last executing test programs: 3.679599394s ago: executing program 1 (id=3381): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) r2 = socket$nl_audit(0x10, 0x3, 0x9) r3 = pidfd_getfd(r1, r2, 0x0) sendmsg$alg(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)=':', 0x1}], 0x1}, 0x0) 3.611730106s ago: executing program 1 (id=3383): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r2, 0x0) ioctl$KDGKBENT(r0, 0x4b4e, 0x0) 3.461138695s ago: executing program 1 (id=3384): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8001, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_clone(0x88200, 0x0, 0xffffffffffffff5a, 0x0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) 2.11064102s ago: executing program 1 (id=3388): r0 = getpid() r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_pidfd_open(r0, 0x0) r3 = pidfd_getfd(r2, r1, 0x0) sendmsg$NL80211_CMD_ADD_TX_TS(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) 1.74156282s ago: executing program 1 (id=3392): r0 = syz_open_procfs$userns(0x0, &(0x7f0000000600)) close(r0) close(0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, 0x0, 0x0) 1.74124137s ago: executing program 0 (id=3393): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) recvfrom(r0, 0x0, 0x0, 0x3, 0x0, 0x0) 1.552831156s ago: executing program 1 (id=3394): shmctl$SHM_LOCK(0x0, 0xb) msgrcv(0x0, 0x0, 0x0, 0x0, 0x0) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000480)={0x2}, 0x0, 0x0) msgrcv(r0, &(0x7f0000000080)={0x0, ""/2}, 0x0, 0x2, 0x800) 1.552545536s ago: executing program 0 (id=3395): r0 = getpid() r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_pidfd_open(r0, 0x0) r3 = pidfd_getfd(r2, r1, 0x0) fadvise64(r3, 0x0, 0x0, 0x0) 1.406558624s ago: executing program 0 (id=3396): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_clone(0x88200, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0) 438.168837ms ago: executing program 0 (id=3397): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) r3 = pidfd_getfd(r1, r2, 0x0) ioctl$KDSIGACCEPT(r3, 0x4b4e, 0xb) 118.440098ms ago: executing program 0 (id=3398): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) close_range(r1, 0xffffffffffffffff, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000080)={0x0, 0xa}, &(0x7f0000000140)=0x8) 0s ago: executing program 0 (id=3399): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_clone(0x88200, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x4000) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:45197' (ED25519) to the list of known hosts. syzkaller login: [ 123.159597][ T3262] cgroup: Unknown subsys name 'net' [ 123.516202][ T3262] cgroup: Unknown subsys name 'cpuset' [ 123.551503][ T3262] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 124.491168][ T3262] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 133.073372][ T3268] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.110741][ T3268] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.411750][ T3269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.450095][ T3269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 134.849100][ T3268] hsr_slave_0: entered promiscuous mode [ 134.888812][ T3268] hsr_slave_1: entered promiscuous mode [ 135.278586][ T3269] hsr_slave_0: entered promiscuous mode [ 135.337886][ T3269] hsr_slave_1: entered promiscuous mode [ 135.376086][ T3269] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 135.377277][ T3269] Cannot create hsr debugfs directory [ 136.434374][ T3268] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 136.495968][ T3268] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 136.541410][ T3268] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 136.591834][ T3268] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 136.780844][ T3269] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 136.807804][ T3269] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 136.830949][ T3269] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 136.851067][ T3269] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 138.621755][ T3268] 8021q: adding VLAN 0 to HW filter on device bond0 [ 138.663880][ T3269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 145.153707][ T3268] veth0_vlan: entered promiscuous mode [ 145.291220][ T3269] veth0_vlan: entered promiscuous mode [ 145.372448][ T3268] veth1_vlan: entered promiscuous mode [ 145.400002][ T3269] veth1_vlan: entered promiscuous mode [ 145.702355][ T3269] veth0_macvtap: entered promiscuous mode [ 145.742670][ T3268] veth0_macvtap: entered promiscuous mode [ 145.772795][ T3269] veth1_macvtap: entered promiscuous mode [ 145.803990][ T3268] veth1_macvtap: entered promiscuous mode [ 146.132534][ T3269] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.134182][ T3269] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.146256][ T3269] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.147402][ T3269] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.183497][ T3268] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.188532][ T3268] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.189730][ T3268] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.190834][ T3268] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.879410][ T3268] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 150.981141][ C1] vkms_vblank_simulate: vblank timer overrun [ 152.301250][ C1] vkms_vblank_simulate: vblank timer overrun [ 152.345050][ C1] vkms_vblank_simulate: vblank timer overrun [ 155.144270][ T3454] input: syz1 as /devices/virtual/input/input1 [ 167.257217][ T3492] Zero length message leads to an empty skb [ 188.455784][ C0] vkms_vblank_simulate: vblank timer overrun [ 189.688511][ C0] vkms_vblank_simulate: vblank timer overrun [ 189.937591][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.278782][ T3609] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 217.088646][ T3757] deleting an unspecified loop device is not supported. [ 239.338742][ T3858] input: syz0 as /devices/virtual/input/input2 [ 251.110339][ T97] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 251.238687][ T97] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 251.343172][ T97] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 251.424264][ T97] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.622732][ T97] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 252.682555][ T97] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 252.751257][ T97] bond0 (unregistering): Released all slaves [ 252.988019][ T97] hsr_slave_0: left promiscuous mode [ 253.032955][ T97] hsr_slave_1: left promiscuous mode [ 253.168573][ T97] veth1_macvtap: left promiscuous mode [ 253.169732][ T97] veth0_macvtap: left promiscuous mode [ 253.170935][ T97] veth1_vlan: left promiscuous mode [ 253.172077][ T97] veth0_vlan: left promiscuous mode [ 257.278726][ T3931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.303673][ T3931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 260.019728][ T3931] hsr_slave_0: entered promiscuous mode [ 260.057811][ T3931] hsr_slave_1: entered promiscuous mode [ 260.097455][ T3931] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 260.098369][ T3931] Cannot create hsr debugfs directory [ 262.281947][ T3931] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 262.342789][ T3931] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 262.406318][ T3931] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 262.441908][ T3931] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 264.938802][ T3931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.230266][ T3931] veth0_vlan: entered promiscuous mode [ 272.273710][ T3931] veth1_vlan: entered promiscuous mode [ 272.550516][ T3931] veth0_macvtap: entered promiscuous mode [ 272.608580][ T3931] veth1_macvtap: entered promiscuous mode [ 272.787909][ T3931] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.789148][ T3931] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.790303][ T3931] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.791322][ T3931] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.922817][ T4262] "syz.0.320" (4262) uses obsolete ecb(arc4) skcipher [ 291.156582][ T4271] "syz.0.322" (4271) uses obsolete ecb(arc4) skcipher [ 321.968619][ T4463] lo: entered promiscuous mode [ 321.971860][ T4462] lo: left promiscuous mode [ 335.302573][ C1] hrtimer: interrupt took 937408 ns [ 350.229777][ T4618] sctp: [Deprecated]: syz.1.471 (pid 4618) Use of int in max_burst socket option. [ 350.229777][ T4618] Use struct sctp_assoc_value instead [ 353.384499][ T4657] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 359.114846][ C1] vkms_vblank_simulate: vblank timer overrun [ 360.063909][ C1] vkms_vblank_simulate: vblank timer overrun [ 365.091909][ C0] vkms_vblank_simulate: vblank timer overrun [ 395.638297][ T4943] "syz.1.615" (4943) uses obsolete ecb(arc4) skcipher [ 398.874940][ C0] vkms_vblank_simulate: vblank timer overrun [ 403.352349][ T5021] input: syz0 as /devices/virtual/input/input3 [ 419.390710][ T5083] "syz.0.679" (5083) uses obsolete ecb(arc4) skcipher [ 421.325996][ T5111] "syz.1.692" (5111) uses obsolete ecb(arc4) skcipher [ 425.728551][ T5160] "syz.1.715" (5160) uses obsolete ecb(arc4) skcipher [ 433.127239][ T5180] input: syz0 as /devices/virtual/input/input4 [ 470.863071][ T5339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 470.907968][ T5339] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 471.233424][ T5339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 471.280073][ T5339] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 472.151741][ T5349] "syz.1.795" (5349) uses obsolete ecb(arc4) skcipher [ 498.312420][ C1] vkms_vblank_simulate: vblank timer overrun [ 498.612677][ C1] vkms_vblank_simulate: vblank timer overrun [ 505.062787][ T5583] input: syz1 as /devices/virtual/input/input5 [ 512.200505][ T5629] netlink: 40 bytes leftover after parsing attributes in process `syz.1.918'. [ 518.174258][ T5681] input: syz0 as /devices/virtual/input/input6 [ 533.690821][ T5746] "syz.0.971" (5746) uses obsolete ecb(arc4) skcipher [ 552.561979][ T5836] input: syz1 as /devices/virtual/input/input7 [ 562.150385][ C1] vkms_vblank_simulate: vblank timer overrun [ 588.633835][ T6011] capability: warning: `syz.1.1088' uses deprecated v2 capabilities in a way that may be insecure [ 607.685916][ T6125] ptrace attach of ""[6126] was attempted by "/syz-executor exec"[6125] [ 625.247111][ C1] vkms_vblank_simulate: vblank timer overrun [ 639.114902][ C0] vkms_vblank_simulate: vblank timer overrun [ 639.249025][ C0] vkms_vblank_simulate: vblank timer overrun [ 639.382671][ C0] vkms_vblank_simulate: vblank timer overrun [ 640.039385][ T6304] sctp: [Deprecated]: syz.0.1216 (pid 6304) Use of int in max_burst socket option deprecated. [ 640.039385][ T6304] Use struct sctp_assoc_value instead [ 640.197767][ C0] vkms_vblank_simulate: vblank timer overrun [ 678.250841][ C0] vkms_vblank_simulate: vblank timer overrun [ 678.282808][ C0] vkms_vblank_simulate: vblank timer overrun [ 680.632178][ C0] vkms_vblank_simulate: vblank timer overrun [ 681.782104][ C0] vkms_vblank_simulate: vblank timer overrun [ 681.882102][ C0] vkms_vblank_simulate: vblank timer overrun [ 682.080751][ C0] vkms_vblank_simulate: vblank timer overrun [ 687.881811][ T6606] ======================================================= [ 687.881811][ T6606] WARNING: The mand mount option has been deprecated and [ 687.881811][ T6606] and is ignored by this kernel. Remove the mand [ 687.881811][ T6606] option from the mount to silence this warning. [ 687.881811][ T6606] ======================================================= [ 688.573939][ T964] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.721272][ T964] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.824002][ T964] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.952817][ T964] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 690.389502][ T964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 690.431520][ T964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 690.498427][ T964] bond0 (unregistering): Released all slaves [ 690.708657][ T964] hsr_slave_0: left promiscuous mode [ 690.750164][ T964] hsr_slave_1: left promiscuous mode [ 690.874106][ T964] veth1_macvtap: left promiscuous mode [ 690.890862][ T964] veth0_macvtap: left promiscuous mode [ 690.892407][ T964] veth1_vlan: left promiscuous mode [ 690.898628][ T964] veth0_vlan: left promiscuous mode [ 696.349489][ T6616] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 696.372929][ T6616] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 698.918582][ T6616] hsr_slave_0: entered promiscuous mode [ 699.008270][ T6616] hsr_slave_1: entered promiscuous mode [ 699.106077][ T6616] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 699.106797][ T6616] Cannot create hsr debugfs directory [ 699.967450][ C0] vkms_vblank_simulate: vblank timer overrun [ 700.631097][ C0] vkms_vblank_simulate: vblank timer overrun [ 702.326398][ T6616] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 702.374556][ T6616] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 702.459135][ T6616] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 702.510523][ T6616] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 704.198969][ T6616] 8021q: adding VLAN 0 to HW filter on device bond0 [ 713.087840][ T6616] veth0_vlan: entered promiscuous mode [ 713.158742][ T6616] veth1_vlan: entered promiscuous mode [ 713.372704][ T6616] veth0_macvtap: entered promiscuous mode [ 713.400558][ T6616] veth1_macvtap: entered promiscuous mode [ 713.650496][ T6616] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 713.651890][ T6616] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 713.653014][ T6616] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 713.654221][ T6616] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.621054][ C0] vkms_vblank_simulate: vblank timer overrun [ 803.353693][ C0] vkms_vblank_simulate: vblank timer overrun [ 803.387277][ C0] vkms_vblank_simulate: vblank timer overrun [ 804.320588][ C0] vkms_vblank_simulate: vblank timer overrun [ 857.673931][ T7643] input: syz0 as /devices/virtual/input/input9 [ 896.667139][ T7852] pimreg: entered allmulticast mode [ 909.419425][ C1] vkms_vblank_simulate: vblank timer overrun [ 909.619535][ C1] vkms_vblank_simulate: vblank timer overrun [ 909.718435][ C1] vkms_vblank_simulate: vblank timer overrun [ 910.352212][ C1] vkms_vblank_simulate: vblank timer overrun [ 910.636546][ C1] vkms_vblank_simulate: vblank timer overrun [ 911.402734][ C1] vkms_vblank_simulate: vblank timer overrun [ 912.102919][ C1] vkms_vblank_simulate: vblank timer overrun [ 953.893695][ T8291] lo: entered promiscuous mode [ 953.897725][ T8290] lo: left promiscuous mode [ 971.713489][ T8449] "syz.1.2125" (8449) uses obsolete ecb(arc4) skcipher [ 1004.768982][ T8622] input: syz0 as /devices/virtual/input/input10 [ 1067.473582][ T8946] "syz.1.2337" (8946) uses obsolete ecb(arc4) skcipher [ 1085.073215][ T9094] input: syz0 as /devices/virtual/input/input11 [ 1102.023689][ T9188] capability: warning: `syz.0.2448' uses 32-bit capabilities (legacy support in use) [ 1119.228201][ T9322] "syz.0.2510" (9322) uses obsolete ecb(arc4) skcipher [ 1122.645922][ C0] vkms_vblank_simulate: vblank timer overrun [ 1123.146744][ C0] vkms_vblank_simulate: vblank timer overrun [ 1149.862824][ T9550] binder: 9548:9550 ioctl c0306201 0 returned -14 [ 1149.876216][ T9550] binder: 9548:9550 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 1149.877989][ T9550] binder: 9550 RLIMIT_NICE not set [ 1179.429387][ T9778] Invalid/unusable pipe [ 1220.908863][T10069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1220.958153][T10069] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1227.820182][T10141] syz.0.2876 uses obsolete (PF_INET,SOCK_PACKET) [ 1254.528863][ C1] vkms_vblank_simulate: vblank timer overrun [ 1257.231291][ C1] vkms_vblank_simulate: vblank timer overrun [ 1308.533876][T10625] Injecting memory failure for pfn 0x545b7 at process virtual address 0x207b7000 [ 1308.539404][T10625] Memory failure: 0x545b7: recovery action for unsplit thp: Failed [ 1324.360583][T10653] "syz.0.3107" (10653) uses obsolete ecb(arc4) skcipher [ 1348.226671][T10849] netlink: 'syz.1.3195': attribute type 29 has an invalid length. [ 1348.231605][T10849] netlink: 'syz.1.3195': attribute type 29 has an invalid length. [ 1359.097439][T10924] input: syz0 as /devices/virtual/input/input12 [ 1381.762707][T11087] input: syz1 as /devices/virtual/input/input13 [ 1412.788952][T11276] block nbd0: shutting down sockets [ 1415.931277][ T25] ------------[ cut here ]------------ [ 1415.932298][ T25] WARNING: CPU: 1 PID: 25 at kernel/sched/deadline.c:1995 enqueue_dl_entity+0x47c/0x590 [ 1415.934519][ T25] Modules linked in: [ 1415.936530][ T25] CPU: 1 UID: 0 PID: 25 Comm: kworker/1:0 Tainted: G B 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0 [ 1415.937981][ T25] Tainted: [B]=BAD_PAGE [ 1415.938571][ T25] Hardware name: linux,dummy-virt (DT) [ 1415.939785][ T25] Workqueue: 0x0 (wg-crypt-wg0) [ 1415.941482][ T25] pstate: a14000c9 (NzCv daIF +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 1415.942380][ T25] pc : enqueue_dl_entity+0x47c/0x590 [ 1415.943073][ T25] lr : dl_server_start+0x44/0x12c [ 1415.943707][ T25] sp : ffff800082b93a20 [ 1415.944240][ T25] x29: ffff800082b93a20 x28: f5f00000043b3780 x27: 0000000000000000 [ 1415.945708][ T25] x26: 0000000000000001 x25: 0000000000000000 x24: 0000000000000048 [ 1415.947209][ T25] x23: fff000007f8ee800 x22: 0000000000000001 x21: 000000000016e360 [ 1415.948369][ T25] x20: 0000000000000001 x19: fff000007f8ef168 x18: 0000000000000001 [ 1415.949491][ T25] x17: 0000000000000313 x16: 0000000000000005 x15: 0000000000000000 [ 1415.951761][ T25] x14: 00000000000001a3 x13: 000000000000001c x12: 0000000000000000 [ 1415.953421][ T25] x11: fff000007f8ee880 x10: 0000000000000000 x9 : 0000000000000048 [ 1415.954812][ T25] x8 : 0000000000100000 x7 : 0000000000000001 x6 : f5f00000043b3740 [ 1415.956003][ T25] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 [ 1415.957152][ T25] x2 : 0000000000000001 x1 : 0000000000000001 x0 : 0000000000000001 [ 1415.958479][ T25] Call trace: [ 1415.959002][ T25] enqueue_dl_entity+0x47c/0x590 [ 1415.959749][ T25] dl_server_start+0x44/0x12c [ 1415.961367][ T25] enqueue_task_fair+0x11c/0x3a4 [ 1415.963018][ T25] enqueue_task+0x58/0xbc [ 1415.964127][ T25] activate_task+0x68/0x80 [ 1415.964755][ T25] attach_task+0x4c/0x74 [ 1415.965392][ T25] sched_balance_rq+0x580/0xc74 [ 1415.966108][ T25] sched_balance_newidle.constprop.0+0x1b0/0x3e4 [ 1415.966862][ T25] pick_next_task_fair+0x50/0x320 [ 1415.968525][ T25] __schedule+0x158/0x8e8 [ 1415.970126][ T25] schedule+0x34/0x104 [ 1415.971584][ T25] worker_thread+0x19c/0x354 [ 1415.973158][ T25] kthread+0x114/0x118 [ 1415.973779][ T25] ret_from_fork+0x10/0x20 [ 1415.974691][ T25] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1416.854511][ T964] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1416.949233][ T964] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1417.038589][ T964] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1417.134216][ T964] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1418.184208][ T964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1418.252464][ T964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1418.304153][ T964] bond0 (unregistering): Released all slaves [ 1418.449647][ T964] hsr_slave_0: left promiscuous mode [ 1418.483241][ T964] hsr_slave_1: left promiscuous mode [ 1418.589405][ T964] veth1_macvtap: left promiscuous mode [ 1418.590839][ T964] veth0_macvtap: left promiscuous mode [ 1418.592047][ T964] veth1_vlan: left promiscuous mode [ 1418.593109][ T964] veth0_vlan: left promiscuous mode [ 1418.831431][ T964] pimreg (unregistering): left allmulticast mode [ 1420.761565][ T964] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1420.844259][ T964] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1420.973107][ T964] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1421.103073][ T964] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1422.163475][ T964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1422.216589][ T964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1422.267695][ T964] bond0 (unregistering): Released all slaves [ 1422.388606][ T964] hsr_slave_0: left promiscuous mode [ 1422.438338][ T964] hsr_slave_1: left promiscuous mode [ 1422.537040][ T964] veth1_macvtap: left promiscuous mode [ 1422.538129][ T964] veth0_macvtap: left promiscuous mode [ 1422.539178][ T964] veth1_vlan: left promiscuous mode [ 1422.540174][ T964] veth0_vlan: left promiscuous mode VM DIAGNOSIS: 03:08:34 Registers: info registers vcpu 0 CPU#0 PC=ffff800081a468cc X00=fff000007f8ee800 X01=0000000000000001 X02=0000000000000000 X03=0000000000000001 X04=0000000000000000 X05=0000000000000001 X06=0000000000000000 X07=0000000000000000 X08=ffff800080003838 X09=ffff800082723000 X10=0000000000000001 X11=000000000000bc8e X12=966689926ad77331 X13=e4e7bf39ccefe68a X14=fd001600bc8e0f02 X15=1850fd0b767316bb X16=1f6f00006fc7ffff X17=a9d737a6c189f59f X18=ffff800083d7bc30 X19=ffff8000826ff800 X20=fbf0000005d2b6c0 X21=fdf00000030fb6c0 X22=0000000000000098 X23=fbf0000005d2bf14 X24=00000000000000c0 X25=0000000000000001 X26=fff000007f8ee800 X27=ffff800082a59bc0 X28=f6f0000006771300 X29=ffff800080003650 X30=ffff800081a46310 SP=ffff800080003650 PSTATE=004000c9 ---- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa62c6418:0000ffffa62c6430 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa62c6428:0000ffffa62c6470 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa6e2ca20:0000ffffa62c6410 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa62c6448:0000ffffa62c6420 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa62c6458:0000ffffa62c6450 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa62c6458:0000ffffa62c6450 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa62c6468:0000ffffa62c6460 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffdb2f5600:0000ffffdb2f5600 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000ffffdb2f55d0 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 info registers vcpu 1 CPU#1 PC=ffff800081a2eb48 X00=ffff80008226694c X01=ffff800082b93330 X02=0000000000000004 X03=0000000000000000 X04=ffff80008226694c X05=ffff8000829a0e91 X06=0000000078206301 X07=ffff800082b93690 X08=0000000078206301 X09=ffff800082b93690 X10=fffffffffffd03d8 X11=fffffffffffc0000 X12=ffff8000827fe638 X13=fffffffffff9040f X14=fffffffffffd03f8 X15=fffffffffffd03f8 X16=3030303030303020 X17=3030303030303030 X18=00003fffffffffff X19=ffff80008226694c X20=ffff8000829a0e91 X21=0000000000000004 X22=ffff8000829a0ea6 X23=ffff8000829a0e8d X24=ffff800082b93690 X25=0000000000000019 X26=ffff800082b93690 X27=00000000ffffffc8 X28=ffff80008226694c X29=ffff800082b932d0 X30=ffff800081a33c5c SP=ffff800082b932d0 PSTATE=824003c9 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:2323232323232323:2323232323232323 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00000000306e6f6d:6273752f7665642f Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:c00cc00c00000000:0000000000000000 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:3003300330033003:3003300330033003 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:f00ff00ff00ff00f:f00ff00ff00ff00f Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:cccc000000000000:cccc000000000000 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffbc2c6468:0000ffffbc2c6460 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffef8338a0:0000ffffef8338a0 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000ffffef833870 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000