ffff8880338ec950 R08: 0000000000000003 R09: 0000000000000004 [ 229.950981][ C0] R10: dffffc0000000000 R11: fffff52000000f7c R12: ffff8880216e6340 [ 229.950992][ C0] R13: ffffffff897f343f R14: ffff8880216e6300 R15: ffff8880338ee400 [ 229.951003][ C0] FS: 00007efd8df196c0(0000) GS:ffff888125c83000(0000) knlGS:0000000000000000 [ 229.951016][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.951026][ C0] CR2: 00007f045744dc82 CR3: 00000000788f4000 CR4: 00000000003526f0 [ 229.951039][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 229.951048][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 229.951057][ C0] Call Trace: [ 229.951067][ C0] [ 229.951075][ C0] ? taprio_set_budgets+0x37c/0x3b0 [ 229.951099][ C0] _raw_spin_unlock+0x16/0x50 [ 229.951119][ C0] advance_sched+0x99f/0xc90 [ 229.951144][ C0] ? __pfx_advance_sched+0x10/0x10 [ 229.951160][ C0] __hrtimer_run_queues+0x529/0xc60 [ 229.951191][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 229.951210][ C0] ? read_tsc+0x9/0x20 [ 229.951231][ C0] hrtimer_interrupt+0x45b/0xaa0 [ 229.951265][ C0] __sysvec_apic_timer_interrupt+0x10b/0x410 [ 229.951288][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 229.951307][ C0] [ 229.951312][ C0] [ 229.951319][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 229.951335][ C0] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 [ 229.951353][ C0] Code: 90 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 ea 0b 3c f6 48 89 df e8 42 a3 3c f6 e8 6d b2 65 f6 fb bf 01 00 00 00 52 9d 2e f6 65 8b 05 4b aa 37 07 85 c0 74 07 5b c3 cc cc cc cc [ 229.951365][ C0] RSP: 0018:ffffc90003e7ea18 EFLAGS: 00000286 [ 229.951377][ C0] RAX: bbc03236b5903400 RBX: ffff88807c129740 RCX: bbc03236b5903400 [ 229.951389][ C0] RDX: 0000000000000006 RSI: ffffffff8d96ea60 RDI: 0000000000000001 [ 229.951398][ C0] RBP: ffff88807c129738 R08: ffffffff8f9fe1f7 R09: 1ffffffff1f3fc3e [ 229.951409][ C0] R10: dffffc0000000000 R11: fffffbfff1f3fc3f R12: 1ffffd4000092788 [ 229.951420][ C0] R13: ffffea0000493c48 R14: 0000000000020000 R15: 0000000000000000 [ 229.951439][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 229.951456][ C0] __remove_mapping+0x86a/0xad0 [ 229.951477][ C0] shrink_folio_list+0x29d0/0x4d10 [ 229.951514][ C0] ? __pfx_shrink_folio_list+0x10/0x10 [ 229.951549][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 229.951567][ C0] ? sched_clock+0x3f/0x60 [ 229.951581][ C0] ? sched_clock_cpu+0x74/0x430 [ 229.951600][ C0] ? psi_task_switch+0x318/0x6d0 [ 229.951623][ C0] ? __switch_to+0xd74/0x1600 [ 229.951641][ C0] ? __lock_acquire+0xab9/0xd20 [ 229.951678][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 229.951697][ C0] ? _raw_spin_lock_bh+0x30/0x50 [ 229.951720][ C0] reclaim_folio_list+0xee/0x500 [ 229.951748][ C0] ? __pfx_reclaim_folio_list+0x10/0x10 [ 229.951775][ C0] reclaim_pages+0x49a/0x5b0 [ 229.951798][ C0] ? __pfx_reclaim_pages+0x10/0x10 [ 229.951817][ C0] ? madvise_cold_or_pageout_pte_range+0x19b1/0x1d60 [ 229.951840][ C0] madvise_cold_or_pageout_pte_range+0x19da/0x1d60 [ 229.951871][ C0] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 229.951898][ C0] walk_pgd_range+0x1093/0x1e70 [ 229.951933][ C0] ? __pfx_walk_pgd_range+0x10/0x10 [ 229.951959][ C0] __walk_page_range+0x14c/0x710 [ 229.951977][ C0] ? find_vma+0xe7/0x160 [ 229.951993][ C0] ? __pfx_find_vma+0x10/0x10 [ 229.952014][ C0] walk_page_range_mm+0x42d/0x620 [ 229.952034][ C0] ? __pfx_walk_page_range_mm+0x10/0x10 [ 229.952052][ C0] ? mlock_drain_local+0x79/0x490 [ 229.952074][ C0] ? walk_page_range+0x6b/0x90 [ 229.952090][ C0] madvise_do_behavior+0x1c01/0x2e70 [ 229.952116][ C0] ? __pfx_madvise_do_behavior+0x10/0x10 [ 229.952137][ C0] ? __lock_acquire+0xab9/0xd20 [ 229.952158][ C0] ? page_table_check_set+0x18d/0x730 [ 229.952182][ C0] ? page_table_check_set+0x18d/0x730 [ 229.952200][ C0] ? page_table_check_set+0x18d/0x730 [ 229.952227][ C0] ? __lock_acquire+0xab9/0xd20 [ 229.952250][ C0] ? madvise_lock+0xda/0x200 [ 229.952277][ C0] do_madvise+0x174/0x220 [ 229.952293][ C0] ? count_memcg_event_mm+0x21/0x260 [ 229.952311][ C0] ? __pfx_do_madvise+0x10/0x10 [ 229.952339][ C0] __x64_sys_madvise+0xa7/0xc0 [ 229.952358][ C0] do_syscall_64+0xfa/0x3b0 [ 229.952378][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 229.952398][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.952412][ C0] ? clear_bhb_loop+0x60/0xb0 [ 229.952429][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.952443][ C0] RIP: 0033:0x7efd8d18e929 [ 229.952461][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.952473][ C0] RSP: 002b:00007efd8df19038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 229.952487][ C0] RAX: ffffffffffffffda RBX: 00007efd8d3b6080 RCX: 00007efd8d18e929 [ 229.952498][ C0] RDX: 0000000000000015 RSI: 0000000000600000 RDI: 0000200000000000 [ 229.952507][ C0] RBP: 00007efd8d210b39 R08: 0000000000000000 R09: 0000000000000000 [ 229.952517][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.952525][ C0] R13: 0000000000000001 R14: 00007efd8d3b6080 R15: 00007ffd23fafa78 [ 229.952544][ C0] [ 229.952804][ C1] rcu: rcu_preempt kthread starved for 10500 jiffies! g17101 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 230.551667][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 230.561642][ C1] rcu: RCU grace-period kthread stack dump: [ 230.567543][ C1] task:rcu_preempt state:R running task stack:26792 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 230.581048][ C1] Call Trace: [ 230.584338][ C1] [ 230.587277][ C1] __schedule+0x16a2/0x4cb0 [ 230.591808][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 230.597017][ C1] ? schedule+0x165/0x360 [ 230.601352][ C1] ? __lock_acquire+0xab9/0xd20 [ 230.606214][ C1] ? __pfx___schedule+0x10/0x10 [ 230.611090][ C1] ? schedule+0x91/0x360 [ 230.615413][ C1] schedule+0x165/0x360 [ 230.619590][ C1] schedule_timeout+0x12b/0x270 [ 230.624449][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 230.629835][ C1] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 230.635733][ C1] ? __pfx_process_timeout+0x10/0x10 [ 230.641034][ C1] ? prepare_to_swait_event+0x341/0x380 [ 230.646594][ C1] rcu_gp_fqs_loop+0x301/0x1540 [ 230.651472][ C1] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 230.657374][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 230.662662][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 230.667877][ C1] ? finish_swait+0xcd/0x1f0 [ 230.672927][ C1] rcu_gp_kthread+0x99/0x390 [ 230.677536][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 230.682750][ C1] ? __kthread_parkme+0x7b/0x200 [ 230.687746][ C1] ? __kthread_parkme+0x1a1/0x200 [ 230.692890][ C1] kthread+0x70e/0x8a0 [ 230.697008][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 230.702234][ C1] ? __pfx_kthread+0x10/0x10 [ 230.706839][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 230.712046][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 230.717263][ C1] ? __pfx_kthread+0x10/0x10 [ 230.721856][ C1] ret_from_fork+0x3fc/0x770 [ 230.726460][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 230.731685][ C1] ? __switch_to_asm+0x39/0x70 [ 230.736449][ C1] ? __switch_to_asm+0x33/0x70 [ 230.741218][ C1] ? __pfx_kthread+0x10/0x10 [ 230.745827][ C1] ret_from_fork_asm+0x1a/0x30 [ 230.750610][ C1] [ 230.753650][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 230.759983][ C1] CPU: 1 UID: 0 PID: 7500 Comm: syz.4.665 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 230.771884][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 230.781952][ C1] RIP: 0010:smp_call_function_many_cond+0xf67/0x12d0 [ 230.788648][ C1] Code: 00 00 00 45 8b 2f 44 89 ee 83 e6 01 31 ff e8 60 78 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 0b 74 0b 00 eb 37 90 43 0f b6 04 2c 84 c0 75 10 41 f7 07 01 00 00 00 74 1e e8 f0 [ 230.808257][ C1] RSP: 0000:ffffc90003147720 EFLAGS: 00000293 [ 230.814418][ C1] RAX: ffffffff81b4d830 RBX: ffff8880b873b040 RCX: ffff888031fa8000 [ 230.822403][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 230.830377][ C1] RBP: ffffc90003147880 R08: ffffffff8f9fe1f7 R09: 1ffffffff1f3fc3e [ 230.838354][ C1] R10: dffffc0000000000 R11: fffffbfff1f3fc3f R12: 1ffff110170c835d [ 230.846326][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8880b8641ae8 [ 230.854298][ C1] FS: 0000555588f47500(0000) GS:ffff888125d83000(0000) knlGS:0000000000000000 [ 230.863229][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.869810][ C1] CR2: 00007efd8d3afa38 CR3: 00000000788f4000 CR4: 00000000003526f0 [ 230.877786][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 230.885758][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 230.893735][ C1] Call Trace: [ 230.897017][ C1] [ 230.899960][ C1] ? __pfx_should_flush_tlb+0x10/0x10 [ 230.905345][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 230.911685][ C1] ? try_charge_memcg+0x22a/0x1290 [ 230.916814][ C1] ? rcu_is_watching+0x15/0xb0 [ 230.921586][ C1] ? __pfx_should_flush_tlb+0x10/0x10 [ 230.926960][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 230.932157][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 230.937281][ C1] flush_tlb_mm_range+0x6b1/0x12c0 [ 230.942395][ C1] ? page_table_check_clear+0x187/0x700 [ 230.947961][ C1] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 230.953509][ C1] ? page_table_check_clear+0x187/0x700 [ 230.959057][ C1] ? page_table_check_clear+0x4f3/0x700 [ 230.964606][ C1] ? page_table_check_clear+0x187/0x700 [ 230.970161][ C1] ptep_clear_flush+0x120/0x170 [ 230.975020][ C1] do_wp_page+0x1bc2/0x5800 [ 230.979535][ C1] ? do_wp_page+0x161d/0x5800 [ 230.984237][ C1] ? __pfx_do_wp_page+0x10/0x10 [ 230.989086][ C1] ? do_raw_spin_lock+0x121/0x290 [ 230.994119][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 230.999503][ C1] __handle_mm_fault+0x1144/0x5620 [ 231.004618][ C1] ? __lock_acquire+0xab9/0xd20 [ 231.009500][ C1] ? __pfx___handle_mm_fault+0x10/0x10 [ 231.014963][ C1] ? lock_vma_under_rcu+0xf8/0x710 [ 231.020111][ C1] ? lock_vma_under_rcu+0xf8/0x710 [ 231.025230][ C1] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 231.030792][ C1] handle_mm_fault+0x2d5/0x7f0 [ 231.035570][ C1] do_user_addr_fault+0xa81/0x1390 [ 231.040694][ C1] ? rcu_is_watching+0x15/0xb0 [ 231.045465][ C1] ? trace_page_fault_user+0x84/0x1e0 [ 231.050873][ C1] exc_page_fault+0x76/0xf0 [ 231.055483][ C1] asm_exc_page_fault+0x26/0x30 [ 231.060341][ C1] RIP: 0033:0x7efd8d04d9fc [ 231.064759][ C1] Code: 23 83 c0 01 44 39 d0 75 dc 48 89 f0 25 ff 1f 00 00 49 89 34 c1 41 88 3c 00 31 c0 c3 66 90 41 38 3c 10 74 0b 41 88 3c 10 31 c0 <49> 89 34 d1 c3 b8 01 00 00 00 c3 66 0f 1f 84 00 00 00 00 00 48 83 [ 231.084368][ C1] RSP: 002b:00007ffd23fafaa8 EFLAGS: 00010246 [ 231.090439][ C1] RAX: 0000000000000000 RBX: 00007efd8dee5720 RCX: 0000000000000000 [ 231.098415][ C1] RDX: 0000000000001b47 RSI: ffffffff81667b47 RDI: 0000000000000001 [ 231.106387][ C1] RBP: ffffffff81667b47 R08: 00007efd8d3a0000 R09: 00007efd8d3a2000 [ 231.114361][ C1] R10: 0000000081667b4b R11: 0000000000000001 R12: 0000000000000001 [ 231.122343][ C1] R13: 0000000000000002 R14: ffffffff81667ac1 R15: 0000000000000002 [ 231.130322][ C1] ? __x64_sys_mmap+0x21/0x140 [ 231.135094][ C1] ? __x64_sys_mmap+0xa7/0x140 [ 231.139871][ C1] ? __x64_sys_mmap+0xa7/0x140 [ 231.144650][ C1]