Warning: Permanently added '[localhost]:44117' (ECDSA) to the list of known hosts. 2020/11/17 00:05:01 fuzzer started 2020/11/17 00:05:01 dialing manager at 10.0.2.10:37665 2020/11/17 00:05:01 syscalls: 3439 2020/11/17 00:05:01 code coverage: enabled 2020/11/17 00:05:01 comparison tracing: enabled 2020/11/17 00:05:01 extra coverage: enabled 2020/11/17 00:05:01 setuid sandbox: enabled 2020/11/17 00:05:01 namespace sandbox: enabled 2020/11/17 00:05:01 Android sandbox: /sys/fs/selinux/policy does not exist 2020/11/17 00:05:01 fault injection: enabled 2020/11/17 00:05:01 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/11/17 00:05:01 net packet injection: enabled 2020/11/17 00:05:01 net device setup: enabled 2020/11/17 00:05:01 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/11/17 00:05:01 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/11/17 00:05:01 USB emulation: enabled 2020/11/17 00:05:01 hci packet injection: enabled 2020/11/17 00:05:01 wifi device emulation: enabled 00:06:31 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000240)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0x4020940d, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '1E\nJ'}, 0x0, 0x0, @planes=0x0}) 00:06:32 executing program 1: r0 = socket(0x2, 0x3, 0x2) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, 0x0, 0x0) 00:06:32 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2501) write$sndseq(r0, &(0x7f00000001c0)=[{0x0, 0x0, 0x0, 0xfe, @tick, {}, {}, @queue}], 0x1c) 00:06:32 executing program 3: r0 = socket$l2tp6(0xa, 0x2, 0x73) getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x1, 0x0, 0x0) syzkaller login: [ 198.081795][ T9064] IPVS: ftp: loaded support on port[0] = 21 [ 198.316412][ T9066] IPVS: ftp: loaded support on port[0] = 21 [ 198.327838][ T9064] chnl_net:caif_netlink_parms(): no params data found [ 198.462125][ T9064] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.479690][ T9064] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.495784][ T9064] device bridge_slave_0 entered promiscuous mode [ 198.538079][ T9064] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.552478][ T9064] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.565765][ T9064] device bridge_slave_1 entered promiscuous mode [ 198.606288][ T9066] chnl_net:caif_netlink_parms(): no params data found [ 198.629420][ T9064] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 198.661843][ T9064] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 198.729880][ T9068] IPVS: ftp: loaded support on port[0] = 21 [ 198.741981][ T9064] team0: Port device team_slave_0 added [ 198.769692][ T9064] team0: Port device team_slave_1 added [ 198.786776][ T9066] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.801786][ T9066] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.820528][ T9066] device bridge_slave_0 entered promiscuous mode [ 198.841651][ T9066] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.855537][ T9066] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.870357][ T9066] device bridge_slave_1 entered promiscuous mode [ 198.892731][ T9064] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 198.904432][ T9064] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.951839][ T9064] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 198.993607][ T9064] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 199.014820][ T9064] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.076671][ T9064] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 199.135391][ T9066] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 199.191378][ T9066] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 199.261281][ T9064] device hsr_slave_0 entered promiscuous mode [ 199.299232][ T9064] device hsr_slave_1 entered promiscuous mode [ 199.362836][ T9066] team0: Port device team_slave_0 added [ 199.415963][ T9066] team0: Port device team_slave_1 added [ 199.424593][ T9069] IPVS: ftp: loaded support on port[0] = 21 [ 199.601049][ T9066] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 199.621279][ T9066] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.702376][ T9066] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 199.764142][ T9066] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 199.791700][ T9066] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.882283][ T9066] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 200.008147][ T23] Bluetooth: hci0: command 0x0409 tx timeout [ 200.080018][ T9066] device hsr_slave_0 entered promiscuous mode [ 200.113681][ T9066] device hsr_slave_1 entered promiscuous mode [ 200.149422][ T9066] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 200.201892][ T9066] Cannot create hsr debugfs directory [ 200.241691][ T9068] chnl_net:caif_netlink_parms(): no params data found [ 200.317376][ T72] Bluetooth: hci1: command 0x0409 tx timeout [ 200.466710][ T9068] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.539603][ T9068] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.578247][ T9068] device bridge_slave_0 entered promiscuous mode [ 200.654511][ T9064] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 200.699689][ T9068] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.723532][ T3078] Bluetooth: hci2: command 0x0409 tx timeout [ 200.742768][ T9068] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.822554][ T9068] device bridge_slave_1 entered promiscuous mode [ 200.896460][ T9064] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 200.955280][ T9064] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 201.014397][ T9064] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 201.047658][ T23] Bluetooth: hci3: command 0x0409 tx timeout [ 201.123309][ T9068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 201.182047][ T9069] chnl_net:caif_netlink_parms(): no params data found [ 201.243590][ T9068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 201.356111][ T9068] team0: Port device team_slave_0 added [ 201.393157][ T9068] team0: Port device team_slave_1 added [ 201.469623][ T9066] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 201.530365][ T9068] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 201.553426][ T9068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 201.627680][ T9068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.669012][ T9066] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 201.711583][ T9068] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.752404][ T9068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 201.898860][ T9068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 201.960214][ T9066] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 201.998574][ T9066] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 202.049270][ T9069] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.077306][ T3078] Bluetooth: hci0: command 0x041b tx timeout [ 202.095210][ T9069] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.115957][ T9069] device bridge_slave_0 entered promiscuous mode [ 202.150192][ T9069] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.201747][ T9069] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.269248][ T9069] device bridge_slave_1 entered promiscuous mode [ 202.352348][ T9068] device hsr_slave_0 entered promiscuous mode [ 202.403294][ T72] Bluetooth: hci1: command 0x041b tx timeout [ 202.438020][ T9068] device hsr_slave_1 entered promiscuous mode [ 202.469451][ T9068] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 202.514443][ T9068] Cannot create hsr debugfs directory [ 202.581162][ T9069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 202.637608][ T9069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 202.716753][ T9069] team0: Port device team_slave_0 added [ 202.762364][ T9069] team0: Port device team_slave_1 added [ 202.797460][ T23] Bluetooth: hci2: command 0x041b tx timeout [ 202.830829][ T9069] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 202.863989][ T9069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 202.945441][ T9069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 202.992845][ T9069] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.016601][ T9069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.090874][ T9069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.117548][ T3078] Bluetooth: hci3: command 0x041b tx timeout [ 203.194244][ T9069] device hsr_slave_0 entered promiscuous mode [ 203.229847][ T9069] device hsr_slave_1 entered promiscuous mode [ 203.266657][ T9069] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 203.306293][ T9069] Cannot create hsr debugfs directory [ 203.393379][ T9064] 8021q: adding VLAN 0 to HW filter on device bond0 [ 203.494419][ T9064] 8021q: adding VLAN 0 to HW filter on device team0 [ 203.554838][ T9068] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 203.596759][ T9068] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 203.640034][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 203.680024][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 203.723460][ T9068] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 203.766421][ T9068] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 203.846601][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 203.902926][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 203.959402][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.007861][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.070390][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.140325][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 204.167719][ T23] Bluetooth: hci0: command 0x040f tx timeout [ 204.204378][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.321521][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.401471][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.478264][ T18] Bluetooth: hci1: command 0x040f tx timeout [ 204.483805][ T9066] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.568527][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 204.619800][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 204.680412][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 204.736456][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 204.790865][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 204.863243][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 204.887292][ T18] Bluetooth: hci2: command 0x040f tx timeout [ 204.900212][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 204.952346][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 204.992197][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.053239][ T9069] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 205.102088][ T9069] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 205.153155][ T9069] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 205.197734][ T9094] Bluetooth: hci3: command 0x040f tx timeout [ 205.202489][ T9064] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 205.280679][ T9064] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 205.312528][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.345153][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.372275][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 205.401013][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 205.427530][ T9069] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 205.454359][ T9066] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.486649][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.510937][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.534011][ T3078] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.557863][ T3078] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.577500][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.613320][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.637651][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.667505][ T4075] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.688552][ T4075] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.710432][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 205.728400][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 205.771158][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.800358][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.833743][ T9064] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.871885][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.909191][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.955837][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 206.005576][ T9068] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.031176][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 206.063249][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 206.092839][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 206.133714][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 206.161504][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 206.197754][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 206.238041][ T9066] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 206.271883][ T9068] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.293696][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 206.321038][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 206.327234][ T9094] Bluetooth: hci0: command 0x0419 tx timeout [ 206.344215][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 206.387760][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 206.432440][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 206.468574][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 206.493708][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.517657][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.542778][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 206.557644][ T9094] Bluetooth: hci1: command 0x0419 tx timeout [ 206.592255][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 206.616025][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 206.639892][ T4075] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.667423][ T4075] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.701605][ T9098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 206.748369][ T9066] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.785110][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 206.808627][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 206.832803][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 206.855521][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 206.886312][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 206.910463][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 206.942898][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 206.970795][ T9098] Bluetooth: hci2: command 0x0419 tx timeout [ 206.977662][ T9064] device veth0_vlan entered promiscuous mode [ 207.030792][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.055881][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 207.088418][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 207.128004][ T9069] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.160724][ T9064] device veth1_vlan entered promiscuous mode [ 207.190247][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 207.221077][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 207.256449][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 207.277530][ T3078] Bluetooth: hci3: command 0x0419 tx timeout [ 207.305849][ T9098] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 207.333055][ T9098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 207.355751][ T9098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 207.378134][ T9098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 207.401668][ T9098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 207.445482][ T9069] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.470410][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 207.491456][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 207.515633][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.535098][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 207.552545][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 207.572468][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 207.599449][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 207.632059][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 207.669791][ T9066] device veth0_vlan entered promiscuous mode [ 207.713796][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.744213][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.770948][ T51] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.795814][ T51] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.828265][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 207.856524][ T9068] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 207.908067][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 207.933972][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.958298][ T9094] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.979997][ T9094] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.001213][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 208.030589][ T9066] device veth1_vlan entered promiscuous mode [ 208.055144][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 208.071502][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 208.088176][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 208.112403][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 208.147558][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.175366][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.210108][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.237949][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 208.260328][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 208.285863][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 208.311649][ T9064] device veth0_macvtap entered promiscuous mode [ 208.349941][ T9068] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.379791][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 208.404178][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.426616][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.449576][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.467358][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 208.488844][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.505594][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.552344][ T9066] device veth0_macvtap entered promiscuous mode [ 208.591327][ T9064] device veth1_macvtap entered promiscuous mode [ 208.613800][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 208.638527][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 208.665325][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 208.692271][ T9066] device veth1_macvtap entered promiscuous mode [ 208.754297][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 208.776395][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 208.801683][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 208.826400][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 208.848542][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 208.878333][ T9064] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 208.911875][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 208.934101][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 208.966488][ T9069] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.988368][ T9066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 209.020078][ T9066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.058190][ T9066] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 209.090244][ T9064] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.122317][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 209.159486][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 209.188365][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 209.215236][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 209.249677][ T9066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 209.288956][ T9066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.322046][ T9066] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.343654][ T9064] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.370149][ T9064] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.391244][ T9064] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.418424][ T9064] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.464385][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 209.496291][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 209.522168][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 209.542529][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 209.565529][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 209.586313][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 209.608803][ T9068] device veth0_vlan entered promiscuous mode [ 209.638013][ T9066] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.662857][ T9066] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.686758][ T9066] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.710447][ T9066] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.765573][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 209.790391][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 209.821164][ T9068] device veth1_vlan entered promiscuous mode [ 209.896275][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 209.916773][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 209.940729][ T9069] device veth0_vlan entered promiscuous mode [ 209.980465][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 210.004135][ T4075] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 210.065138][ T9069] device veth1_vlan entered promiscuous mode [ 210.089514][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.113886][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.125269][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 210.135748][ T9085] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.164427][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 210.192835][ T9085] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.220299][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 210.272438][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 210.313214][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 210.360552][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 210.445570][ T9068] device veth0_macvtap entered promiscuous mode [ 210.477927][ T9068] device veth1_macvtap entered promiscuous mode [ 210.502034][ T2971] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.502910][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 210.546453][ T2971] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.581317][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 210.640220][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 210.672490][ T9078] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.709812][ T9078] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.767576][ T9068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 210.813726][ T9068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.848755][ T9068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 210.894248][ T9068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.926619][ T9068] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.959562][ T9068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 210.996619][ T9068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.027889][ T9068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 211.058941][ T9068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.094578][ T9068] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 211.118804][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 211.141069][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 211.168161][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 211.192776][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 211.215872][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 211.241929][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 211.272833][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 211.331705][ T9069] device veth0_macvtap entered promiscuous mode [ 211.331950][ T9066] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 211.368453][ T9069] device veth1_macvtap entered promiscuous mode [ 211.469119][ T9068] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 00:06:46 executing program 1: r0 = socket(0x2, 0xa, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x5421, &(0x7f0000000000)={'batadv0\x00'}) [ 211.575712][ T9068] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.635549][ T9105] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET) [ 211.643290][ T9068] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.744983][ T9068] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 00:06:47 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x9, 0x2, &(0x7f0000000300)=@raw=[@map_val], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 211.824767][ T9069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 00:06:47 executing program 1: setitimer(0x2, &(0x7f0000005100)={{0x77359400}}, 0x0) [ 211.932679][ T9069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.984222][ T9069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 00:06:47 executing program 0: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) write$vhost_msg(r0, &(0x7f0000000240)={0x1, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x48) 00:06:47 executing program 1: fsopen(&(0x7f0000000040)='nfs\x00', 0x0) [ 212.046120][ T9069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.093641][ T9069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 212.153091][ T9069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 00:06:47 executing program 1: r0 = socket$phonet(0x23, 0x2, 0x1) ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000700)=0xfffffff7) [ 212.213262][ T9069] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 212.257242][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 212.339347][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 212.365397][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 212.392544][ T72] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 212.438600][ T9069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 212.485233][ T9069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.522454][ T9069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 212.556060][ T9069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.585066][ T9069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 212.616754][ T9069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.649873][ T9069] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 212.677798][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 212.710113][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 212.758170][ T9069] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.802640][ T9069] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.842237][ T9069] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.881698][ T9069] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.950675][ T9100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 212.987714][ T9100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.029280][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 213.072771][ T2971] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.101877][ T2971] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.140192][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 213.175728][ T2971] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.200028][ T2971] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.217970][ T9100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.222518][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 00:06:48 executing program 2: bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000004c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) [ 213.244713][ T9100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.306741][ T9097] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 00:06:48 executing program 3: r0 = socket(0x2, 0xa, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x541b, 0x0) 00:06:48 executing program 0: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) write$vhost_msg(r0, &(0x7f0000000240)={0x1, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x48) 00:06:48 executing program 1: r0 = socket(0x25, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, 0x0, 0x0) 00:06:48 executing program 2: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000000)=0x3, 0x4) 00:06:48 executing program 0: r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000180)='/dev/udmabuf\x00', 0x2) ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0, 0xfffffffff0000000}) 00:06:48 executing program 2: openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ashmem\x00', 0x20000, 0x0) 00:06:48 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private2, @dev, 0x700}}) 00:06:48 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000240)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc0205647, &(0x7f00000002c0)={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '1E\nJ'}, 0x0, 0x0, @planes=0x0}) 00:06:48 executing program 2: r0 = socket(0x15, 0x5, 0x0) recvmsg$can_raw(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) 00:06:48 executing program 0: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xd056, 0x0) read$rfkill(r0, 0x0, 0x0) 00:06:49 executing program 1: r0 = socket(0x18, 0x0, 0x0) bind$qrtr(r0, &(0x7f0000000000), 0xc) 00:06:49 executing program 0: bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={0x0, 0x0, 0x8}, 0x10) 00:06:49 executing program 3: remap_file_pages(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x5, 0x0, 0x0) 00:06:49 executing program 1: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 00:06:49 executing program 1: syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x400) prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0)='wireguard\x00') openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) [ 213.741555][ T9171] mmap: syz-executor.3 (9171) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. 00:06:49 executing program 0: r0 = socket(0x2, 0xa, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x891e, &(0x7f0000000000)={'batadv0\x00'}) 00:06:49 executing program 2: r0 = socket(0x2, 0x1, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000380)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={0x0}}, 0x24000080) 00:06:49 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/uhid\x00', 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000240)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000200)=""/45, 0x2d}}, 0x120) 00:06:49 executing program 0: r0 = socket(0x2, 0xa, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x891e, &(0x7f0000000000)={'batadv0\x00'}) 00:06:49 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000240)='/dev/video#\x00', 0x100, 0x2) syz_open_dev$vcsn(0x0, 0x0, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000000)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x26}}, @ib={0x1b, 0x0, 0x0, {"00ff0700007400000018000000000400"}}}}, 0x118) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000180)}}, 0x20) [ 214.460140][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 00:06:49 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0)='batadv\x00') sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0xb318486d71fffb59}, 0x14}}, 0x0) [ 214.475860][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 00:06:49 executing program 2: fsopen(&(0x7f0000000080)='erofs\x00', 0x0) [ 214.488033][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 00:06:49 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x890b, 0x0) [ 214.498179][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.534936][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 00:06:49 executing program 2: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000380)=ANY=[@ANYBLOB="0100000035000000dc"]) [ 214.545864][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.556368][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 00:06:49 executing program 0: shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x0) syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) [ 214.577011][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.603936][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.615942][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.626358][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.636625][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.647688][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.660001][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.671250][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.683502][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.695107][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.707098][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.722478][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.735738][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.747399][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.760325][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.773229][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.787113][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.801504][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.814864][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.825529][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.837284][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.848204][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.859648][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.871972][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.883638][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.895566][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.906865][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.918281][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.930504][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.943250][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.955847][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.970857][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 214.988143][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 215.005511][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 215.024128][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 215.039420][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 215.052708][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 215.065440][ T9094] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 215.082896][ T9094] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.00 Device [syz0] on syz0 [ 215.110715][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.125328][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.152140][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.178515][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.199079][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.213033][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.229564][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.247434][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.261119][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.274459][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.289414][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.305029][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.317312][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.328559][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.340829][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.353221][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.364274][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.375185][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.388385][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.402159][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.412881][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.425701][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.437829][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.449395][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.460098][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.471203][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.483793][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.497670][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.509754][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.521990][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.533096][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.546505][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.560077][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.573862][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.587214][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.599380][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.612681][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.626017][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.639294][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.651939][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.666489][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.680300][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.694261][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.710004][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.727129][ T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 215.741798][ T7] hid-generic 0000:0000:0000.0003: hidraw1: HID v0.00 Device [syz0] on syz0 00:06:51 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x56, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000380)=[{&(0x7f00000000c0)=""/9, 0x9}], 0x1}}], 0x48}, 0x0) 00:06:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_udp_int(r0, 0x11, 0xb, 0x0, &(0x7f0000000040)) 00:06:51 executing program 0: r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) getsockname(r0, 0x0, &(0x7f0000000080)) 00:06:51 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/uhid\x00', 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000240)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000200)=""/45, 0x2d}}, 0x120) [ 215.805718][ T9220] ------------[ cut here ]------------ 00:06:51 executing program 0: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$IOCTL_STOP_ACCEL_DEV(r0, 0x40096101, &(0x7f0000000300)) [ 215.805810][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 00:06:51 executing program 2: syz_genetlink_get_family_id$ethtool(0xffffffffffffffff) [ 215.832698][ T9220] WARNING: CPU: 2 PID: 9220 at mm/page_alloc.c:4930 __alloc_pages_nodemask+0x5f8/0x730 [ 215.847578][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 215.851071][ T9220] Modules linked in: 00:06:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000080)={'ip_vti0\x00', &(0x7f0000000000)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @private}}}}) [ 215.862219][ T9229] QAT: Device 0 not found 00:06:51 executing program 0: fsopen(&(0x7f0000000200)='ufs\x00', 0x0) r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) accept4$ax25(r0, 0x0, 0x0, 0x0) openat$vfio(0xffffffffffffff9c, &(0x7f0000000740)='/dev/vfio/vfio\x00', 0x0, 0x0) socket$phonet_pipe(0x23, 0x5, 0x2) [ 215.867741][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 215.871118][ T9220] [ 215.874803][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 215.884774][ T9220] CPU: 2 PID: 9220 Comm: syz-executor.1 Not tainted 5.10.0-rc4-syzkaller #0 [ 215.890698][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 215.900493][ T9220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 215.924451][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 215.946492][ T9220] RIP: 0010:__alloc_pages_nodemask+0x5f8/0x730 [ 215.969460][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 215.987297][ T9220] Code: 00 00 0c 00 0f 85 a7 00 00 00 8b 3c 24 4c 89 f2 44 89 e6 c6 44 24 70 00 48 89 6c 24 58 e8 00 d5 ff ff 49 89 c5 e9 ea fc ff ff <0f> 0b e9 b5 fd ff ff 89 74 24 14 4c 89 4c 24 08 4c 89 74 24 18 e8 [ 216.008196][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.049201][ T9220] RSP: 0018:ffffc900049af770 EFLAGS: 00010246 [ 216.062620][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.062636][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.062651][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.074072][ T9220] [ 216.074085][ T9220] RAX: 0000000000000000 RBX: 1ffff92000935ef2 RCX: 0000000000000000 [ 216.074092][ T9220] RDX: 0000000000000000 RSI: dffffc0000000000 RDI: 0000000000040dc0 [ 216.074098][ T9220] RBP: 0000000000040dc0 R08: 0000000000000000 R09: ffff88806bbf8ea0 [ 216.074104][ T9220] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000018 [ 216.074110][ T9220] R13: 0000000000000018 R14: 0000000000000000 R15: 0000001000000000 [ 216.074138][ T9220] FS: 0000000000000000(0000) GS:ffff88802cc00000(0063) knlGS:00000000f5591b40 [ 216.084998][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.096151][ T9220] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 216.106771][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.106787][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.111854][ T9220] CR2: 000000000137efd0 CR3: 000000001d800000 CR4: 0000000000350ef0 [ 216.126061][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.126076][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.126089][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.126103][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.140814][ T9220] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 216.140822][ T9220] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 216.140826][ T9220] Call Trace: [ 216.140851][ T9220] ? __alloc_pages_slowpath.constprop.0+0x2510/0x2510 [ 216.141014][ T9220] ? find_held_lock+0x2d/0x110 [ 216.141027][ T9220] ? fs_reclaim_release+0x90/0xd0 [ 216.141065][ T9220] alloc_pages_current+0x191/0x2a0 [ 216.141114][ T9220] kmalloc_order+0x2e/0xb0 [ 216.141126][ T9220] kmalloc_order_trace+0x14/0x120 [ 216.141403][ T9220] rds_rdma_extra_size+0xb2/0x3b0 [ 216.141420][ T9220] rds_sendmsg+0x20d1/0x3010 [ 216.155319][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.155345][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.167862][ T9220] ? rds_send_drop_to+0x13e0/0x13e0 [ 216.178467][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.178482][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.178495][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.178509][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.178522][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.178543][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.178556][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.178569][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.178583][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.178600][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.178626][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.193645][ T9220] ? aa_af_perm+0x230/0x230 [ 216.203571][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203586][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203600][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203614][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203627][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203641][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203658][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203678][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203694][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203711][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203724][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203737][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203751][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.203769][ T51] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 216.206551][ T51] hid-generic 0000:0000:0000.0004: hidraw1: HID v0.00 Device [syz0] on syz0 [ 216.214355][ T9220] ? rds_send_drop_to+0x13e0/0x13e0 [ 216.729150][ T9220] sock_sendmsg+0xcf/0x120 [ 216.739410][ T9220] ____sys_sendmsg+0x6e8/0x810 [ 216.747686][ T9220] ? kernel_sendmsg+0x50/0x50 [ 216.754691][ T9220] ? do_recvmmsg+0x6c0/0x6c0 [ 216.761329][ T9220] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 216.769114][ T9220] ___sys_sendmsg+0xf3/0x170 [ 216.774901][ T9220] ? sendmsg_copy_msghdr+0x160/0x160 [ 216.782084][ T9220] ? __fget_files+0x272/0x400 [ 216.788483][ T9220] ? lock_downgrade+0x6d0/0x6d0 [ 216.794482][ T9220] ? find_held_lock+0x2d/0x110 [ 216.801389][ T9220] ? __fget_files+0x294/0x400 [ 216.807823][ T9220] ? __fget_light+0xea/0x280 [ 216.814239][ T9220] __sys_sendmsg+0xe5/0x1b0 [ 216.820150][ T9220] ? __sys_sendmsg_sock+0xb0/0xb0 [ 216.828946][ T9220] ? syscall_enter_from_user_mode_prepare+0x13/0x20 [ 216.839298][ T9220] __do_fast_syscall_32+0x56/0x80 [ 216.846343][ T9220] do_fast_syscall_32+0x2f/0x70 [ 216.853851][ T9220] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 216.863384][ T9220] RIP: 0023:0xf7f97549 [ 216.869097][ T9220] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 216.895932][ T9220] RSP: 002b:00000000f55910bc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 216.909460][ T9220] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001600 [ 216.922506][ T9220] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 216.933797][ T9220] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 216.950772][ T9220] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 216.965489][ T9220] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 216.984264][ T9220] Kernel panic - not syncing: panic_on_warn set ... [ 217.007247][ T9220] CPU: 2 PID: 9220 Comm: syz-executor.1 Not tainted 5.10.0-rc4-syzkaller #0 [ 217.034684][ T9220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 217.061499][ T9220] Call Trace: [ 217.067170][ T9220] dump_stack+0x107/0x163 [ 217.075906][ T9220] panic+0x306/0x73d [ 217.081964][ T9220] ? __warn_printk+0xf3/0xf3 [ 217.087348][ T9220] ? __warn.cold+0x1a/0x44 [ 217.095199][ T9220] ? __alloc_pages_nodemask+0x5f8/0x730 [ 217.103733][ T9220] __warn.cold+0x35/0x44 [ 217.107085][ T9220] ? __alloc_pages_nodemask+0x5f8/0x730 [ 217.115923][ T9220] report_bug+0x1bd/0x210 [ 217.122472][ T9220] handle_bug+0x3c/0x60 [ 217.128475][ T9220] exc_invalid_op+0x14/0x40 [ 217.137445][ T9220] asm_exc_invalid_op+0x12/0x20 [ 217.146079][ T9220] RIP: 0010:__alloc_pages_nodemask+0x5f8/0x730 [ 217.151194][ T9220] Code: 00 00 0c 00 0f 85 a7 00 00 00 8b 3c 24 4c 89 f2 44 89 e6 c6 44 24 70 00 48 89 6c 24 58 e8 00 d5 ff ff 49 89 c5 e9 ea fc ff ff <0f> 0b e9 b5 fd ff ff 89 74 24 14 4c 89 4c 24 08 4c 89 74 24 18 e8 [ 217.187600][ T9220] RSP: 0018:ffffc900049af770 EFLAGS: 00010246 [ 217.187600][ T9220] RAX: 0000000000000000 RBX: 1ffff92000935ef2 RCX: 0000000000000000 [ 217.200331][ T9220] RDX: 0000000000000000 RSI: dffffc0000000000 RDI: 0000000000040dc0 [ 217.217077][ T9220] RBP: 0000000000040dc0 R08: 0000000000000000 R09: ffff88806bbf8ea0 [ 217.227165][ T9220] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000018 [ 217.240005][ T9220] R13: 0000000000000018 R14: 0000000000000000 R15: 0000001000000000 [ 217.247301][ T9220] ? __alloc_pages_slowpath.constprop.0+0x2510/0x2510 [ 217.257007][ T9220] ? find_held_lock+0x2d/0x110 [ 217.266330][ T9220] ? fs_reclaim_release+0x90/0xd0 [ 217.271630][ T9220] alloc_pages_current+0x191/0x2a0 [ 217.282394][ T9220] kmalloc_order+0x2e/0xb0 [ 217.288433][ T9220] kmalloc_order_trace+0x14/0x120 [ 217.294362][ T9220] rds_rdma_extra_size+0xb2/0x3b0 [ 217.301862][ T9220] rds_sendmsg+0x20d1/0x3010 [ 217.309225][ T9220] ? rds_send_drop_to+0x13e0/0x13e0 [ 217.316319][ T9220] ? aa_af_perm+0x230/0x230 [ 217.322298][ T9220] ? rds_send_drop_to+0x13e0/0x13e0 [ 217.331200][ T9220] sock_sendmsg+0xcf/0x120 [ 217.337199][ T9220] ____sys_sendmsg+0x6e8/0x810 [ 217.347290][ T9220] ? kernel_sendmsg+0x50/0x50 [ 217.352995][ T9220] ? do_recvmmsg+0x6c0/0x6c0 [ 217.357676][ T9220] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 217.365874][ T9220] ___sys_sendmsg+0xf3/0x170 [ 217.372370][ T9220] ? sendmsg_copy_msghdr+0x160/0x160 [ 217.378410][ T9220] ? __fget_files+0x272/0x400 [ 217.385785][ T9220] ? lock_downgrade+0x6d0/0x6d0 [ 217.391821][ T9220] ? find_held_lock+0x2d/0x110 [ 217.397690][ T9220] ? __fget_files+0x294/0x400 [ 217.402349][ T9220] ? __fget_light+0xea/0x280 [ 217.408102][ T9220] __sys_sendmsg+0xe5/0x1b0 [ 217.413940][ T9220] ? __sys_sendmsg_sock+0xb0/0xb0 [ 217.421116][ T9220] ? syscall_enter_from_user_mode_prepare+0x13/0x20 [ 217.429315][ T9220] __do_fast_syscall_32+0x56/0x80 [ 217.435168][ T9220] do_fast_syscall_32+0x2f/0x70 [ 217.437175][ T9220] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 217.452129][ T9220] RIP: 0023:0xf7f97549 [ 217.457043][ T9220] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 217.482408][ T9220] RSP: 002b:00000000f55910bc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 217.493200][ T9220] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001600 [ 217.505233][ T9220] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 217.522354][ T9220] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 217.534061][ T9220] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 217.545840][ T9220] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 217.555573][ T9220] Kernel Offset: disabled [ 217.555573][ T9220] Rebooting in 86400 seconds.. VM DIAGNOSIS: 00:06:51 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffffc9000621fcc0 RCX=ffffffff83d3157f RDX=ffff8880128f2180 RSI=ffffffff83d31623 RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc9000621fb50 R8 =0000000000000000 R9 =ffffffff8ecc3667 R10=0000000000000000 R11=0000000000000000 R12=ffff8880191d4b02 R13=ffffc9000621fcd8 R14=ffff8880192e8f68 R15=ffffc9000621fde0 RIP=ffffffff83d3162a RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fd512e0b740 ffffffff 00c00000 GS =0000 ffff88802cc00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd5126ee900 CR3=000000006ad74000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=494b4c420047554245445f44494b4c42 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000690f7e3990 RBX=0000000000000000 RCX=00000000000006e0 RDX=0000000000000069 RSI=ffff88802cd1fa00 RDI=00000000000bb3a2 RBP=ffff88802cd1fa00 RSP=ffffc900004c8eb8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=00000000000bb3a2 R13=0000000000000000 R14=0000000000000000 R15=ffff88802cd26900 RIP=ffffffff812db65b RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802cd00000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000000810a3e2 CR3=000000006bbea000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000a60ce07b00000000cec3662e XMM01=000000000000000065bad58c0d1de5d2 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=000000000001202b RBX=0000000000000001 RCX=ffffc9000ebf5000 RDX=0000000000040000 RSI=ffffffff8158d679 RDI=0000000000000001 RBP=0000000000000200 RSP=ffffc900049af430 R8 =0000000000000000 R9 =ffffffff8ecc3667 R10=0000000000000000 R11=0000000000000000 R12=0000000000000012 R13=0000000000000212 R14=ffff888010c30000 R15=0000000000000000 RIP=ffffffff8158d67b RFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802ce00000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000625208 CR3=000000001d800000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000052 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff840e8cbc RDI=ffffffff8fad9aa0 RBP=ffffffff8fad9a60 RSP=ffffc90000697118 R8 =0000000000000001 R9 =0000000000000003 R10=000000000000000a R11=0000000000000000 R12=0000000000000020 R13=fffffbfff1f5b39f R14=fffffbfff1f5b356 R15=dffffc0000000000 RIP=ffffffff840e8d10 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cf00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000008590004 CR3=000000006c256000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000002 XMM02=00000050000000000000000100000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000