last executing test programs: 9m31.520037454s ago: executing program 32 (id=17485): r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000200), 0x100, 0x0) capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)={0x4, 0x6, 0x12, 0x7, 0xff, 0x6}) ioctl$RNDADDENTROPY(r0, 0x5207, 0x0) 8m34.384061225s ago: executing program 33 (id=18624): r0 = gettid() r1 = getpid() rt_tgsigqueueinfo(r1, r0, 0x5, &(0x7f0000000140)={0x2, 0xffffffff, 0x6}) 8m1.889020753s ago: executing program 1 (id=19412): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x34, r1, 0x1, 0x0, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5, 0xb, 0x1}]}, 0x34}}, 0x4044) 8m1.82172111s ago: executing program 1 (id=19413): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r0, 0x0, 0x0}, 0x10) 8m1.738808667s ago: executing program 1 (id=19417): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x80, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c) 8m1.689561432s ago: executing program 1 (id=19419): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x8) 8m1.583209999s ago: executing program 1 (id=19422): openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) socket$kcm(0x10, 0x2, 0x0) pselect6(0x40, &(0x7f0000000100)={0x0, 0x4000000000000000, 0x0, 0x0, 0x800, 0x200000000, 0x100000}, 0x0, &(0x7f0000000240)={0x1f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6a9}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 8m1.009745631s ago: executing program 1 (id=19444): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000009c0), 0xffffffffffffffff) sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x2c, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40001}, 0x8000) 8m0.862665266s ago: executing program 34 (id=19444): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000009c0), 0xffffffffffffffff) sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x2c, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40001}, 0x8000) 7m23.795050868s ago: executing program 5 (id=20744): r0 = socket(0x848000000015, 0x805, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7f72}, 0x1c) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c) 7m23.793750707s ago: executing program 5 (id=20746): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000380)={0xffffffffffffffff}, 0x2, 0x7e9fb29333326d96}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000140)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r1, 0x0, 0x7ffffffe, 0x4000}}, 0x20) 7m23.734517408s ago: executing program 5 (id=20749): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]}) shutdown(0xffffffffffffffff, 0x1) brk(0x55555ede6001) 7m23.73428428s ago: executing program 5 (id=20750): r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000000000)={0xf, {"a2e3ad214fc752f91b29090942f70e0dd038e7ff7fc6e5539b3267078b089b34083b681a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b313b0d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) 7m23.655936687s ago: executing program 5 (id=20751): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 7m23.648471194s ago: executing program 5 (id=20753): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000002000010027bd7000ffdbdf250a00004000000007060000000c0014"], 0x30}, 0x1, 0x0, 0x0, 0x24048860}, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0) 7m7.5550959s ago: executing program 35 (id=20753): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000002000010027bd7000ffdbdf250a00004000000007060000000c0014"], 0x30}, 0x1, 0x0, 0x0, 0x24048860}, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0) 5m33.363609247s ago: executing program 4 (id=23328): openat$random(0xffffffffffffff9c, &(0x7f0000000200), 0x80681, 0x0) io_setup(0x6, &(0x7f0000001380)=0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00') io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 5m33.254853134s ago: executing program 4 (id=23329): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x23, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'hsr0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x18, 0x55, 0x2e5, 0x70bd26, 0x1, {0x7, r2}}, 0x18}, 0x1, 0x0, 0x0, 0x44}, 0x20000100) 5m33.15907633s ago: executing program 4 (id=23331): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000200)) syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0) 5m33.158129443s ago: executing program 4 (id=23332): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x203, 0x8401) ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522) ioctl$USBDEVFS_BULK(r0, 0x5523, 0x0) ioctl$USBDEVFS_FORBID_SUSPEND(r0, 0x5521) 5m32.999805872s ago: executing program 4 (id=23335): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000024c0)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x401, 0x70bd2a, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, 0x4982, 0x701ca}, [@IFLA_LINKINFO={0x28, 0x37, 0x0, 0x1, @veth={{0x9}, {0x10, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x10000, 0x48124}}}}}}, @IFLA_PROTO_DOWN={0x5, 0x27, 0x2}]}, 0x50}, 0x1, 0x0, 0x0, 0xc10}, 0x8000) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') 5m32.999497327s ago: executing program 4 (id=23336): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x161283, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000000c0)={0x4e, 0x0, [{0x179, 0x0, 0xf3c}]}) 5m16.787139326s ago: executing program 36 (id=23336): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x161283, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000000c0)={0x4e, 0x0, [{0x179, 0x0, 0xf3c}]}) 3m22.68562708s ago: executing program 8 (id=25434): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000240)={0x5, 0x0, [{0x0, 0x0, 0x0, 0x5712ef9d}, {0x8000001b, 0x6}, {0x5e2796afef1a2f31, 0xffffffff, 0x0, 0x9, 0x1, 0x80, 0x7f}, {0x80000001, 0xffffffef, 0x7, 0x8, 0x5, 0x110, 0x3}, {0x6, 0x7f, 0x5, 0xfffffff8, 0x10001, 0x4, 0x3}]}) 3m22.507374116s ago: executing program 8 (id=25440): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, 0x0, 0x0, 0x4, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 3m22.224306134s ago: executing program 8 (id=25444): memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1) r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="120100000cb768405e0483020b990102030109021b0001000000000904000001012900000905"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_open_dev$audion(&(0x7f00000011c0), 0x3, 0x8c4201) 3m20.658478578s ago: executing program 8 (id=25462): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000280)='./file0\x00', 0x0, 0x97801, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x112) 3m20.569742177s ago: executing program 8 (id=25466): mkdir(&(0x7f0000002200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2145c89, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) pivot_root(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='./file0/../file0\x00') 3m20.024194591s ago: executing program 8 (id=25477): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0000103, 0x0, 0x2df}]}) 3m19.853311653s ago: executing program 37 (id=25477): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0000103, 0x0, 0x2df}]}) 2m21.012287704s ago: executing program 6 (id=26643): r0 = socket(0x11, 0x3, 0x0) setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f00000001c0)=0x9, 0x4) r1 = socket$netlink(0x10, 0x3, 0x4) write(r1, &(0x7f0000000b80)="2f00000014000f3f00000000120f0a0011000000009a67ec53f737bf1739078682ee6e8d06e500000000638c7b9916", 0x2f) 2m20.914845041s ago: executing program 6 (id=26637): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x6, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0) 2m20.614452126s ago: executing program 6 (id=26647): openat$dlm_plock(0xffffff9c, &(0x7f0000000080), 0x800, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x40, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 2m20.534547135s ago: executing program 6 (id=26648): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 2m20.459887003s ago: executing program 6 (id=26652): setitimer(0x2, &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) munlockall() madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) 2m19.658407958s ago: executing program 6 (id=26673): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x31, &(0x7f0000000000)={0x0, 0x0}, 0x10) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x10001, @empty, 0x3}, 0x1c) 2m19.551978147s ago: executing program 38 (id=26673): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x31, &(0x7f0000000000)={0x0, 0x0}, 0x10) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e20, 0x10001, @empty, 0x3}, 0x1c) 57.289511453s ago: executing program 9 (id=27655): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680)) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e23, 0xaa3, @loopback, 0xfffffffe}, 0x1c) shutdown(r0, 0x1) 57.158087337s ago: executing program 9 (id=27657): openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0x9) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) clock_settime(0x100000000000017, &(0x7f0000000000)={0x8000000000000001, 0x3}) 57.106999152s ago: executing program 9 (id=27659): timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = timerfd_create(0x0, 0x0) timerfd_gettime(r0, &(0x7f0000000040)) 56.928134933s ago: executing program 9 (id=27661): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f00000003c0)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00') 56.866576643s ago: executing program 9 (id=27663): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x0) open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x50) epoll_create1(0x0) pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x100000}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6a9}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 56.16436861s ago: executing program 9 (id=27666): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000080), 0x4) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) 56.054500073s ago: executing program 39 (id=27666): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000080), 0x4) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) 1.341031215s ago: executing program 0 (id=28542): bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_io_uring_setup(0x5f86, &(0x7f0000000180)={0x0, 0x2a97, 0x10000, 0x2, 0x3b7}, &(0x7f0000000600), &(0x7f0000000080)) io_uring_enter(r0, 0x7b20, 0xe93c, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f00000002c0)={0x5f, 0x0, 0x0, 0x0, 0x0}, 0x20) fsopen(&(0x7f00000002c0)='gfs2\x00', 0x1) 1.221348996s ago: executing program 0 (id=28546): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newtaction={0x50, 0x30, 0xffff, 0x0, 0x0, {}, [{0x3c, 0x1, [@m_police={0x38, 0x1, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [[@TCA_POLICE_AVRATE={0x8, 0x4, 0x3}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x50}}, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="5c000000020605000000000000000000000000000c00078005001500267d00000500010007000000050005000a000000050004"], 0x5c}}, 0x800) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0) 1.144870901s ago: executing program 0 (id=28547): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000840)={'batadv_slave_0\x00', 0x0}) r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r2}, 0x90) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)=ANY=[@ANYBLOB="340000001000010027bd70000000000000000000", @ANYRES32=r1, @ANYBLOB="004100000000000014002b8008000100", @ANYRES32=r3], 0x34}}, 0x4008000) 1.087830206s ago: executing program 0 (id=28550): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13) write$FUSE_BMAP(r1, &(0x7f0000000080)={0x18, 0x0, 0x0, {0x8f0}}, 0x18) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x3) 988.543119ms ago: executing program 0 (id=28552): bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_io_uring_setup(0x4175, &(0x7f0000000180)={0x0, 0x7e15, 0x10000, 0x80001, 0x2d0}, &(0x7f0000000440), &(0x7f0000000400)) io_uring_enter(r0, 0x7b20, 0xe93c, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000740)={0x0, 0x0, 0x1}, 0x1) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000000680)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2) 810.955035ms ago: executing program 0 (id=28553): r0 = syz_usb_connect(0x2, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="9fcf"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000002140)={0xf, {"a2e3ad214fc752f91b500e0f30f70e06d038e7ff7fc6e5539b3275078b089b3b08385d090890e0878f0e1ac6e7049b3d6d959bffe8d178708c523c921b1b5b31300d3b5d0736cd3b78130baa61d8e809fc889b0709b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b906000000783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51015f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ff33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f761f13a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a99cc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000029566e78000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ebbd633500", 0x1000}}, 0x1006) 810.614344ms ago: executing program 7 (id=28554): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x38e72a2a, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000005}, 0x0) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f0000000080), 0x72a, 0x4000, 0x0) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 742.063041ms ago: executing program 7 (id=28556): syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2400}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r2}]}, 0x44}}, 0x4000000) 730.11506ms ago: executing program 3 (id=28557): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000040)={0x19, 0x5, 0xfd}) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000200)={0xb000000000000000, 0x100000, 0x40, 0x0, 0x1}) 635.854542ms ago: executing program 2 (id=28558): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) r1 = epoll_create(0x7f) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0xc}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0xd, "0062ba7d820700000000000000000000096304"}) syz_open_pts(r0, 0xc6080) 551.445638ms ago: executing program 2 (id=28559): r0 = socket$kcm(0x2, 0xa, 0x2) r1 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010, 0x1, 0x39d}, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_SEND={0x1a, 0x8, 0x0, r0, 0x0, 0x0, 0x0, 0x20000c00}) io_uring_enter(r1, 0x47ba, 0x3e80, 0x61, 0x0, 0xfedb) 541.068286ms ago: executing program 3 (id=28560): r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'macvtap0\x00', 0x0}) bind$packet(r0, &(0x7f0000001100)={0x11, 0x3, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x14) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000200)='\'', 0x1}], 0x1) 483.104362ms ago: executing program 3 (id=28561): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x3, 0x1, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x40000073, 0x0, 0x81}]}) 454.250017ms ago: executing program 7 (id=28562): r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x413, &(0x7f0000000340)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}}) truncate(&(0x7f0000000000)='./file0\x00', 0x6) 402.211035ms ago: executing program 2 (id=28563): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f00000004c0), 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}}, {{0x2}, {0x2, 0x1, 0x0, 0x1}}], 0x10) bind$can_raw(r0, &(0x7f0000000200)={0x1d, r1}, 0x10) 372.045332ms ago: executing program 7 (id=28564): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'tunl0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x6}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x3, 0x4}}}]}, 0x3c}}, 0x4004000) sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) 302.009224ms ago: executing program 2 (id=28565): socket(0x1d, 0x2, 0x6) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5) syz_clone3(&(0x7f0000000180)={0x23800000, &(0x7f0000000040)=0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58) io_setup(0x8, &(0x7f0000000600)=0x0) io_submit(r1, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r0, 0x0}]) 229.24365ms ago: executing program 3 (id=28566): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) r2 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0) rt_sigqueueinfo(r2, 0xb, &(0x7f0000000080)={0x36, 0x208, 0xfffffff3}) 129.811884ms ago: executing program 3 (id=28567): r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=@newchain={0x24, 0x64, 0x1, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xfff1, 0xc}, {0xffe0, 0xc}, {0xfff2, 0xffff}}}, 0x24}}, 0x20040000) 126.360512ms ago: executing program 7 (id=28568): r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'bond0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x8fdff, {0x0, 0x0, 0x0, r2, {0x0, 0xffed}, {0xf, 0xb}, {0xd, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8021}, 0x4008000) 122.729738ms ago: executing program 2 (id=28569): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e50226bd70000100000007000000", @ANYRES32=r2, @ANYBLOB="20000100", @ANYRES32=r0], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x20000100) 1.83806ms ago: executing program 2 (id=28570): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000200)={0xbe, 0x0, 0x1}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000002c0)={0x1, 0x0, [{0x4b564d02, 0xec000000, 0xcc}]}) 1.388666ms ago: executing program 7 (id=28571): mknodat$null(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x40, 0x103) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000180)=@v3={0x3000000, [{0x1, 0x2}, {0x7, 0xc1}]}, 0x18, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x11) r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file0\x00') execveat$binfmt(0xffffffffffffff9c, r0, 0x0, &(0x7f00000003c0)={[&(0x7f0000000240)='\x00', &(0x7f0000000300)='\')&*/$\x00']}, 0x0) 0s ago: executing program 3 (id=28572): write$tun(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="3a2f080000030300010000000000450a00280068000005069078ac1e0301ffffffff4e204e21", @ANYRES32=0x41424344], 0xfce) syz_usb_connect(0x2, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="120100000c9768405e0483020b9901e4020109021b000100000000090400fb0160291d000905"], 0x0) r0 = syz_open_dev$audion(&(0x7f0000000000), 0x3, 0x1) write$P9_RVERSION(r0, &(0x7f0000002200)=ANY=[], 0xfffffcd9) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000100)=0x8) kernel console output (not intermixed with test programs): idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 791.399296][ T829] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 791.402252][ T829] usb 12-1: Product: syz [ 791.403608][ T829] usb 12-1: Manufacturer: syz [ 791.419226][ T829] cdc_wdm 12-1:1.0: skipping garbage [ 791.421834][ T829] cdc_wdm 12-1:1.0: skipping garbage [ 791.434822][ T829] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device [ 791.437107][ T829] cdc_wdm 12-1:1.0: Unknown control protocol [ 791.649756][T15179] usb 12-1: USB disconnect, device number 14 [ 792.146710][T29353] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 792.261193][T29361] veth0_to_bridge: Caught tx_queue_len zero misconfig [ 792.318318][T29364] netlink: 4 bytes leftover after parsing attributes in process `syz.6.26092'. [ 792.355014][T29366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.26093'. [ 792.390963][T29366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.26093'. [ 793.803319][T29433] netlink: 4 bytes leftover after parsing attributes in process `syz.6.26121'. [ 794.696259][T29466] syz.6.26136 (29466): drop_caches: 2 [ 794.701319][T29466] syz.6.26136 (29466): drop_caches: 2 [ 794.966322][ T6111] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 794.975780][ T6111] CPU: 2 UID: 0 PID: 6111 Comm: kworker/u33:7 Tainted: G L syzkaller #0 PREEMPT(full) [ 794.975801][ T6111] Tainted: [L]=SOFTLOCKUP [ 794.975806][ T6111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 794.975815][ T6111] Workqueue: hci0 hci_rx_work [ 794.975836][ T6111] Call Trace: [ 794.975841][ T6111] [ 794.975846][ T6111] dump_stack_lvl+0x100/0x190 [ 794.975866][ T6111] sysfs_warn_dup.cold+0x1c/0x28 [ 794.975882][ T6111] sysfs_create_dir_ns+0x24b/0x2b0 [ 794.975898][ T6111] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 794.975912][ T6111] ? find_held_lock+0x2b/0x80 [ 794.975930][ T6111] ? kobject_add_internal+0x25f/0x930 [ 794.975945][ T6111] ? kobject_add_internal+0x25f/0x930 [ 794.975993][ T6111] ? do_raw_spin_unlock+0x145/0x1e0 [ 794.976016][ T6111] kobject_add_internal+0x2c8/0x930 [ 794.976038][ T6111] kobject_add+0x16a/0x1e0 [ 794.976056][ T6111] ? __pfx_kobject_add+0x10/0x10 [ 794.976074][ T6111] ? class_to_subsys+0x10f/0x150 [ 794.976102][ T6111] ? kobject_put+0xb9/0x640 [ 794.976119][ T6111] ? _raw_spin_unlock+0x28/0x50 [ 794.976141][ T6111] device_add+0x294/0x1950 [ 794.976162][ T6111] ? __pfx_dev_set_name+0x10/0x10 [ 794.976179][ T6111] ? __pfx_device_add+0x10/0x10 [ 794.976204][ T6111] ? mgmt_send_event_skb+0x2fb/0x460 [ 794.976228][ T6111] hci_conn_add_sysfs+0x1a3/0x260 [ 794.976241][ T6111] le_conn_complete_evt+0x11cb/0x1f40 [ 794.976262][ T6111] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 794.976285][ T6111] hci_le_enh_conn_complete_evt+0x23d/0x3b0 [ 794.976303][ T6111] ? skb_pull_data+0x15f/0x1e0 [ 794.976320][ T6111] hci_le_meta_evt+0x34a/0x5f0 [ 794.976333][ T6111] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 794.976362][ T6111] hci_event_packet+0x682/0x11c0 [ 794.976388][ T6111] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 794.976405][ T6111] ? __pfx_hci_event_packet+0x10/0x10 [ 794.976424][ T6111] ? kcov_remote_start+0x374/0x660 [ 794.976441][ T6111] ? lockdep_hardirqs_on+0x78/0x100 [ 794.976456][ T6111] hci_rx_work+0x451/0xfc0 [ 794.976476][ T6111] process_one_work+0x9d7/0x1920 [ 794.976498][ T6111] ? __pfx_process_one_work+0x10/0x10 [ 794.976517][ T6111] ? __pfx_hci_rx_work+0x10/0x10 [ 794.976535][ T6111] worker_thread+0x5da/0xe40 [ 794.976556][ T6111] ? kthread+0x13a/0x450 [ 794.976569][ T6111] ? __pfx_worker_thread+0x10/0x10 [ 794.976583][ T6111] kthread+0x370/0x450 [ 794.976597][ T6111] ? __pfx_kthread+0x10/0x10 [ 794.976611][ T6111] ret_from_fork+0x754/0xd80 [ 794.976628][ T6111] ? __pfx_ret_from_fork+0x10/0x10 [ 794.976644][ T6111] ? __switch_to+0x7b4/0x1120 [ 794.976656][ T6111] ? __pfx_kthread+0x10/0x10 [ 794.976670][ T6111] ret_from_fork_asm+0x1a/0x30 [ 794.976689][ T6111] [ 794.976704][ T6111] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 795.025961][T29499] netlink: 4 bytes leftover after parsing attributes in process `syz.6.26151'. [ 795.027326][ T6111] Bluetooth: hci0: failed to register connection device [ 795.340448][T29510] support for the xor transformation has been removed. [ 795.408569][T29512] netlink: 4 bytes leftover after parsing attributes in process `syz.7.26164'. [ 795.440671][T29514] erspan0: entered promiscuous mode [ 796.004125][T29548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.26174'. [ 796.007049][T29548] netlink: 'syz.2.26174': attribute type 21 has an invalid length. [ 797.127637][ T1413] aoe: packet could not be sent on bond0. consider increasing tx_queue_len [ 797.202293][T29613] netlink: 4 bytes leftover after parsing attributes in process `syz.2.26204'. [ 797.308104][T29619] netem: incorrect gi model size [ 797.310486][T29619] netem: change failed [ 797.609312][T29633] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 797.611646][T29633] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 797.723808][ T40] audit: type=1326 audit(2000000308.316:3958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29641 comm="syz.7.26217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74f6c code=0x7ffc0000 [ 797.735511][ T40] audit: type=1326 audit(2000000308.316:3959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29641 comm="syz.7.26217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74f6c code=0x7ffc0000 [ 797.742791][ T40] audit: type=1326 audit(2000000308.316:3960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29641 comm="syz.7.26217" exe="/syz-executor" sig=0 arch=40000003 syscall=298 compat=1 ip=0xf7f74f6c code=0x7ffc0000 [ 797.750929][ T40] audit: type=1326 audit(2000000308.316:3961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29641 comm="syz.7.26217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74f6c code=0x7ffc0000 [ 797.759150][ T40] audit: type=1326 audit(2000000308.316:3962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29641 comm="syz.7.26217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74f6c code=0x7ffc0000 [ 798.071829][T29653] netlink: 96 bytes leftover after parsing attributes in process `syz.9.26222'. [ 800.069378][ T40] audit: type=1326 audit(2000000310.505:3963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29793 comm="syz.6.26287" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x0 [ 800.350745][T29801] vivid-004: disconnect [ 800.826514][T29807] veth0: entered promiscuous mode [ 800.828917][T29807] veth0: left promiscuous mode [ 800.899558][T29809] netlink: 4 bytes leftover after parsing attributes in process `syz.9.26293'. [ 800.904080][T29809] netlink: 4 bytes leftover after parsing attributes in process `syz.9.26293'. [ 801.184165][T29800] vivid-004: reconnect [ 801.255030][T29822] bond0: entered promiscuous mode [ 801.256846][T29822] bond_slave_0: entered promiscuous mode [ 801.258736][T29822] bond_slave_1: entered promiscuous mode [ 801.274109][T29822] bond0: left promiscuous mode [ 801.276215][T29822] bond_slave_0: left promiscuous mode [ 801.278686][T29822] bond_slave_1: left promiscuous mode [ 801.522036][T29836] netlink: 12 bytes leftover after parsing attributes in process `syz.6.26306'. [ 801.541388][T29838] netlink: 4 bytes leftover after parsing attributes in process `syz.7.26307'. [ 802.193206][ T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 802.458762][T29879] kvm: kvm [29878]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000086) = 0x0 [ 802.656519][T29885] netlink: 4 bytes leftover after parsing attributes in process `syz.6.26328'. [ 803.302661][T29901] netlink: 16 bytes leftover after parsing attributes in process `syz.2.26331'. [ 803.422738][T12160] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 803.774220][T15179] usb 11-1: new high-speed USB device number 14 using dummy_hcd [ 803.955948][T15179] usb 11-1: Using ep0 maxpacket: 8 [ 803.959618][T15179] usb 11-1: config index 0 descriptor too short (expected 301, got 45) [ 803.962648][T15179] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 803.966285][T15179] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 803.977542][T15179] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 803.981203][T15179] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 803.985940][T15179] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 803.998695][T15179] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 804.227333][T15179] usb 11-1: GET_CAPABILITIES returned 0 [ 804.229764][T15179] usbtmc 11-1:16.0: can't read capabilities [ 804.447197][T29898] usbtmc 11-1:16.0: usbtmc488_ioctl_trigger returned -90 [ 804.453367][T18687] usb 11-1: USB disconnect, device number 14 [ 804.779959][ T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 804.814514][T29945] loop9: detected capacity change from 0 to 7 [ 804.832667][T29945] Dev loop9: unable to read RDB block 7 [ 804.834630][T29945] loop9: unable to read partition table [ 804.837342][T29945] loop9: partition table beyond EOD, truncated [ 804.839525][T29945] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 805.156726][T29967] random: crng reseeded on system resumption [ 805.576052][T15179] kernel read not supported for file /dsp (pid: 15179 comm: kworker/1:4) [ 805.966925][ T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 806.376647][T30009] binder: 30008:30009 ioctl c0306201 80000480 returned -22 [ 807.071154][T30027] netlink: 4 bytes leftover after parsing attributes in process `syz.6.26370'. [ 807.075274][T30027] netlink: 4 bytes leftover after parsing attributes in process `syz.6.26370'. [ 807.452848][T30054] netlink: 4 bytes leftover after parsing attributes in process `syz.6.26387'. [ 807.662024][T30063] hugetlbfs: syz.2.26382 (30063): Using mlock ulimits for SHM_HUGETLB is obsolete [ 807.904375][T30071] tun0: tun_chr_ioctl cmd 1074025675 [ 807.906252][T30071] tun0: persist disabled [ 809.345127][ T40] audit: type=1326 audit(2000000319.186:3964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30143 comm="syz.7.26417" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f74f6c code=0x0 [ 809.787445][T30176] netlink: 8 bytes leftover after parsing attributes in process `syz.6.26432'. [ 809.790750][T30176] netlink: 12 bytes leftover after parsing attributes in process `syz.6.26432'. [ 809.917210][T30191] syzkaller0: tun_chr_ioctl cmd 1074025678 [ 809.919109][T30191] syzkaller0: group set to 0 [ 810.261532][T30214] netlink: 'syz.9.26450': attribute type 8 has an invalid length. [ 810.299597][T30219] input: syz1 as /devices/virtual/input/input93 [ 810.722046][T30240] syz.9.26462: page allocation failure: order:6, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 810.728372][T30240] CPU: 1 UID: 0 PID: 30240 Comm: syz.9.26462 Tainted: G L syzkaller #0 PREEMPT(full) [ 810.728392][T30240] Tainted: [L]=SOFTLOCKUP [ 810.728396][T30240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 810.728404][T30240] Call Trace: [ 810.728409][T30240] [ 810.728415][T30240] dump_stack_lvl+0x100/0x190 [ 810.728435][T30240] warn_alloc.cold+0x95/0x1c1 [ 810.728456][T30240] ? __pfx_warn_alloc+0x10/0x10 [ 810.728474][T30240] ? psi_memstall_leave+0x19c/0x2e0 [ 810.728490][T30240] ? __pfx___might_resched+0x10/0x10 [ 810.728510][T30240] __alloc_frozen_pages_noprof+0xf36/0x2ba0 [ 810.728533][T30240] ? finish_task_switch.isra.0+0x200/0xb80 [ 810.728545][T30240] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 810.728561][T30240] ? finish_task_switch.isra.0+0x205/0xb80 [ 810.728572][T30240] ? lockdep_hardirqs_on+0x78/0x100 [ 810.728586][T30240] ? trace_sched_exit_tp+0x13a/0x180 [ 810.728601][T30240] ? __lock_acquire+0x4a5/0x2630 [ 810.728615][T30240] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 810.728635][T30240] ? policy_nodemask+0xed/0x4f0 [ 810.728655][T30240] alloc_pages_mpol+0x1fb/0x550 [ 810.728674][T30240] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 810.728693][T30240] ? __lock_acquire+0x4a5/0x2630 [ 810.728707][T30240] ? v9fs_alloc_rdir_buf.isra.0+0x5d/0xb0 [ 810.728718][T30240] ___kmalloc_large_node+0x104/0x150 [ 810.728731][T30240] __kmalloc_large_node_noprof+0x1c/0x70 [ 810.728744][T30240] __kmalloc_noprof+0x5be/0x850 [ 810.728759][T30240] ? register_lock_class+0x40/0x560 [ 810.728775][T30240] v9fs_alloc_rdir_buf.isra.0+0x5d/0xb0 [ 810.728787][T30240] v9fs_dir_readdir+0x156/0x720 [ 810.728797][T30240] ? __lock_acquire+0x4a5/0x2630 [ 810.728812][T30240] ? rcu_is_watching+0x12/0xc0 [ 810.728828][T30240] ? __pfx_v9fs_dir_readdir+0x10/0x10 [ 810.728850][T30240] ? __pfx___might_resched+0x10/0x10 [ 810.728871][T30240] ? common_file_perm+0x1ab/0x4f0 [ 810.728893][T30240] iterate_dir+0x296/0xae0 [ 810.728912][T30240] __ia32_compat_sys_getdents+0x13a/0x2b0 [ 810.728930][T30240] ? __pfx___ia32_compat_sys_getdents+0x10/0x10 [ 810.728947][T30240] ? xfd_validate_state+0x129/0x190 [ 810.728963][T30240] ? __pfx_compat_filldir+0x10/0x10 [ 810.728985][T30240] __do_fast_syscall_32+0xe3/0x8c0 [ 810.729000][T30240] do_fast_syscall_32+0x32/0x70 [ 810.729013][T30240] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 810.729028][T30240] RIP: 0023:0xf700ef6c [ 810.729038][T30240] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad [ 810.729048][T30240] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 000000000000008d [ 810.729059][T30240] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0 [ 810.729066][T30240] RDX: 000000000000002d RSI: 0000000000000000 RDI: 0000000000000000 [ 810.729072][T30240] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 810.729078][T30240] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 810.729084][T30240] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 810.729098][T30240] [ 810.729102][T30240] Mem-Info: [ 810.755504][T30243] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input94 [ 810.757993][T30240] active_anon:1658 inactive_anon:96 isolated_anon:0 [ 810.757993][T30240] active_file:1145 inactive_file:1589 isolated_file:0 [ 810.757993][T30240] unevictable:1768 dirty:254 writeback:0 [ 810.757993][T30240] slab_reclaimable:8313 slab_unreclaimable:76582 [ 810.757993][T30240] mapped:22067 shmem:1812 pagetables:2226 [ 810.757993][T30240] sec_pagetables:347 bounce:0 [ 810.757993][T30240] kernel_misc_reclaimable:0 [ 810.757993][T30240] free:62732 free_pcp:741 free_cma:0 [ 810.893668][T30240] Node 0 active_anon:0kB inactive_anon:56kB active_file:160kB inactive_file:480kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:524kB dirty:48kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8096kB pagetables:1252kB sec_pagetables:1116kB all_unreclaimable? yes Balloon:0kB [ 810.905454][T30240] Node 1 active_anon:1032kB inactive_anon:6024kB active_file:1720kB inactive_file:7820kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:87744kB dirty:68kB writeback:0kB shmem:3712kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7580kB pagetables:7752kB sec_pagetables:272kB all_unreclaimable? no Balloon:0kB [ 810.915573][T30240] Node 0 DMA free:3964kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:20kB inactive_file:140kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 810.926097][T30240] lowmem_reserve[]: 0 285 285 285 285 [ 810.928561][T30240] Node 0 DMA32 free:31852kB boost:18432kB min:31504kB low:34772kB high:38040kB reserved_highatomic:2048KB free_highatomic:196KB active_anon:0kB inactive_anon:56kB active_file:140kB inactive_file:340kB unevictable:3536kB writepending:0kB zspages:1572kB present:1032196kB managed:292672kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 810.940085][T30240] lowmem_reserve[]: 0 0 0 0 0 [ 810.941700][T30240] Node 1 DMA32 free:215004kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1132kB inactive_anon:6024kB active_file:1720kB inactive_file:7820kB unevictable:3536kB writepending:0kB zspages:5104kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:3432kB local_pcp:616kB free_cma:0kB [ 810.957569][T30240] lowmem_reserve[]: 0 0 0 0 0 [ 810.959439][T30240] Node 0 DMA: 99*4kB (UM) 104*8kB (UM) 49*16kB (UM) 37*32kB (UM) 0*64kB 2*128kB (M) 0*256kB 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 3964kB [ 810.964396][T30240] Node 0 DMA32: 1285*4kB (UMEH) 459*8kB (UMEH) 240*16kB (UMH) 238*32kB (UMEH) 87*64kB (UME) 33*128kB (UME) 7*256kB (UE) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 31852kB [ 810.970132][T30240] Node 1 DMA32: 6042*4kB (UME) 7387*8kB (UME) 7191*16kB (UME) 224*32kB (UME) 82*64kB (UME) 32*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 214832kB [ 810.975994][T30240] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 810.979251][T30240] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 810.983082][T30240] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 810.987047][T30240] Node 1 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 810.990168][T30240] 5368 total pagecache pages [ 810.992082][T30240] 951 pages in swap cache [ 810.993662][T30240] Free swap = 59668kB [ 811.005912][T30240] Total swap = 124996kB [ 811.007401][T30240] 524155 pages RAM [ 811.008682][T30240] 0 pages HighMem/MovableOnly [ 811.010355][T30240] 210094 pages reserved [ 811.012549][T30240] 0 pages cma reserved [ 811.375882][T30263] sch_fq: defrate 0 ignored. [ 812.455165][ T50] usb 14-1: new high-speed USB device number 5 using dummy_hcd [ 812.533370][ T40] audit: type=1326 audit(2000000322.160:3965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30342 comm="syz.6.26509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 812.540133][ T40] audit: type=1326 audit(2000000322.160:3966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30342 comm="syz.6.26509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 812.550907][ T40] audit: type=1326 audit(2000000322.160:3967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30342 comm="syz.6.26509" exe="/syz-executor" sig=0 arch=40000003 syscall=181 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 812.558102][ T40] audit: type=1326 audit(2000000322.160:3968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30342 comm="syz.6.26509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 812.567621][ T40] audit: type=1326 audit(2000000322.160:3969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30342 comm="syz.6.26509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 812.615620][ T50] usb 14-1: Using ep0 maxpacket: 8 [ 812.624253][ T50] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 812.629636][ T50] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 812.632955][ T50] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 812.636255][ T50] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 812.645628][ T50] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 812.648943][ T50] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 812.880489][ T50] usb 14-1: GET_CAPABILITIES returned 0 [ 812.882463][ T50] usbtmc 14-1:16.0: can't read capabilities [ 813.100139][ T50] usb 14-1: USB disconnect, device number 5 [ 813.838807][ T40] audit: type=1326 audit(2000000323.385:3970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30361 comm="syz.9.26519" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 813.847831][T30363] veth0: entered promiscuous mode [ 813.849334][ T40] audit: type=1326 audit(2000000323.385:3971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30361 comm="syz.9.26519" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 813.850475][T30363] veth0: left promiscuous mode [ 813.858393][ T40] audit: type=1326 audit(2000000323.404:3972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30361 comm="syz.9.26519" exe="/syz-executor" sig=0 arch=40000003 syscall=395 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 813.865853][ T40] audit: type=1326 audit(2000000323.404:3973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30361 comm="syz.9.26519" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 814.149602][T30382] netlink: 4 bytes leftover after parsing attributes in process `syz.9.26528'. [ 814.258616][T30388] syz.2.26532 (30388): drop_caches: 2 [ 814.260804][T30388] syz.2.26532 (30388): drop_caches: 2 [ 814.605774][T30396] 9pnet_virtio: no channels available for device syz [ 814.614292][T30396] overlayfs: overlapping lowerdir path [ 814.684381][T30403] netlink: 4 bytes leftover after parsing attributes in process `syz.2.26539'. [ 814.691504][T30403] bridge0: entered promiscuous mode [ 814.693332][T30403] macvtap1: entered promiscuous mode [ 814.706313][T30403] macvtap1: entered allmulticast mode [ 814.723492][T30403] bridge0: entered allmulticast mode [ 814.726119][T30403] bridge0: port 1(macvtap1) entered blocking state [ 814.732528][T30403] bridge0: port 1(macvtap1) entered disabled state [ 814.789488][T30411] syz.9.26542 (30411): drop_caches: 2 [ 814.794360][T30411] syz.9.26542 (30411): drop_caches: 2 [ 814.797092][T30403] bridge0: left allmulticast mode [ 814.798933][T30403] bridge0: left promiscuous mode [ 815.081686][T30429] netlink: 'syz.2.26548': attribute type 4 has an invalid length. [ 815.185876][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 815.185888][ T40] audit: type=1326 audit(2000000324.639:3978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30434 comm="syz.6.26553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 815.218655][ T40] audit: type=1326 audit(2000000324.639:3979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30434 comm="syz.6.26553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 815.226066][ T40] audit: type=1326 audit(2000000324.658:3980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30434 comm="syz.6.26553" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 815.233287][ T40] audit: type=1326 audit(2000000324.658:3981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30434 comm="syz.6.26553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 815.241324][ T40] audit: type=1326 audit(2000000324.658:3982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30434 comm="syz.6.26553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 815.248911][ T40] audit: type=1326 audit(2000000324.658:3983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30434 comm="syz.6.26553" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 815.256518][ T40] audit: type=1326 audit(2000000324.658:3984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30434 comm="syz.6.26553" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef78 code=0x7ffc0000 [ 815.266625][ T40] audit: type=1326 audit(2000000324.658:3985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30434 comm="syz.6.26553" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef78 code=0x7ffc0000 [ 815.281606][ T40] audit: type=1326 audit(2000000324.658:3986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30434 comm="syz.6.26553" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef78 code=0x7ffc0000 [ 815.301908][ T40] audit: type=1326 audit(2000000324.658:3987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30434 comm="syz.6.26553" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef78 code=0x7ffc0000 [ 815.353204][T30442] ip6gre0: Caught tx_queue_len zero misconfig [ 815.361387][T30445] syz.7.26554 (30445): drop_caches: 2 [ 815.372235][T30445] syz.7.26554 (30445): drop_caches: 2 [ 815.759255][T30465] netlink: 32 bytes leftover after parsing attributes in process `syz.7.26567'. [ 815.762586][T30465] smc: ib device syz2 ibport 1 applied user defined pnetid SYZ2 [ 815.766342][T30465] smc: ib device syz2 ibport 1 erased user defined pnetid SYZ2 [ 817.012464][ T2199] block nbd1: Possible stuck request ffff888027f20000: control (read@0,4096B). Runtime 210 seconds [ 817.835484][ T6111] Bluetooth: hci0: link tx timeout [ 817.838516][ T6111] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 817.846590][ T6111] Bluetooth: hci0: link tx timeout [ 817.848730][ T6111] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 817.887616][ T6111] Bluetooth: hci0: link tx timeout [ 817.889829][ T6111] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 817.920477][ T6111] Bluetooth: hci0: link tx timeout [ 817.922222][ T6111] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 818.421957][ T6111] Bluetooth: hci0: link tx timeout [ 818.423686][ T6111] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 818.808817][ T6111] Bluetooth: hci0: link tx timeout [ 818.810476][ T6111] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 818.933798][ T6111] Bluetooth: hci0: link tx timeout [ 818.936199][ T6111] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 819.019334][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 819.073128][ T2915] block nbd2: Possible stuck request ffff888027f60000: control (read@0,4096B). Runtime 210 seconds [ 819.533878][ T6111] Bluetooth: hci0: link tx timeout [ 819.536250][ T6111] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 819.604130][T30637] netlink: 20 bytes leftover after parsing attributes in process `syz.6.26633'. [ 820.058775][ T6111] Bluetooth: hci0: command 0x0406 tx timeout [ 820.076073][T13050] kernel write not supported for file /uinput (pid: 13050 comm: kworker/3:0) [ 820.080135][ T6111] Bluetooth: hci0: link tx timeout [ 820.141195][ T6111] Bluetooth: hci0: link tx timeout [ 821.216950][ T6112] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 821.221879][ T6112] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 821.225834][ T6112] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 821.230422][ T6112] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 821.233235][ T6112] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 821.559026][ T209] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 821.583286][ T209] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 821.662097][T30727] ip6_vti0 speed is unknown, defaulting to 1000 [ 821.842362][ T842] e1000 0000:00:06.0 eth0: Reset adapter [ 822.080795][ T209] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 822.084071][ T209] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 822.269802][ T842] e1000 0000:00:06.0 eth0: Reset adapter [ 822.473575][ T209] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 822.477844][ T209] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 822.794582][ T209] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 822.798482][ T209] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 822.959330][T30727] chnl_net:caif_netlink_parms(): no params data found [ 822.998056][ T6112] Bluetooth: hci0: link tx timeout [ 823.178648][T30727] bridge0: port 1(bridge_slave_0) entered blocking state [ 823.181472][T30727] bridge0: port 1(bridge_slave_0) entered disabled state [ 823.183822][T30727] bridge_slave_0: entered allmulticast mode [ 823.186574][T30727] bridge_slave_0: entered promiscuous mode [ 823.190367][ T209] bridge_slave_1: left allmulticast mode [ 823.192802][ T209] bridge_slave_1: left promiscuous mode [ 823.195258][ T209] bridge0: port 2(bridge_slave_1) entered disabled state [ 823.264196][ T209] bridge_slave_0: left allmulticast mode [ 823.266285][ T209] bridge_slave_0: left promiscuous mode [ 823.268425][ T209] bridge0: port 1(bridge_slave_0) entered disabled state [ 823.477336][ T6112] Bluetooth: hci1: command tx timeout [ 824.409189][ T209] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 824.482843][ T209] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 824.536528][ T209] bond0 (unregistering): Released all slaves [ 824.579374][T30727] bridge0: port 2(bridge_slave_1) entered blocking state [ 824.582484][T30727] bridge0: port 2(bridge_slave_1) entered disabled state [ 824.585628][T30727] bridge_slave_1: entered allmulticast mode [ 824.590302][T30727] bridge_slave_1: entered promiscuous mode [ 824.606257][T30727] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 824.612441][T30727] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 824.641027][T30727] team0: Port device team_slave_0 added [ 824.645370][T30727] team0: Port device team_slave_1 added [ 824.665548][T30727] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 824.668742][T30727] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 824.681227][T30727] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 824.687885][T30727] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 824.690801][T30727] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 824.701969][T30727] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 824.730700][T30727] hsr_slave_0: entered promiscuous mode [ 824.733130][T30727] hsr_slave_1: entered promiscuous mode [ 824.735414][T30727] debugfs: 'hsr0' already exists in 'hsr' [ 824.737442][T30727] Cannot create hsr debugfs directory [ 824.753983][ T6112] Bluetooth: hci0: link tx timeout [ 824.775498][ T6112] Bluetooth: hci0: link tx timeout [ 824.836359][ T842] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 825.690380][ T6112] Bluetooth: hci1: command tx timeout [ 826.122441][ T6112] Bluetooth: hci0: link tx timeout [ 826.589472][ T209] hsr_slave_0: left promiscuous mode [ 826.642099][ T209] hsr_slave_1: left promiscuous mode [ 826.645145][ T209] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 826.648154][ T209] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 826.706799][ T209] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 826.709203][ T209] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 826.792580][ T209] veth1_macvtap: left promiscuous mode [ 826.794733][ T209] veth0_macvtap: left promiscuous mode [ 826.797072][ T209] veth1_vlan: left promiscuous mode [ 826.798940][ T209] veth0_vlan: left promiscuous mode [ 827.776501][ T209] team0 (unregistering): Port device team_slave_1 removed [ 827.839771][ T209] team0 (unregistering): Port device team_slave_0 removed [ 827.919130][ T6112] Bluetooth: hci1: command tx timeout [ 828.216193][ T6112] Bluetooth: hci0: link tx timeout [ 828.484973][T30727] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 828.523352][T30727] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 828.559295][T30727] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 828.601807][T30727] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 828.718516][T30727] 8021q: adding VLAN 0 to HW filter on device bond0 [ 828.737045][T30727] 8021q: adding VLAN 0 to HW filter on device team0 [ 828.748084][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 828.751117][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 828.764551][T11045] bridge0: port 2(bridge_slave_1) entered blocking state [ 828.767075][T11045] bridge0: port 2(bridge_slave_1) entered forwarding state [ 828.941384][T30727] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 828.973495][T30727] veth0_vlan: entered promiscuous mode [ 828.978902][T30727] veth1_vlan: entered promiscuous mode [ 828.995536][T30727] veth0_macvtap: entered promiscuous mode [ 829.024788][T30727] veth1_macvtap: entered promiscuous mode [ 829.057652][T30727] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 829.063989][T30727] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 829.070574][ T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 829.073922][ T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 829.076981][ T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 829.106450][ T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 829.233770][ T128] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 829.237121][ T128] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 829.265686][ T209] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 829.268075][ T209] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 829.395526][ T6112] Bluetooth: hci0: link tx timeout [ 830.137274][ T6112] Bluetooth: hci1: command tx timeout [ 830.355362][ T6112] Bluetooth: hci0: link tx timeout [ 831.102925][ T6112] Bluetooth: hci0: link tx timeout [ 832.465049][ T5341] udevd[5341]: worker [21084] /devices/virtual/block/nbd1 timeout; kill it [ 832.468442][ T5341] udevd[5341]: seq 45807 '/devices/virtual/block/nbd1' killed [ 832.470834][ T5341] udevd[5341]: worker [14469] /devices/virtual/block/nbd2 timeout; kill it [ 832.474033][ T5341] udevd[5341]: seq 45847 '/devices/virtual/block/nbd2' killed [ 832.493886][ T6112] Bluetooth: hci0: link tx timeout [ 833.671607][ T6112] Bluetooth: hci0: link tx timeout [ 847.460895][ T6112] Bluetooth: hci0: link tx timeout [ 849.177990][ T2199] block nbd1: Possible stuck request ffff888027f20000: control (read@0,4096B). Runtime 240 seconds [ 851.219421][ T2915] block nbd2: Possible stuck request ffff888027f60000: control (read@0,4096B). Runtime 240 seconds [ 853.519829][T12160] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 853.678440][T12160] usb 5-1: Using ep0 maxpacket: 8 [ 853.684064][T12160] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 853.686901][T12160] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 853.691025][T12160] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 853.694173][T12160] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 853.697381][T12160] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 853.702083][T12160] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 853.704976][T12160] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 853.790250][T31045] netlink: 'syz.2.26739': attribute type 21 has an invalid length. [ 853.793379][T31045] netlink: 128 bytes leftover after parsing attributes in process `syz.2.26739'. [ 853.796466][T31045] netlink: 3 bytes leftover after parsing attributes in process `syz.2.26739'. [ 853.881406][ T1025] usb 12-1: new high-speed USB device number 15 using dummy_hcd [ 853.935643][T12160] usb 5-1: GET_CAPABILITIES returned 0 [ 853.937444][T12160] usbtmc 5-1:16.0: can't read capabilities [ 854.052156][ T1025] usb 12-1: Using ep0 maxpacket: 32 [ 854.056657][ T1025] usb 12-1: config 0 has an invalid interface number: 67 but max is 0 [ 854.059714][ T1025] usb 12-1: config 0 has no interface number 0 [ 854.064407][ T1025] usb 12-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 854.067670][ T1025] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 854.070304][ T1025] usb 12-1: Product: syz [ 854.071664][ T1025] usb 12-1: Manufacturer: syz [ 854.075892][ T1025] usb 12-1: SerialNumber: syz [ 854.082083][ T1025] usb 12-1: config 0 descriptor?? [ 854.086920][ T1025] smsc95xx 12-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 854.091958][ T1025] smsc95xx 12-1:0.67: probe with driver smsc95xx failed with error -22 [ 854.156294][T12160] usb 5-1: USB disconnect, device number 17 [ 854.307005][ T6188] usb 12-1: USB disconnect, device number 15 [ 854.823093][ T1025] kernel read not supported for file /dsp1 (pid: 1025 comm: kworker/0:2) [ 854.915609][T31065] netlink: 20 bytes leftover after parsing attributes in process `syz.7.26748'. [ 854.994913][T31074] netlink: 8 bytes leftover after parsing attributes in process `syz.7.26752'. [ 856.021803][T31123] overlayfs: workdir and upperdir must reside under the same mount [ 856.148373][T31130] netlink: 8 bytes leftover after parsing attributes in process `syz.9.26778'. [ 856.374735][T31143] mkiss: ax0: crc mode is auto. [ 856.845267][T31159] vcan0: tx address claim with dest, not broadcast [ 856.888842][T31161] Context (ID=0x1) not attached to queue pair (handle=0x1:0x81) [ 856.938639][T31165] 9p: Invalid uid '0x00000000ffffffff' [ 857.312821][ T1025] IPVS: starting estimator thread 0... [ 857.420647][T31191] IPVS: using max 45 ests per chain, 108000 per kthread [ 857.930021][ T40] kauditd_printk_skb: 406 callbacks suppressed [ 857.930033][ T40] audit: type=1800 audit(2000000364.627:4394): pid=31232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.26828" name="file0" dev="9p" ino=74973545 res=0 errno=0 [ 857.956732][T31232] netfs: Couldn't get user pages (rc=-14) [ 858.660993][T31251] IPv6: NLM_F_CREATE should be specified when creating new route [ 859.398458][T31301] netlink: 4 bytes leftover after parsing attributes in process `syz.7.26860'. [ 860.184238][T31350] netlink: 36 bytes leftover after parsing attributes in process `syz.9.26883'. [ 860.319530][T31357] cgroup: fork rejected by pids controller in /syz7 [ 860.434889][T28295] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 860.606912][T28295] usb 5-1: Using ep0 maxpacket: 8 [ 860.610699][T28295] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 860.614371][T28295] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 860.627786][T28295] pvrusb2: Hardware description: Terratec Grabster AV400 [ 860.630289][T28295] pvrusb2: ********** [ 860.632267][T28295] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 860.636392][T28295] pvrusb2: Important functionality might not be entirely working. [ 860.641362][T28295] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 860.645618][T28295] pvrusb2: ********** [ 860.734604][T22920] syz_tun (unregistering): left allmulticast mode [ 860.736787][T22920] syz_tun (unregistering): left promiscuous mode [ 860.738839][T22920] bridge0: port 3(syz_tun) entered disabled state [ 860.848000][ T2483] pvrusb2: Invalid write control endpoint [ 860.939681][ T2483] pvrusb2: Invalid write control endpoint [ 860.942777][ T2483] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 860.946883][ T2483] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 860.950437][ T2483] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 860.953655][ T2483] pvrusb2: Device being rendered inoperable [ 860.960195][ T2483] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 860.962646][ T2483] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 860.974766][ T2483] pvrusb2: Attached sub-driver cx25840 [ 860.978311][ T2483] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 860.981955][ T2483] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 861.066754][T31347] pvrusb2: Attempted to execute control transfer when device not ok [ 861.072650][T28295] usb 5-1: USB disconnect, device number 18 [ 861.180800][ T6111] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 861.194686][ T6111] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 861.198233][ T6111] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 861.201474][ T6111] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 861.207756][ T6111] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 861.447941][T31395] CUSE: info not properly terminated [ 861.508104][T31386] ip6_vti0 speed is unknown, defaulting to 1000 [ 861.795731][T31386] chnl_net:caif_netlink_parms(): no params data found [ 861.932313][T31386] bridge0: port 1(bridge_slave_0) entered blocking state [ 861.935095][T31386] bridge0: port 1(bridge_slave_0) entered disabled state [ 861.938841][T31386] bridge_slave_0: entered allmulticast mode [ 861.942283][T31386] bridge_slave_0: entered promiscuous mode [ 861.946308][T31386] bridge0: port 2(bridge_slave_1) entered blocking state [ 861.949032][T31386] bridge0: port 2(bridge_slave_1) entered disabled state [ 861.951481][T31386] bridge_slave_1: entered allmulticast mode [ 861.954723][T31386] bridge_slave_1: entered promiscuous mode [ 861.985158][T31386] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 861.990114][T31386] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 862.008595][T31386] team0: Port device team_slave_0 added [ 862.012329][T31386] team0: Port device team_slave_1 added [ 862.020879][ T209] bridge_slave_1: left allmulticast mode [ 862.022713][ T209] bridge_slave_1: left promiscuous mode [ 862.039666][ T209] bridge0: port 2(bridge_slave_1) entered disabled state [ 862.129040][ T209] bridge_slave_0: left allmulticast mode [ 862.130896][ T209] bridge_slave_0: left promiscuous mode [ 862.132876][ T209] bridge0: port 1(bridge_slave_0) entered disabled state [ 862.171666][T31424] loop9: detected capacity change from 0 to 7 [ 862.564609][T31424] Dev loop9: unable to read RDB block 7 [ 862.566570][T31424] loop9: unable to read partition table [ 862.568684][T31424] loop9: partition table beyond EOD, truncated [ 862.573187][T31424] loop_reread_partitions: partition scan of loop9 () failed (rc=-5) [ 862.812107][ T1413] aoe: packet could not be sent on bond0. consider increasing tx_queue_len [ 863.144034][ T209] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 863.182621][ T209] bond_slave_0: left promiscuous mode [ 863.225747][ T209] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 863.257490][ T209] bond_slave_1: left promiscuous mode [ 863.300833][ T209] bond0 (unregistering): (slave bond2): Releasing backup interface [ 863.343006][ T209] bond2 (unregistering): left promiscuous mode [ 863.345347][ T209] bond0 (unregistering): Released all slaves [ 863.349935][ T209] bond1 (unregistering): Released all slaves [ 863.357477][ T209] bond2 (unregistering): Released all slaves [ 863.417548][ T6112] Bluetooth: hci3: command tx timeout [ 863.508541][T31386] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 863.512329][T31386] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 863.523991][T31386] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 863.528743][T31386] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 863.530941][T31386] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 863.541310][T31386] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 863.583916][T31386] hsr_slave_0: entered promiscuous mode [ 863.587122][T31386] hsr_slave_1: entered promiscuous mode [ 863.590457][T31386] debugfs: 'hsr0' already exists in 'hsr' [ 863.592898][T31386] Cannot create hsr debugfs directory [ 863.811788][T31459] netlink: 'syz.9.26925': attribute type 8 has an invalid length. [ 864.242080][ T6163] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 864.413818][ T6163] usb 5-1: Using ep0 maxpacket: 8 [ 864.418006][ T6163] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 864.421064][ T6163] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 864.424661][ T6163] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 864.428258][ T6163] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 864.432569][ T6163] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 864.435739][ T6163] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 864.667968][ T6163] usb 5-1: GET_CAPABILITIES returned 0 [ 864.669754][ T6163] usbtmc 5-1:16.0: can't read capabilities [ 864.880597][T28295] usb 5-1: USB disconnect, device number 19 [ 865.053210][ T209] hsr_slave_0: left promiscuous mode [ 865.095600][ T209] hsr_slave_1: left promiscuous mode [ 865.099471][ T209] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 865.125432][T31501] input: syz1 as /devices/virtual/input/input95 [ 865.139239][ T209] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 865.181633][ T209] batman_adv: batadv0: Interface deactivated: macsec2 [ 865.184239][ T209] batman_adv: batadv0: Removing interface: macsec2 [ 865.501295][T31509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.26943'. [ 865.605899][ T40] audit: type=1326 audit(2000000371.802:4395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31515 comm="syz.0.26945" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 865.618145][ T40] audit: type=1326 audit(2000000371.802:4396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31515 comm="syz.0.26945" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704ef78 code=0x7ffc0000 [ 865.630136][ T40] audit: type=1326 audit(2000000371.802:4397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31515 comm="syz.0.26945" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 865.631212][ T6112] Bluetooth: hci3: command tx timeout [ 865.644468][ T40] audit: type=1326 audit(2000000371.811:4398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31515 comm="syz.0.26945" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 865.662519][ T40] audit: type=1326 audit(2000000371.811:4399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31515 comm="syz.0.26945" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704ef78 code=0x7ffc0000 [ 865.670427][ T40] audit: type=1326 audit(2000000371.811:4400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31515 comm="syz.0.26945" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 865.678514][ T40] audit: type=1326 audit(2000000371.811:4401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31515 comm="syz.0.26945" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 865.685399][ T40] audit: type=1326 audit(2000000371.811:4402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31515 comm="syz.0.26945" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704ef78 code=0x7ffc0000 [ 865.692182][ T40] audit: type=1326 audit(2000000371.811:4403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31515 comm="syz.0.26945" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704ef78 code=0x7ffc0000 [ 865.700600][ T40] audit: type=1326 audit(2000000371.811:4404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31515 comm="syz.0.26945" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704ef78 code=0x7ffc0000 [ 866.108946][T31386] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 866.147840][T31386] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 866.190469][T31386] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 866.222454][T31386] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 866.291921][ T6163] kernel write not supported for file /snd/seq (pid: 6163 comm: kworker/1:3) [ 866.333521][T31548] veth1_to_batadv: entered promiscuous mode [ 866.335517][T31548] macsec1: entered promiscuous mode [ 866.369989][T31386] 8021q: adding VLAN 0 to HW filter on device bond0 [ 866.392867][T31386] 8021q: adding VLAN 0 to HW filter on device team0 [ 866.399114][T28039] bridge0: port 1(bridge_slave_0) entered blocking state [ 866.401473][T28039] bridge0: port 1(bridge_slave_0) entered forwarding state [ 866.407799][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 866.410137][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 866.589312][T31386] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 866.670476][ T209] IPVS: stop unused estimator thread 0... [ 866.816135][T31386] veth0_vlan: entered promiscuous mode [ 866.825962][T31386] veth1_vlan: entered promiscuous mode [ 866.848135][T31386] veth0_macvtap: entered promiscuous mode [ 866.852636][T31386] veth1_macvtap: entered promiscuous mode [ 866.862430][T31386] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 866.869795][T31386] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 866.878977][ T128] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 866.882829][ T128] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 866.886217][ T128] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 866.888974][ T128] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 867.032883][T11045] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 867.035476][T11045] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 867.056257][T11045] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 867.059352][T11045] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 867.417387][T31599] netlink: 'syz.2.26977': attribute type 2 has an invalid length. [ 867.854382][ T6112] Bluetooth: hci3: command tx timeout [ 868.535224][T31664] sctp: [Deprecated]: syz.0.27005 (pid 31664) Use of int in maxseg socket option. [ 868.535224][T31664] Use struct sctp_assoc_value instead [ 868.701134][T31679] macvlan0: left allmulticast mode [ 868.703170][T31679] netlink: 'syz.2.27012': attribute type 1 has an invalid length. [ 868.705812][T31679] netlink: 'syz.2.27012': attribute type 2 has an invalid length. [ 868.866823][T31693] sctp: [Deprecated]: syz.7.27018 (pid 31693) Use of int in maxseg socket option. [ 868.866823][T31693] Use struct sctp_assoc_value instead [ 868.977623][T31704] macvlan0: entered promiscuous mode [ 868.979398][T31704] netlink: 'syz.0.27023': attribute type 1 has an invalid length. [ 868.981874][T31704] netlink: 'syz.0.27023': attribute type 2 has an invalid length. [ 869.544723][T31724] netlink: 'syz.0.27034': attribute type 21 has an invalid length. [ 869.548178][T31724] netlink: 128 bytes leftover after parsing attributes in process `syz.0.27034'. [ 869.551770][T31724] netlink: 3 bytes leftover after parsing attributes in process `syz.0.27034'. [ 869.714084][T14809] kernel read not supported for file /dsp1 (pid: 14809 comm: kworker/3:5) [ 869.805294][T31732] 8021q: adding VLAN 0 to HW filter on device bond1 [ 869.808772][T31732] bond0: (slave bond1): Enslaving as an active interface with an up link [ 870.078168][ T6112] Bluetooth: hci3: command tx timeout [ 870.218178][T31766] 8021q: adding VLAN 0 to HW filter on device bond9 [ 870.221276][T31766] bond0: (slave bond9): Enslaving as an active interface with a down link [ 870.520679][T31775] Cache volume key already in use (9p,syz,) [ 870.811000][T31791] netlink: 4 bytes leftover after parsing attributes in process `syz.0.27065'. [ 870.832115][T31793] 8021q: adding VLAN 0 to HW filter on device bond1 [ 870.839574][T31793] bond0: (slave bond1): Enslaving as an active interface with an up link [ 870.971815][T31804] netlink: 8 bytes leftover after parsing attributes in process `syz.2.27078'. [ 871.083071][T28295] usb 12-1: new high-speed USB device number 16 using dummy_hcd [ 871.242789][T28295] usb 12-1: Using ep0 maxpacket: 8 [ 871.254840][T28295] usb 12-1: config index 0 descriptor too short (expected 301, got 45) [ 871.258008][T28295] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 871.261992][T28295] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 871.265577][T28295] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 871.268742][T28295] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 871.273179][T28295] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 871.277542][T28295] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 871.503917][T28295] usb 12-1: GET_CAPABILITIES returned 0 [ 871.505784][T28295] usbtmc 12-1:16.0: can't read capabilities [ 871.736792][T31837] mkiss: ax0: crc mode is auto. [ 871.748457][ T40] kauditd_printk_skb: 47 callbacks suppressed [ 871.748468][ T40] audit: type=1326 audit(2000000377.554:4452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31838 comm="syz.9.27094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 871.754902][T13050] usb 12-1: USB disconnect, device number 16 [ 871.759194][ T40] audit: type=1326 audit(2000000377.564:4453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31838 comm="syz.9.27094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 871.770074][ T40] audit: type=1326 audit(2000000377.573:4454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31838 comm="syz.9.27094" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 871.776850][ T40] audit: type=1326 audit(2000000377.573:4455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31838 comm="syz.9.27094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 871.784707][ T40] audit: type=1326 audit(2000000377.573:4456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31838 comm="syz.9.27094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 871.793482][ T40] audit: type=1326 audit(2000000377.573:4457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31838 comm="syz.9.27094" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 871.801033][ T40] audit: type=1326 audit(2000000377.573:4458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31838 comm="syz.9.27094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 871.808007][ T40] audit: type=1326 audit(2000000377.573:4459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31838 comm="syz.9.27094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 871.815106][ T40] audit: type=1326 audit(2000000377.573:4460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31838 comm="syz.9.27094" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 871.833155][ T40] audit: type=1326 audit(2000000377.573:4461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31838 comm="syz.9.27094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 872.624695][T31872] loop9: detected capacity change from 0 to 7 [ 872.651178][T11905] Dev loop9: unable to read RDB block 7 [ 872.653027][T11905] loop9: unable to read partition table [ 872.657867][T11905] loop9: partition table beyond EOD, truncated [ 872.742008][T31875] Invalid logical block size (1) [ 872.742062][T31872] Dev loop9: unable to read RDB block 7 [ 872.743787][T31872] loop9: unable to read partition table [ 872.743895][T31872] loop9: partition table beyond EOD, truncated [ 872.743915][T31872] loop_reread_partitions: partition scan of loop9 () failed (rc=-5) [ 873.588383][T31903] netlink: 8 bytes leftover after parsing attributes in process `syz.7.27118'. [ 873.648075][ T5827] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 873.819361][ T5827] usb 5-1: Using ep0 maxpacket: 8 [ 873.824911][ T5827] usb 5-1: config 0 has no interfaces? [ 873.827168][ T5827] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 873.830819][ T5827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 873.842006][ T5827] usb 5-1: config 0 descriptor?? [ 874.049134][ T6188] kernel read not supported for file /vcs (pid: 6188 comm: kworker/3:4) [ 874.066630][T12699] usb 5-1: USB disconnect, device number 20 [ 875.003794][T31950] netlink: 4 bytes leftover after parsing attributes in process `syz.0.27140'. [ 875.185326][T31957] loop8: detected capacity change from 0 to 7 [ 875.189638][T11905] loop8: [POWERTEC] [ 875.193402][T31957] loop8: [POWERTEC] [ 875.902701][T32003] netlink: 8 bytes leftover after parsing attributes in process `syz.0.27165'. [ 875.906875][T31999] netlink: 'syz.9.27160': attribute type 1 has an invalid length. [ 876.067506][T32009] bridge0: port 1(bridge_slave_0) entered blocking state [ 876.069846][T32009] bridge0: port 1(bridge_slave_0) entered forwarding state [ 876.480722][T32030] bridge0: port 1(bridge_slave_0) entered blocking state [ 876.483058][T32030] bridge0: port 1(bridge_slave_0) entered forwarding state [ 876.517694][T32034] netlink: 8 bytes leftover after parsing attributes in process `syz.2.27180'. [ 877.063563][T32061] loop8: detected capacity change from 0 to 7 [ 877.066648][T11905] loop8: [POWERTEC] [ 877.073992][T32061] loop8: [POWERTEC] [ 877.110040][T32065] input: syz1 as /devices/virtual/input/input96 [ 877.144357][ T6188] usb 12-1: new high-speed USB device number 17 using dummy_hcd [ 877.229123][T32073] input: syz1 as /devices/virtual/input/input97 [ 877.299616][T32078] netlink: 8 bytes leftover after parsing attributes in process `syz.9.27196'. [ 877.304622][ T6188] usb 12-1: Using ep0 maxpacket: 8 [ 877.308541][ T6188] usb 12-1: config 0 has no interfaces? [ 877.310365][ T6188] usb 12-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 877.313317][ T6188] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 877.338034][ T6188] usb 12-1: config 0 descriptor?? [ 877.565855][ T6188] usb 12-1: USB disconnect, device number 17 [ 878.833943][T32126] netlink: 8 bytes leftover after parsing attributes in process `syz.7.27221'. [ 878.836872][T32126] netlink: 'syz.7.27221': attribute type 18 has an invalid length. [ 878.839370][T32126] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27221'. [ 879.132535][ T5827] usb 12-1: new high-speed USB device number 18 using dummy_hcd [ 879.314203][ T5827] usb 12-1: Using ep0 maxpacket: 32 [ 879.318566][ T5827] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 879.323664][ T5827] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 879.327381][ T5827] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 879.330043][ T5827] usb 12-1: Product: syz [ 879.331417][ T5827] usb 12-1: Manufacturer: syz [ 879.332997][ T5827] usb 12-1: SerialNumber: syz [ 879.339758][ T5827] usb 12-1: config 0 descriptor?? [ 879.342300][T32130] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 879.345672][ T5827] hub 12-1:0.0: bad descriptor, ignoring hub [ 879.347818][ T5827] hub 12-1:0.0: probe with driver hub failed with error -5 [ 879.539580][ T5827] usb 14-1: new high-speed USB device number 6 using dummy_hcd [ 879.688818][T12160] usb 12-1: USB disconnect, device number 18 [ 879.710780][ T5827] usb 14-1: Using ep0 maxpacket: 32 [ 879.714669][ T5827] usb 14-1: config 0 has no interfaces? [ 879.720652][ T5827] usb 14-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39 [ 879.723701][ T5827] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 879.726905][ T5827] usb 14-1: Product: syz [ 879.728305][ T5827] usb 14-1: Manufacturer: syz [ 879.729834][ T5827] usb 14-1: SerialNumber: syz [ 879.734787][ T5827] usb 14-1: config 0 descriptor?? [ 879.959339][ T5827] usb 14-1: USB disconnect, device number 6 [ 881.324352][ T2199] block nbd1: Possible stuck request ffff888027f20000: control (read@0,4096B). Runtime 270 seconds [ 881.649284][T32247] netlink: 24 bytes leftover after parsing attributes in process `syz.0.27277'. [ 882.425133][ T6112] Bluetooth: hci0: link tx timeout [ 882.426888][ T6112] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa [ 882.429357][ T6112] Bluetooth: hci0: link tx timeout [ 882.790561][ C0] vcan0: j1939_tp_rxtimer: 0xffff888013440000: rx timeout, send abort [ 883.330581][ C0] vcan0: j1939_tp_rxtimer: 0xffff888013440000: abort rx timeout. Force session deactivation [ 883.390177][ T2915] block nbd2: Possible stuck request ffff888027f60000: control (read@0,4096B). Runtime 270 seconds [ 883.762086][T32320] nbd4: detected capacity change from 0 to 127 [ 883.766504][ T6111] block nbd4: Receive control failed (result -104) [ 883.826454][T30895] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 883.922317][T32330] netlink: 'syz.2.27313': attribute type 1 has an invalid length. [ 884.617435][ T6111] Bluetooth: hci0: command 0x0406 tx timeout [ 887.407332][ T5379] block nbd4: Connection timed out, retrying (0/1 alive) [ 887.410787][ T5379] block nbd4: Connection timed out, retrying (0/1 alive) [ 887.413053][ T5379] block nbd4: Connection timed out, retrying (0/1 alive) [ 887.415267][ T5379] block nbd4: Connection timed out, retrying (0/1 alive) [ 887.418199][ T30] block nbd4: Dead connection, failed to find a fallback [ 887.421150][ T30] block nbd4: shutting down sockets [ 887.423097][ T30] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 887.426098][ T30] buffer_io_error: 28 callbacks suppressed [ 887.426107][ T30] Buffer I/O error on dev nbd4, logical block 2, async page read [ 887.433517][ T30] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 887.436547][ T30] Buffer I/O error on dev nbd4, logical block 1, async page read [ 887.439152][ T30] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 887.442071][ T30] Buffer I/O error on dev nbd4, logical block 0, async page read [ 887.444490][ T30] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 887.447465][ T30] Buffer I/O error on dev nbd4, logical block 3, async page read [ 887.452501][T11905] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 887.455471][T11905] Buffer I/O error on dev nbd4, logical block 0, async page read [ 887.457927][T11905] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 887.460965][T11905] Buffer I/O error on dev nbd4, logical block 1, async page read [ 887.463422][T11905] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 887.466402][T11905] Buffer I/O error on dev nbd4, logical block 2, async page read [ 887.468844][T11905] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 887.471913][T11905] Buffer I/O error on dev nbd4, logical block 3, async page read [ 887.474655][T11905] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 887.477978][T11905] Buffer I/O error on dev nbd4, logical block 0, async page read [ 887.480418][T11905] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 887.483450][T11905] Buffer I/O error on dev nbd4, logical block 1, async page read [ 887.486268][T11905] ldm_validate_partition_table(): Disk read failed. [ 887.488597][T11905] Dev nbd4: unable to read RDB block 0 [ 887.490631][T11905] nbd4: unable to read partition table [ 887.494683][T11905] ldm_validate_partition_table(): Disk read failed. [ 887.497130][T11905] Dev nbd4: unable to read RDB block 0 [ 887.499389][T11905] nbd4: unable to read partition table [ 887.620937][ T6111] Bluetooth: hci3: command 0x0405 tx timeout [ 889.258010][T32494] vimc link validate: Scaler:src:16x16 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 889.673263][T15179] usb 14-1: new high-speed USB device number 7 using dummy_hcd [ 889.752118][T32518] netlink: 'syz.0.27372': attribute type 1 has an invalid length. [ 889.754700][T32518] netlink: 'syz.0.27372': attribute type 2 has an invalid length. [ 889.757414][T32518] netlink: 'syz.0.27372': attribute type 1 has an invalid length. [ 889.761034][T32518] netlink: 'syz.0.27372': attribute type 3 has an invalid length. [ 889.763572][T32518] netlink: 4 bytes leftover after parsing attributes in process `syz.0.27372'. [ 889.855759][T15179] usb 14-1: too many configurations: 9, using maximum allowed: 8 [ 889.859947][T15179] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 889.863690][T15179] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 889.876678][T15179] usb 14-1: config 0 interface 0 has no altsetting 0 [ 889.880292][T15179] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 889.883204][T15179] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 889.886872][T15179] usb 14-1: config 0 interface 0 has no altsetting 0 [ 889.898528][T15179] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 889.901298][T15179] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 889.905001][T15179] usb 14-1: config 0 interface 0 has no altsetting 0 [ 889.909504][T15179] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 889.913312][T15179] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 889.917581][T15179] usb 14-1: config 0 interface 0 has no altsetting 0 [ 889.930918][T15179] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 889.934362][T15179] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 889.937675][T15179] usb 14-1: config 0 interface 0 has no altsetting 0 [ 889.940824][T15179] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 889.944555][T15179] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 889.947269][T32525] bond0: entered promiscuous mode [ 889.948154][T15179] usb 14-1: config 0 interface 0 has no altsetting 0 [ 889.950365][T32525] bond_slave_0: entered promiscuous mode [ 889.956726][T32525] bond_slave_1: entered promiscuous mode [ 889.960818][T32525] batadv0: entered promiscuous mode [ 889.963635][T15179] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 889.964848][T32525] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 889.967486][T15179] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 889.967511][T15179] usb 14-1: config 0 interface 0 has no altsetting 0 [ 889.985047][T15179] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 889.988837][T15179] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 889.993441][T15179] usb 14-1: config 0 interface 0 has no altsetting 0 [ 890.007605][T15179] usb 14-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 890.010683][T15179] usb 14-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 890.014901][T15179] usb 14-1: Product: syz [ 890.026096][T15179] usb 14-1: Manufacturer: syz [ 890.028002][T15179] usb 14-1: SerialNumber: syz [ 890.030847][T15179] usb 14-1: config 0 descriptor?? [ 890.047616][T15179] yurex 14-1:0.0: USB YUREX device now attached to Yurex #0 [ 890.277637][ T54] usb 14-1: USB disconnect, device number 7 [ 890.288441][ T54] yurex 14-1:0.0: USB YUREX #0 now disconnected [ 890.769430][T32545] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27384'. [ 890.785395][T32545] netdevsim netdevsim7 netdevsim0: IPsec offload requires 128 bit authentication [ 892.133507][T32593] netlink: 8 bytes leftover after parsing attributes in process `syz.7.27407'. [ 892.506244][ C3] vcan0: j1939_tp_rxtimer: 0xffff888025b2b000: rx timeout, send abort [ 892.685806][T32625] netlink: 4 bytes leftover after parsing attributes in process `syz.9.27422'. [ 893.043690][ C3] vcan0: j1939_tp_rxtimer: 0xffff888025b2b000: abort rx timeout. Force session deactivation [ 893.885097][T32649] program syz.9.27433 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 894.926952][T32697] netlink: 28 bytes leftover after parsing attributes in process `syz.9.27452'. [ 895.295930][T32720] netlink: 24 bytes leftover after parsing attributes in process `syz.7.27465'. [ 896.133578][T32766] binder: 32765:32766 ioctl 4018620d 0 returned -22 [ 896.715002][ T336] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 896.717918][ T336] overlayfs: fs on './cgroup' does not support file handles, falling back to index=off,nfs_export=off. [ 896.722136][ T336] overlayfs: fs on './cgroup' does not support file handles, falling back to xino=off. [ 896.848486][ T345] netlink: 8 bytes leftover after parsing attributes in process `syz.2.27508'. [ 897.067003][ T363] netlink: 12 bytes leftover after parsing attributes in process `syz.9.27515'. [ 897.444808][ T380] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 897.595067][ T390] netlink: 8 bytes leftover after parsing attributes in process `syz.7.27528'. [ 898.948693][ T443] bpf: Bad value for 'uid' [ 898.989028][ T445] vivid-007: disconnect [ 898.992332][ T445] vivid-007: reconnect [ 899.790917][T12698] kernel read not supported for file /usbmon6 (pid: 12698 comm: kworker/1:1) [ 899.831071][ T499] netlink: 'syz.0.27576': attribute type 25 has an invalid length. [ 899.833464][ T499] netlink: 'syz.0.27576': attribute type 1 has an invalid length. [ 899.836044][ T499] bridge0: port 1(bridge_slave_0) entered learning state [ 899.851673][ T486] netlink: 4 bytes leftover after parsing attributes in process `syz.9.27572'. [ 899.927102][ T505] netlink: 'syz.9.27578': attribute type 1 has an invalid length. [ 900.665453][T14809] libceph: connect (1)[c::]:6789 error -101 [ 900.667304][T14809] libceph: mon0 (1)[c::]:6789 connect error [ 900.780089][ T540] ceph: No mds server is up or the cluster is laggy [ 901.062816][ T562] netlink: 84 bytes leftover after parsing attributes in process `syz.7.27604'. [ 901.067362][ T562] netlink: 84 bytes leftover after parsing attributes in process `syz.7.27604'. [ 901.700916][ T593] input: syz0 as /devices/virtual/input/input99 [ 902.059349][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 902.059360][ T40] audit: type=1326 audit(2000000405.906:4475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=598 comm="syz.2.27622" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f88f78 code=0x7ffc0000 [ 902.078645][ T40] audit: type=1326 audit(2000000405.916:4476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=598 comm="syz.2.27622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88f6c code=0x7ffc0000 [ 902.100173][ T40] audit: type=1326 audit(2000000405.916:4477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=598 comm="syz.2.27622" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f88f78 code=0x7ffc0000 [ 902.116556][ T40] audit: type=1326 audit(2000000405.916:4478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=598 comm="syz.2.27622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88f6c code=0x7ffc0000 [ 902.124097][ T40] audit: type=1326 audit(2000000405.925:4479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=598 comm="syz.2.27622" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f88f78 code=0x7ffc0000 [ 902.132742][ T40] audit: type=1326 audit(2000000405.925:4480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=598 comm="syz.2.27622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88f6c code=0x7ffc0000 [ 902.140152][ T40] audit: type=1326 audit(2000000405.925:4481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=598 comm="syz.2.27622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88f6c code=0x7ffc0000 [ 902.146889][ T40] audit: type=1326 audit(2000000405.925:4482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=598 comm="syz.2.27622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88f6c code=0x7ffc0000 [ 902.155457][ T40] audit: type=1326 audit(2000000405.925:4483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=598 comm="syz.2.27622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88f6c code=0x7ffc0000 [ 902.162281][ T40] audit: type=1326 audit(2000000405.925:4484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=598 comm="syz.2.27622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88f6c code=0x7ffc0000 [ 902.647121][ T622] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 902.649349][ T622] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 902.653972][ T622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.27632'. [ 902.685906][ T624] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.27633'. [ 902.759156][ T622] hsr_slave_0: left promiscuous mode [ 902.780057][ T622] hsr_slave_1: left promiscuous mode [ 903.417868][ T669] team0: Port device syz_tun added [ 903.560822][ T669] team0: Port device syz_tun removed [ 903.573708][ T669] bridge_slave_0: left allmulticast mode [ 903.575801][ T669] bridge_slave_0: left promiscuous mode [ 903.577730][ T669] bridge0: port 1(bridge_slave_0) entered disabled state [ 903.638082][ T669] bridge_slave_1: left allmulticast mode [ 903.640527][ T669] bridge_slave_1: left promiscuous mode [ 903.643074][ T669] bridge0: port 2(bridge_slave_1) entered disabled state [ 903.722574][ T669] bond0: (slave bond_slave_0): Releasing backup interface [ 903.733483][ T683] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.27660'. [ 903.801384][ T687] input: syz1 as /devices/virtual/input/input100 [ 903.807219][ T669] bond0: (slave bond_slave_1): Releasing backup interface [ 903.817531][ T5827] usb 12-1: new high-speed USB device number 19 using dummy_hcd [ 903.891515][ T669] team0: Port device team_slave_0 removed [ 903.929502][ T669] team0: Port device team_slave_1 removed [ 903.943594][ T669] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 903.946359][ T669] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 903.979173][ T669] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 903.980064][ T5827] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 903.981565][ T669] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 903.987741][ T5827] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 903.991875][ T5827] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 904.005316][ T5827] usb 12-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 904.010412][ T5827] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 904.013049][ T5827] usb 12-1: Product: syz [ 904.014439][ T5827] usb 12-1: Manufacturer: syz [ 904.016024][ T5827] usb 12-1: SerialNumber: syz [ 904.024731][ T5827] usb 12-1: config 0 descriptor?? [ 904.054632][ T669] bond0: (slave bond1): Releasing backup interface [ 904.255125][ T5827] adutux 12-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0 [ 904.468463][ T29] usb 12-1: USB disconnect, device number 19 [ 904.750641][ T6111] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 904.757543][ T6111] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 904.771141][ T6111] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 904.776448][ T6111] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 904.783067][ T6111] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 904.835798][ T696] ip6_vti0 speed is unknown, defaulting to 1000 [ 905.219684][ T706] netlink: 8 bytes leftover after parsing attributes in process `syz.2.27671'. [ 905.223287][ T706] netlink: 4 bytes leftover after parsing attributes in process `syz.2.27671'. [ 905.230809][ T696] chnl_net:caif_netlink_parms(): no params data found [ 905.252687][ T706] netlink: 8 bytes leftover after parsing attributes in process `syz.2.27671'. [ 905.371690][ T696] bridge0: port 1(bridge_slave_0) entered blocking state [ 905.374636][ T696] bridge0: port 1(bridge_slave_0) entered disabled state [ 905.377641][ T696] bridge_slave_0: entered allmulticast mode [ 905.382286][ T696] bridge_slave_0: entered promiscuous mode [ 905.386685][ T696] bridge0: port 2(bridge_slave_1) entered blocking state [ 905.390165][ T696] bridge0: port 2(bridge_slave_1) entered disabled state [ 905.393145][ T696] bridge_slave_1: entered allmulticast mode [ 905.396280][ T696] bridge_slave_1: entered promiscuous mode [ 905.421162][ T696] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 905.428221][ T696] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 905.485799][ T696] team0: Port device team_slave_0 added [ 905.496660][ T696] team0: Port device team_slave_1 added [ 905.511522][ T696] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 905.514028][ T696] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 905.523636][ T696] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 905.528407][ T696] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 905.530605][ T696] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 905.538795][ T696] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 905.569882][ T696] hsr_slave_0: entered promiscuous mode [ 905.578698][ T696] hsr_slave_1: entered promiscuous mode [ 905.581393][ T696] debugfs: 'hsr0' already exists in 'hsr' [ 905.583209][ T696] Cannot create hsr debugfs directory [ 905.950099][ T721] syzkaller1: entered promiscuous mode [ 905.951967][ T721] syzkaller1: entered allmulticast mode [ 907.024223][ T6111] Bluetooth: hci0: command tx timeout [ 907.633851][ T5827] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 907.730628][ T696] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 907.756990][ T696] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 907.792156][ T696] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 907.815295][ T5827] usb 5-1: Using ep0 maxpacket: 32 [ 907.821955][ T5827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 907.832155][ T5827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 907.836358][ T5827] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 907.843421][ T5827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 907.848370][ T696] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 907.860839][ T5827] usb 5-1: config 0 descriptor?? [ 908.107838][ T696] 8021q: adding VLAN 0 to HW filter on device bond0 [ 908.124794][ T696] 8021q: adding VLAN 0 to HW filter on device team0 [ 908.146222][ T617] bridge0: port 1(bridge_slave_0) entered blocking state [ 908.149307][ T617] bridge0: port 1(bridge_slave_0) entered forwarding state [ 908.167326][ T617] bridge0: port 2(bridge_slave_1) entered blocking state [ 908.170302][ T617] bridge0: port 2(bridge_slave_1) entered forwarding state [ 908.324522][ T5827] savu 0003:1E7D:2D5A.0010: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 908.369013][ T696] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 908.482817][ T696] veth0_vlan: entered promiscuous mode [ 908.526880][ T696] veth1_vlan: entered promiscuous mode [ 908.581001][ T696] veth0_macvtap: entered promiscuous mode [ 908.588698][T12698] usb 5-1: USB disconnect, device number 21 [ 908.603935][ T696] veth1_macvtap: entered promiscuous mode [ 908.642358][ T696] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 908.654637][ T696] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 908.666847][ T617] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 908.672808][ T617] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 908.680655][ T617] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 908.684506][ T617] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 908.850801][ T617] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 908.884274][ T617] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 908.902101][ T617] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 908.908056][ T617] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 909.135778][ T906] netlink: 12 bytes leftover after parsing attributes in process `syz.3.27724'. [ 909.139906][ T906] netlink: 12 bytes leftover after parsing attributes in process `syz.3.27724'. [ 909.254095][ T6111] Bluetooth: hci0: command tx timeout [ 909.905575][ T968] Bluetooth: MGMT ver 1.23 [ 910.382612][ T1005] 9pnet_virtio: no channels available for device syz [ 910.386788][ T1003] netfs: Couldn't get user pages (rc=-14) [ 910.475286][ T1009] team0: Port device syz_tun added [ 910.586690][ T1009] team0: Port device syz_tun removed [ 910.593145][ T1009] bridge_slave_0: left allmulticast mode [ 910.597183][ T1009] bridge_slave_0: left promiscuous mode [ 910.599938][ T1009] bridge0: port 1(bridge_slave_0) entered disabled state [ 910.672445][ T1009] bridge_slave_1: left allmulticast mode [ 910.674947][ T1009] bridge_slave_1: left promiscuous mode [ 910.677509][ T1009] bridge0: port 2(bridge_slave_1) entered disabled state [ 910.793242][ T1009] bond0: (slave bond_slave_0): Releasing backup interface [ 910.874098][ T1009] bond0: (slave bond_slave_1): Releasing backup interface [ 910.954482][ T1009] team0: Port device team_slave_0 removed [ 910.984384][ T1009] team0: Port device team_slave_1 removed [ 910.986743][ T1009] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 910.989110][ T1009] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 911.024228][ T1009] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 911.026648][ T1009] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 911.058272][ T1009] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 911.069526][ T1031] netlink: 40 bytes leftover after parsing attributes in process `syz.7.27769'. [ 911.073104][ T1031] netlink: 40 bytes leftover after parsing attributes in process `syz.7.27769'. [ 911.471512][ T6111] Bluetooth: hci0: command tx timeout [ 911.732232][ T1055] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 911.831877][ T1060] team0: Port device syz_tun added [ 911.955732][ T1060] team0: Port device syz_tun removed [ 911.959040][ T1060] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 912.439845][ T1095] dummy0: entered promiscuous mode [ 912.498344][ T1095] dummy0: left promiscuous mode [ 912.688915][ T1105] Invalid argument reading file caps for ./file0 [ 912.857190][ T1114] netlink: 16 bytes leftover after parsing attributes in process `syz.2.27802'. [ 913.482188][ T2199] block nbd1: Possible stuck request ffff888027f20000: control (read@0,4096B). Runtime 300 seconds [ 913.706295][ T6111] Bluetooth: hci0: command tx timeout [ 913.952613][ T5827] usb 12-1: new high-speed USB device number 20 using dummy_hcd [ 914.127230][ T5827] usb 12-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 914.131241][ T5827] usb 12-1: config 0 interface 0 has no altsetting 0 [ 914.137390][ T5827] usb 12-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 914.140777][ T5827] usb 12-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 914.144503][ T5827] usb 12-1: Product: syz [ 914.146199][ T5827] usb 12-1: Manufacturer: syz [ 914.148058][ T5827] usb 12-1: SerialNumber: syz [ 914.152372][ T5827] usb 12-1: config 0 descriptor?? [ 914.167240][ T5827] usb 12-1: selecting invalid altsetting 0 [ 914.384954][ T5827] usb 12-1: USB disconnect, device number 20 [ 914.529784][ T40] kauditd_printk_skb: 2059 callbacks suppressed [ 914.529796][ T40] audit: type=1326 audit(2000000417.571:6544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1223 comm="syz.3.27845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 914.539354][ T40] audit: type=1326 audit(2000000417.571:6545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1223 comm="syz.3.27845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 914.541312][ T1225] netlink: 'syz.2.27843': attribute type 4 has an invalid length. [ 914.546831][ T40] audit: type=1326 audit(2000000417.571:6546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1223 comm="syz.3.27845" exe="/syz-executor" sig=0 arch=40000003 syscall=374 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 914.556879][ T40] audit: type=1326 audit(2000000417.571:6547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1223 comm="syz.3.27845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 914.565006][ T40] audit: type=1326 audit(2000000417.571:6548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1223 comm="syz.3.27845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 914.573223][ T40] audit: type=1326 audit(2000000417.571:6549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1223 comm="syz.3.27845" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 914.581137][ T40] audit: type=1326 audit(2000000417.571:6550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1223 comm="syz.3.27845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 914.588690][ T40] audit: type=1326 audit(2000000417.571:6551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1223 comm="syz.3.27845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 914.606401][ T40] audit: type=1326 audit(2000000417.571:6552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1223 comm="syz.3.27845" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 914.616049][ T40] audit: type=1326 audit(2000000417.590:6553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1223 comm="syz.3.27845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 915.157840][ T1260] 9pnet: p9_errstr2errno: server reported unknown error 0x000 [ 915.319340][ T1280] o2cb: This node has not been configured. [ 915.322397][ T1280] o2cb: Cluster check failed. Fix errors before retrying. [ 915.324668][ T1280] (syz.2.27870,1280,1):user_dlm_register:674 ERROR: status = -22 [ 915.327082][ T1280] (syz.2.27870,1280,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1" [ 915.557946][ T2915] block nbd2: Possible stuck request ffff888027f60000: control (read@0,4096B). Runtime 300 seconds [ 916.103371][ T1320] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.27887'. [ 916.311363][ T1333] netlink: 212336 bytes leftover after parsing attributes in process `syz.7.27893'. [ 916.400037][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 916.659718][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 916.678339][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 917.063058][T12698] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 917.233698][T12698] usb 5-1: Using ep0 maxpacket: 8 [ 917.237766][T12698] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 917.241229][T12698] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 917.245786][T12698] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 917.249962][T12698] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 917.254064][T12698] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 917.260781][T12698] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 917.264591][T12698] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 917.415474][ T50] usb 12-1: new high-speed USB device number 21 using dummy_hcd [ 917.494958][T12698] usb 5-1: usb_control_msg returned -32 [ 917.497794][T12698] usbtmc 5-1:16.0: can't read capabilities [ 917.586539][ T50] usb 12-1: Using ep0 maxpacket: 32 [ 917.596465][ T50] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 917.611692][ T50] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 917.615383][ T50] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 917.622969][ T50] usb 12-1: Product: syz [ 917.624978][ T50] usb 12-1: Manufacturer: syz [ 917.627005][ T50] usb 12-1: SerialNumber: syz [ 917.639958][ T50] usb 12-1: config 0 descriptor?? [ 917.642966][ T1371] raw-gadget.2 gadget.7: fail, usb_ep_enable returned -22 [ 917.650149][ T50] hub 12-1:0.0: bad descriptor, ignoring hub [ 917.652929][ T50] hub 12-1:0.0: probe with driver hub failed with error -5 [ 917.707489][ T1380] netlink: 64 bytes leftover after parsing attributes in process `syz.3.27913'. [ 917.868920][ T1371] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90 [ 917.880951][ T1385] usbtmc 5-1:16.0: usb_control_msg returned -32 [ 917.885133][T12698] usb 5-1: USB disconnect, device number 22 [ 918.185511][ T5827] usb 12-1: USB disconnect, device number 21 [ 918.477896][ T1395] tun0: tun_chr_ioctl cmd 1074025675 [ 918.480350][ T1395] tun0: persist enabled [ 918.483005][ T1395] tun0: tun_chr_ioctl cmd 1074025675 [ 918.485174][ T1395] tun0: persist disabled [ 918.806394][ T1400] netlink: 'syz.0.27922': attribute type 30 has an invalid length. [ 918.809800][ T1400] netlink: 4 bytes leftover after parsing attributes in process `syz.0.27922'. [ 921.106056][ T1475] netlink: 8 bytes leftover after parsing attributes in process `syz.0.27954'. [ 921.238004][ T1479] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 921.241704][ T1479] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 921.871846][ T1512] netlink: 16 bytes leftover after parsing attributes in process `syz.3.27969'. [ 922.068206][ T1522] syzkaller1: entered promiscuous mode [ 922.073142][ T1522] syzkaller1: entered allmulticast mode [ 922.523952][ T40] kauditd_printk_skb: 30 callbacks suppressed [ 922.523968][ T40] audit: type=1326 audit(2000000425.045:6584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1525 comm="syz.2.27975" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f88f6c code=0x0 [ 923.571920][ T1550] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.27982'. [ 923.753966][ T1563] netlink: 4 bytes leftover after parsing attributes in process `syz.2.27990'. [ 924.775573][ T1600] nbd: socks must be embedded in a SOCK_ITEM attr [ 924.782264][ T1600] block nbd5: shutting down sockets [ 925.279985][ T1626] binder: 1625:1626 ioctl c018937e 0 returned -22 [ 926.930094][ T50] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 927.101529][ T50] usb 5-1: Using ep0 maxpacket: 8 [ 927.104512][ T50] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 927.107292][ T50] usb 5-1: config 0 has no interface number 0 [ 927.109904][ T50] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 927.115195][ T50] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 927.120017][ T50] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 927.125417][ T50] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 927.130252][ T50] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 927.133452][ T50] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 927.138416][ T50] usb 5-1: config 0 descriptor?? [ 927.145861][ T50] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 928.436319][ T1731] netlink: 4 bytes leftover after parsing attributes in process `syz.3.28066'. [ 928.494661][ T1413] aoe: packet could not be sent on bond0. consider increasing tx_queue_len [ 928.525805][ T1733] veth0_to_team: entered promiscuous mode [ 928.610206][ T1739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28069'. [ 928.613327][ T1739] netlink: 'syz.3.28069': attribute type 1 has an invalid length. [ 928.631215][T11045] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 928.641453][T28039] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 928.645213][T28039] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 928.648076][T28039] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 928.883666][ T1748] syz.3.28073: page allocation failure: order:5, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 928.883882][ T1748] CPU: 1 UID: 0 PID: 1748 Comm: syz.3.28073 Tainted: G L syzkaller #0 PREEMPT(full) [ 928.883908][ T1748] Tainted: [L]=SOFTLOCKUP [ 928.883915][ T1748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 928.883926][ T1748] Call Trace: [ 928.883930][ T1748] [ 928.883935][ T1748] dump_stack_lvl+0x100/0x190 [ 928.883955][ T1748] warn_alloc.cold+0x95/0x1c1 [ 928.883975][ T1748] ? __pfx_warn_alloc+0x10/0x10 [ 928.883992][ T1748] ? psi_memstall_leave+0x19c/0x2e0 [ 928.884010][ T1748] ? __pfx___might_resched+0x10/0x10 [ 928.884030][ T1748] __alloc_frozen_pages_noprof+0xf36/0x2ba0 [ 928.884055][ T1748] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 928.884071][ T1748] ? stack_trace_save+0x8e/0xc0 [ 928.884094][ T1748] ? kasan_save_stack+0x30/0x50 [ 928.884109][ T1748] ? kasan_save_track+0x14/0x30 [ 928.884124][ T1748] ? __kasan_kmalloc+0xaa/0xb0 [ 928.884139][ T1748] ? vc_allocate+0x1a6/0x880 [ 928.884153][ T1748] ? fb_var_to_videomode+0x586/0x6a0 [ 928.884179][ T1748] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 928.884198][ T1748] ? policy_nodemask+0xed/0x4f0 [ 928.884217][ T1748] alloc_pages_mpol+0x1fb/0x550 [ 928.884235][ T1748] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 928.884252][ T1748] ? lockdep_hardirqs_on+0x78/0x100 [ 928.884268][ T1748] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 928.884299][ T1748] ? vc_allocate+0x4c3/0x880 [ 928.884312][ T1748] ___kmalloc_large_node+0x104/0x150 [ 928.884324][ T1748] ? fbcon_init+0xb4a/0x1820 [ 928.884344][ T1748] __kmalloc_large_node_noprof+0x1c/0x70 [ 928.884362][ T1748] __kmalloc_noprof+0x5be/0x850 [ 928.884385][ T1748] ? visual_init+0x3bd/0x620 [ 928.884405][ T1748] vc_allocate+0x4c3/0x880 [ 928.884417][ T1748] ? __pfx_vc_allocate+0x10/0x10 [ 928.884433][ T1748] con_install+0xa1/0x620 [ 928.884445][ T1748] ? __pfx_con_install+0x10/0x10 [ 928.884460][ T1748] ? __pfx_con_install+0x10/0x10 [ 928.884472][ T1748] tty_init_dev.part.0+0x9e/0x470 [ 928.884487][ T1748] tty_open+0xa63/0xfa0 [ 928.884503][ T1748] ? __pfx_tty_open+0x10/0x10 [ 928.884515][ T1748] ? chrdev_open+0x10b/0x6a0 [ 928.884531][ T1748] ? chrdev_open+0x10b/0x6a0 [ 928.884550][ T1748] ? __pfx_tty_open+0x10/0x10 [ 928.884563][ T1748] chrdev_open+0x234/0x6a0 [ 928.884579][ T1748] ? __pfx_apparmor_file_open+0x10/0x10 [ 928.884594][ T1748] ? __pfx_chrdev_open+0x10/0x10 [ 928.884612][ T1748] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 928.884632][ T1748] do_dentry_open+0x6d8/0x1660 [ 928.884649][ T1748] ? __pfx_chrdev_open+0x10/0x10 [ 928.884669][ T1748] vfs_open+0x82/0x3f0 [ 928.884683][ T1748] path_openat+0x208c/0x31a0 [ 928.884703][ T1748] ? asm_int80_emulation+0x1a/0x20 [ 928.884716][ T1748] ? __pfx_path_openat+0x10/0x10 [ 928.884739][ T1748] do_file_open+0x20e/0x430 [ 928.884757][ T1748] ? __pfx_do_file_open+0x10/0x10 [ 928.884784][ T1748] ? _raw_spin_unlock+0x28/0x50 [ 928.884801][ T1748] ? alloc_fd+0x476/0x790 [ 928.884828][ T1748] do_sys_openat2+0x10d/0x1e0 [ 928.884843][ T1748] ? __pfx_do_sys_openat2+0x10/0x10 [ 928.884858][ T1748] ? kcov_ioctl+0x16a/0x720 [ 928.884875][ T1748] ? rcu_is_watching+0x12/0xc0 [ 928.884892][ T1748] ? kcov_ioctl+0x16a/0x720 [ 928.884910][ T1748] __ia32_compat_sys_openat+0x12d/0x210 [ 928.884926][ T1748] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 928.884941][ T1748] ? kcov_ioctl+0x16a/0x720 [ 928.884964][ T1748] do_int80_emulation+0x141/0x6b0 [ 928.884978][ T1748] asm_int80_emulation+0x1a/0x20 [ 928.884990][ T1748] RIP: 0023:0xf7155b6b [ 928.884999][ T1748] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 928.885010][ T1748] RSP: 002b:00000000f540d03c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 928.885020][ T1748] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f540d100 [ 928.885027][ T1748] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 928.885033][ T1748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 928.885039][ T1748] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 928.885045][ T1748] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 928.885060][ T1748] [ 928.885065][ T1748] Mem-Info: [ 928.885072][ T1748] active_anon:614 inactive_anon:1372 isolated_anon:0 [ 928.885072][ T1748] active_file:2051 inactive_file:10426 isolated_file:0 [ 928.885072][ T1748] unevictable:1791 dirty:480 writeback:0 [ 928.885072][ T1748] slab_reclaimable:8723 slab_unreclaimable:78649 [ 928.885072][ T1748] mapped:22153 shmem:1770 pagetables:2086 [ 928.885072][ T1748] sec_pagetables:347 bounce:0 [ 928.885072][ T1748] kernel_misc_reclaimable:0 [ 928.885072][ T1748] free:52226 free_pcp:62 free_cma:0 [ 928.885102][ T1748] Node 0 active_anon:4kB inactive_anon:56kB active_file:160kB inactive_file:480kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:652kB dirty:196kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8084kB pagetables:1252kB sec_pagetables:1116kB all_unreclaimable? yes Balloon:0kB [ 928.885131][ T1748] Node 1 active_anon:2452kB inactive_anon:5432kB active_file:8044kB inactive_file:41224kB unevictable:3628kB isolated(anon):0kB isolated(file):0kB mapped:87960kB dirty:1724kB writeback:0kB shmem:3544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7700kB pagetables:7092kB sec_pagetables:272kB all_unreclaimable? no Balloon:0kB [ 928.885160][ T1748] Node 0 DMA free:3940kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:20kB inactive_file:140kB unevictable:0kB writepending:8kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 928.885194][ T1748] lowmem_reserve[]: 0 285 285 285 285 [ 928.885220][ T1748] Node 0 DMA32 free:32012kB boost:18432kB min:31504kB low:34772kB high:38040kB reserved_highatomic:2048KB free_highatomic:1364KB active_anon:4kB inactive_anon:56kB active_file:140kB inactive_file:340kB unevictable:3536kB writepending:188kB zspages:1536kB present:1032196kB managed:292672kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 928.885254][ T1748] lowmem_reserve[]: 0 0 0 0 0 [ 928.885277][ T1748] Node 1 DMA32 free:172952kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:2452kB inactive_anon:5432kB active_file:8044kB inactive_file:41224kB unevictable:3628kB writepending:1724kB zspages:4768kB present:1048432kB managed:948212kB mlocked:92kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 928.885309][ T1748] lowmem_reserve[]: 0 0 0 0 0 [ 928.885330][ T1748] Node 0 DMA: 91*4kB (UM) 103*8kB (UM) 50*16kB (UM) 37*32kB (UM) 0*64kB 2*128kB (M) 0*256kB 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 3940kB [ 928.885411][ T1748] Node 0 DMA32: 1199*4kB (UMEH) 456*8kB (UMEH) 239*16kB (UMH) 216*32kB (UMEH) 83*64kB (UMEH) 29*128kB (UMEH) 5*256kB (UE) 1*512kB (U) 2*1024kB (U) 0*2048kB 0*4096kB = 32044kB [ 928.885517][ T1748] Node 1 DMA32: 3966*4kB (UME) 4876*8kB (UME) 6848*16kB (UME) 244*32kB (UME) 10*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 172888kB [ 928.885595][ T1748] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 928.885604][ T1748] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 928.885613][ T1748] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 928.885622][ T1748] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 928.885631][ T1748] 15510 total pagecache pages [ 928.885636][ T1748] 1265 pages in swap cache [ 928.885640][ T1748] Free swap = 59840kB [ 928.885645][ T1748] Total swap = 124996kB [ 928.885650][ T1748] 524155 pages RAM [ 928.885654][ T1748] 0 pages HighMem/MovableOnly [ 928.885658][ T1748] 210094 pages reserved [ 928.885663][ T1748] 0 pages cma reserved [ 929.528985][ T50] usb 5-1: USB disconnect, device number 23 [ 929.536371][ T50] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 929.728046][T12698] kernel write not supported for file bpf-prog (pid: 12698 comm: kworker/1:1) [ 929.891949][ T40] audit: type=1326 audit(2000000431.929:6585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.7.28083" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef78 code=0x7ffc0000 [ 929.899992][ T40] audit: type=1326 audit(2000000431.948:6586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.7.28083" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef78 code=0x7ffc0000 [ 929.908177][ T40] audit: type=1326 audit(2000000431.948:6587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.7.28083" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef78 code=0x7ffc0000 [ 929.917734][ T40] audit: type=1326 audit(2000000431.948:6588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.7.28083" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef78 code=0x7ffc0000 [ 929.927393][ T40] audit: type=1326 audit(2000000431.948:6589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.7.28083" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef78 code=0x7ffc0000 [ 929.937630][ T40] audit: type=1326 audit(2000000431.948:6590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.7.28083" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef78 code=0x7ffc0000 [ 929.946717][ T40] audit: type=1326 audit(2000000431.948:6591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.7.28083" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef78 code=0x7ffc0000 [ 929.956800][ T40] audit: type=1326 audit(2000000431.948:6592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.7.28083" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef78 code=0x7ffc0000 [ 929.965640][ T40] audit: type=1326 audit(2000000431.948:6593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.7.28083" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef78 code=0x7ffc0000 [ 929.975426][ T40] audit: type=1326 audit(2000000431.948:6594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.7.28083" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef78 code=0x7ffc0000 [ 930.228234][ T1801] netlink: 76 bytes leftover after parsing attributes in process `syz.3.28088'. [ 931.458208][ T1853] sctp: [Deprecated]: syz.3.28111 (pid 1853) Use of struct sctp_assoc_value in delayed_ack socket option. [ 931.458208][ T1853] Use struct sctp_sack_info instead [ 931.473810][ T1853] sctp: [Deprecated]: syz.3.28111 (pid 1853) Use of struct sctp_assoc_value in delayed_ack socket option. [ 931.473810][ T1853] Use struct sctp_sack_info instead [ 931.559163][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 931.581146][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 931.831048][ T1867] ip6_vti0 speed is unknown, defaulting to 1000 [ 932.566804][ T1911] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 932.638900][T12698] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 932.680935][ T1919] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.28142'. [ 932.823132][T12698] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 932.826229][T12698] usb 5-1: config 4 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 932.829221][T12698] usb 5-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 932.844950][T12698] usb 5-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40 [ 932.848730][T12698] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 932.851407][T12698] usb 5-1: Product: syz [ 932.857523][T12698] usb 5-1: Manufacturer: syz [ 932.859047][T12698] usb 5-1: SerialNumber: syz [ 932.864437][T12698] usblp0: Disabling reads from problematic bidirectional printer [ 933.103973][T12698] usblp 5-1:4.0: usblp0: USB Unidirectional printer dev 24 if 0 alt 0 proto 1 vid 0x03F0 pid 0x0004 [ 933.325279][T12698] usb 5-1: USB disconnect, device number 24 [ 933.548189][ T1895] usblp0: removed [ 933.588545][ T1971] ip6_vti0 speed is unknown, defaulting to 1000 [ 933.661458][ T1974] ip6_vti0 speed is unknown, defaulting to 1000 [ 933.684297][ T1976] netlink: 60 bytes leftover after parsing attributes in process `syz.2.28168'. [ 933.878265][ T1983] netlink: 'syz.2.28171': attribute type 19 has an invalid length. [ 933.977389][ T1989] input: syz0 as /devices/virtual/input/input101 [ 934.098688][ T1997] netlink: 24 bytes leftover after parsing attributes in process `syz.7.28177'. [ 935.489945][ T29] kernel write not supported for file bpf-prog (pid: 29 comm: kworker/1:0) [ 935.668311][ T2046] tap0: tun_chr_ioctl cmd 1074025675 [ 935.670083][ T2046] tap0: persist enabled [ 935.674402][ T2046] tap0: tun_chr_ioctl cmd 1074025675 [ 935.676628][ T2046] tap0: persist enabled [ 936.461391][ T2083] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 936.465355][ T2083] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 936.473491][ T2083] overlayfs: inode number too big (/, ino=4611686018427387905, xinobits=3) [ 936.686577][ T2090] netlink: 12 bytes leftover after parsing attributes in process `syz.7.28219'. [ 936.690421][ T2090] netlink: 8 bytes leftover after parsing attributes in process `syz.7.28219'. [ 936.730272][ T2092] ip6_vti0 speed is unknown, defaulting to 1000 [ 936.742807][ T2096] loop9: detected capacity change from 0 to 7 [ 936.798484][ T2199] blk_print_req_error: 138 callbacks suppressed [ 936.798501][ T2199] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 936.804470][ T2199] buffer_io_error: 138 callbacks suppressed [ 936.804480][ T2199] Buffer I/O error on dev loop9, logical block 0, async page read [ 936.812470][ T2096] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 936.815499][ T2096] Buffer I/O error on dev loop9, logical block 0, async page read [ 936.818041][ T2096] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 936.822111][ T2096] Buffer I/O error on dev loop9, logical block 0, async page read [ 936.824714][ T2096] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 936.827715][ T2096] Buffer I/O error on dev loop9, logical block 0, async page read [ 936.831314][ T2096] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 936.834481][ T2096] Buffer I/O error on dev loop9, logical block 0, async page read [ 936.837024][ T2096] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 936.840096][ T2096] Buffer I/O error on dev loop9, logical block 0, async page read [ 936.843122][ T2096] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 936.846973][ T2096] Buffer I/O error on dev loop9, logical block 0, async page read [ 936.850385][ T2096] ldm_validate_partition_table(): Disk read failed. [ 936.853428][ T2096] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 936.857061][ T2096] Buffer I/O error on dev loop9, logical block 0, async page read [ 936.859674][ T2096] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 936.863313][ T2096] Buffer I/O error on dev loop9, logical block 0, async page read [ 936.866427][ T2096] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 936.869570][ T2096] Buffer I/O error on dev loop9, logical block 0, async page read [ 936.873364][ T2096] Dev loop9: unable to read RDB block 0 [ 936.875854][ T2096] loop9: unable to read partition table [ 936.878460][ T2096] loop9: partition table beyond EOD, truncated [ 936.881115][ T2096] loop_reread_partitions: partition scan of loop9 (Wý* %4FLQk݊5) failed (rc=-5) [ 937.485493][ T2118] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 40 [ 937.649953][ T2122] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.28231'. [ 938.984037][ T2169] pim6reg: entered allmulticast mode [ 939.000318][ T2169] pim6reg: left allmulticast mode [ 939.069927][ T2171] ip6_vti0 speed is unknown, defaulting to 1000 [ 939.230102][ T2180] input: syz1 as /devices/virtual/input/input102 [ 939.850918][ T2210] ip6_vti0 speed is unknown, defaulting to 1000 [ 940.427018][ T2241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.28281'. [ 940.652802][ T2254] kernel read not supported for file /sg0 (pid: 2254 comm: syz.0.28287) [ 941.840706][ T2297] netlink: 16 bytes leftover after parsing attributes in process `syz.0.28306'. [ 942.227731][ T2309] netlink: 4 bytes leftover after parsing attributes in process `syz.3.28311'. [ 942.235249][ T2309] netlink: 4 bytes leftover after parsing attributes in process `syz.3.28311'. [ 943.207673][ T2321] 9pnet_virtio: no channels available for device syz [ 943.277288][ T40] kauditd_printk_skb: 816 callbacks suppressed [ 943.277301][ T40] audit: type=1326 audit(2000000444.464:7411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2322 comm="syz.7.28317" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709ef6c code=0x0 [ 944.922429][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 945.292368][ T2356] netlink: 4 bytes leftover after parsing attributes in process `syz.2.28332'. [ 945.498877][ T2364] netlink: 20 bytes leftover after parsing attributes in process `syz.2.28335'. [ 945.638885][ T2199] block nbd1: Possible stuck request ffff888027f20000: control (read@0,4096B). Runtime 330 seconds [ 945.910544][ T2393] Invalid argument reading file caps for ./file0 [ 946.213391][ T2409] netlink: 'syz.2.28357': attribute type 1 has an invalid length. [ 946.217171][ T2409] netlink: 'syz.2.28357': attribute type 6 has an invalid length. [ 946.219689][ T2409] netlink: 52 bytes leftover after parsing attributes in process `syz.2.28357'. [ 946.471678][T12698] usb 12-1: new high-speed USB device number 22 using dummy_hcd [ 946.657797][T12698] usb 12-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 946.662127][T12698] usb 12-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 946.668193][T12698] usb 12-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 946.671251][T12698] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 946.676857][ T2407] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 946.682410][T12698] usb 12-1: Quirk or no altset; falling back to MIDI 1.0 [ 946.689187][ T2411] binder: 2410:2411 ioctl 4018620d 0 returned -22 [ 946.718310][ T2381] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 946.901010][ T2420] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28362'. [ 946.924503][ T842] usb 12-1: USB disconnect, device number 22 [ 947.006135][ T2428] 9p: Unknown uid 00000000004294967295 [ 947.690694][ T2915] block nbd2: Possible stuck request ffff888027f60000: control (read@0,4096B). Runtime 330 seconds [ 950.184754][ T2516] netlink: 112 bytes leftover after parsing attributes in process `syz.2.28402'. [ 950.477257][ T2527] netlink: 'syz.0.28407': attribute type 11 has an invalid length. [ 950.948660][T12699] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 950.976097][ T2554] input: syz0 as /devices/virtual/input/input103 [ 951.032756][ T2556] sctp: [Deprecated]: syz.7.28416 (pid 2556) Use of int in max_burst socket option. [ 951.032756][ T2556] Use struct sctp_assoc_value instead [ 951.130276][T12699] usb 5-1: Using ep0 maxpacket: 32 [ 951.137969][T12699] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 951.140794][T12699] usb 5-1: config 0 has no interface number 0 [ 951.157443][T12699] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 951.160734][T12699] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 951.173161][T12699] usb 5-1: Product: syz [ 951.174847][T12699] usb 5-1: Manufacturer: syz [ 951.176632][T12699] usb 5-1: SerialNumber: syz [ 951.180046][T12699] usb 5-1: config 0 descriptor?? [ 951.184240][T12699] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 951.187675][T12699] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -22 [ 951.365419][ T2569] netlink: 12 bytes leftover after parsing attributes in process `syz.2.28420'. [ 951.400781][ T2565] netlink: 60 bytes leftover after parsing attributes in process `syz.2.28420'. [ 951.404328][ T2533] netlink: 4 bytes leftover after parsing attributes in process `syz.0.28410'. [ 951.420106][ T2533] netlink: 4 bytes leftover after parsing attributes in process `syz.0.28410'. [ 951.453127][T12699] usb 5-1: USB disconnect, device number 25 [ 951.520383][ T2565] netlink: 60 bytes leftover after parsing attributes in process `syz.2.28420'. [ 951.670845][ T2578] netlink: 4 bytes leftover after parsing attributes in process `syz.3.28424'. [ 951.927952][ T2593] netlink: 212916 bytes leftover after parsing attributes in process `syz.3.28429'. [ 952.292051][ T2619] netlink: 4 bytes leftover after parsing attributes in process `syz.2.28438'. [ 952.605352][ T2522] Bluetooth: hci1: command 0x0406 tx timeout [ 953.027343][ T2659] syzkaller1: entered promiscuous mode [ 953.029087][ T2659] syzkaller1: entered allmulticast mode [ 953.117082][ T40] audit: type=1800 audit(2000000709.663:7412): pid=2666 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.28456" name="file0" dev="9p" ino=74973545 res=0 errno=0 [ 954.552360][ T2713] gre0: Caught tx_queue_len zero misconfig [ 954.912966][ T6112] Bluetooth: hci1: command 0x0406 tx timeout [ 954.916461][ T842] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 954.920527][ T842] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 955.164220][ T2748] input: syz1 as /devices/virtual/input/input104 [ 955.554573][T12699] usb 12-1: new high-speed USB device number 23 using dummy_hcd [ 955.714132][ T50] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 955.751405][T12699] usb 12-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 955.754863][T12699] usb 12-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 955.758245][T12699] usb 12-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 955.761059][T12699] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 955.769133][ T2752] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 955.775283][T12699] usb 12-1: Quirk or no altset; falling back to MIDI 1.0 [ 955.794993][ T2773] netlink: 'syz.2.28494': attribute type 3 has an invalid length. [ 955.895593][ T50] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 955.904137][ T50] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 955.907933][ T50] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 955.912181][ T50] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 955.918123][ T50] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 955.924034][ T50] usb 5-1: config 0 descriptor?? [ 956.006907][T12699] usb 12-1: USB disconnect, device number 23 [ 956.135762][ T2794] input: syz0 as /devices/virtual/input/input105 [ 956.388468][ T50] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 957.389190][ T2829] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input106 [ 957.409911][ T54] IPVS: starting estimator thread 0... [ 957.414587][ T2831] tipc: Started in network mode [ 957.416225][ T2831] tipc: Node identity ac1414aa, cluster identity 4711 [ 957.419154][ T2831] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 957.422555][ T2831] tipc: Enabled bearer , priority 10 [ 957.477708][ T842] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 957.478142][ T6112] Bluetooth: hci3: command 0x0405 tx timeout [ 957.479691][ T842] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 957.513951][ T40] audit: type=1326 audit(2000000713.781:7413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2842 comm="syz.2.28519" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f88f6c code=0x0 [ 957.522668][ T40] audit: type=1326 audit(2000000713.791:7414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2825 comm="syz.3.28514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7fc00000 [ 957.530796][ T2833] IPVS: using max 45 ests per chain, 108000 per kthread [ 957.562767][ C3] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 957.575937][ T40] audit: type=1326 audit(2000000713.847:7415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2842 comm="syz.2.28519" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88f6c code=0x7ffc0000 [ 957.582574][ T40] audit: type=1326 audit(2000000713.847:7416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2842 comm="syz.2.28519" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88f6c code=0x7ffc0000 [ 957.590001][ T40] audit: type=1326 audit(2000000713.847:7417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2842 comm="syz.2.28519" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7185b6b code=0x7ffc0000 [ 957.597308][ T40] audit: type=1326 audit(2000000713.847:7418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2842 comm="syz.2.28519" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7185b6b code=0x7ffc0000 [ 957.604193][ T40] audit: type=1326 audit(2000000713.847:7419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2842 comm="syz.2.28519" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7185b6b code=0x7ffc0000 [ 957.611329][ T40] audit: type=1326 audit(2000000713.847:7420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2842 comm="syz.2.28519" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7185b6b code=0x7ffc0000 [ 957.618886][ T40] audit: type=1326 audit(2000000713.847:7421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2842 comm="syz.2.28519" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7185b6b code=0x7ffc0000 [ 957.722925][ C3] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 957.872444][ C3] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 958.022055][ C3] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 958.182338][ C3] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 958.331925][ C3] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 958.354708][ T2849] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.28521'. [ 958.503383][ T2853] netlink: 'syz.0.28523': attribute type 1 has an invalid length. [ 958.516856][T13050] tipc: Node number set to 2886997162 [ 958.607458][ T50] usb 5-1: USB disconnect, device number 26 [ 958.641892][ C3] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 958.705035][ T2873] netlink: 8 bytes leftover after parsing attributes in process `syz.7.28529'. [ 958.930349][ C3] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 959.497072][ C3] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 959.541129][ T2924] erspan0: entered promiscuous mode [ 959.544759][ T2924] netlink: 8 bytes leftover after parsing attributes in process `syz.0.28547'. [ 959.551068][ T2928] netlink: 4 bytes leftover after parsing attributes in process `syz.3.28549'. [ 960.062944][T18687] usb 5-1: new full-speed USB device number 27 using dummy_hcd [ 960.235985][T18687] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 960.239142][T18687] usb 5-1: config 0 has no interface number 0 [ 960.241044][T18687] usb 5-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F [ 960.248961][T18687] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 960.252916][T18687] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 960.258907][T18687] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 960.261648][T18687] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 960.264375][T18687] usb 5-1: Product: syz [ 960.266300][T18687] usb 5-1: SerialNumber: syz [ 960.270399][T18687] usb 5-1: config 0 descriptor?? [ 960.273711][T18687] cm109 5-1:0.8: invalid payload size 0, expected 4 [ 960.278693][T18687] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.8/input/input108 [ 960.494241][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 960.725767][ T842] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 960.725812][ T842] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 960.725925][ C3] ------------[ cut here ]------------ [ 960.733626][ C3] workqueue: cannot queue hci_cmd_timeout on wq hci0 [ 960.733651][ C3] WARNING: kernel/workqueue.c:2270 at __queue_work+0xd08/0x1150, CPU#3: kswapd1/109 [ 960.733674][ C3] Modules linked in: [ 960.741106][ C3] CPU: 3 UID: 0 PID: 109 Comm: kswapd1 Tainted: G L syzkaller #0 PREEMPT(full) [ 960.744411][ C3] Tainted: [L]=SOFTLOCKUP [ 960.745762][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 960.748866][ C3] RIP: 0010:__queue_work+0xd0c/0x1150 [ 960.750589][ C3] Code: 00 00 00 fc ff df 49 8d 94 24 78 01 00 00 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 04 04 00 00 48 8d 3d 28 36 0d 0f 48 8b 75 18 <67> 48 0f b9 3a e9 2a f7 ff ff e8 45 a7 38 00 90 0f 0b 90 e9 b2 f5 [ 960.756488][ C3] RSP: 0018:ffffc900005e8c00 EFLAGS: 00010046 [ 960.758372][ C3] RAX: dffffc0000000000 RBX: 0000000000000100 RCX: 1ffff1100d039151 [ 960.760840][ C3] RDX: ffff888078195178 RSI: ffffffff8a808280 RDI: ffffffff90dc89d0 [ 960.763258][ C3] RBP: ffff8880681c8a70 R08: 0000000000000005 R09: 0000000000000000 [ 960.765645][ C3] R10: 0000000000000100 R11: 0000000000000000 R12: ffff888078195000 [ 960.768084][ C3] R13: 1ffff920000bd192 R14: ffffffff81cf64c0 R15: 0000000000000001 [ 960.770506][ C3] FS: 0000000000000000(0000) GS:ffff888097451000(0000) knlGS:0000000000000000 [ 960.775355][ C3] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 960.775369][ C3] CR2: 00000000f7fc55b8 CR3: 000000000e598000 CR4: 0000000000352ef0 [ 960.775377][ C3] DR0: 0000000000000007 DR1: 0000000000000005 DR2: 0000000000000006 [ 960.775384][ C3] DR3: 0000000000007fff DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 960.775392][ C3] Call Trace: [ 960.775396][ C3] [ 960.775406][ C3] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 960.775428][ C3] call_timer_fn+0x19a/0x670 [ 960.775441][ C3] ? __pfx_call_timer_fn+0x10/0x10 [ 960.775451][ C3] ? debug_object_activate+0x331/0x490 [ 960.775469][ C3] ? __run_timers+0x560/0xb30 [ 960.775480][ C3] ? __run_timers+0x560/0xb30 [ 960.775494][ C3] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 960.775515][ C3] __run_timers+0x570/0xb30 [ 960.775530][ C3] ? __pfx___run_timers+0x10/0x10 [ 960.775547][ C3] ? _raw_spin_lock_irq+0x45/0x50 [ 960.775569][ C3] run_timer_base+0x114/0x190 [ 960.775580][ C3] ? __pfx_run_timer_base+0x10/0x10 [ 960.775594][ C3] run_timer_softirq+0x1a/0x50 [ 960.775606][ C3] handle_softirqs+0x1eb/0x9e0 [ 960.775620][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 960.775631][ C3] ? irqtime_account_irq+0x176/0x2d0 [ 960.775645][ C3] ? scomp_acomp_comp_decomp+0x741/0xc40 [ 960.775658][ C3] do_softirq+0xac/0xe0 [ 960.775669][ C3] [ 960.775673][ C3] [ 960.775678][ C3] __local_bh_enable_ip+0xf8/0x120 [ 960.775690][ C3] scomp_acomp_comp_decomp+0x741/0xc40 [ 960.775704][ C3] ? find_held_lock+0x2b/0x80 [ 960.775722][ C3] ? __pfx_scomp_acomp_comp_decomp+0x10/0x10 [ 960.775738][ C3] crypto_acomp_compress+0x14c/0x520 [ 960.775758][ C3] zswap_store+0xeda/0x29d0 [ 960.775771][ C3] ? print_kernel_ident+0x11/0x40 [ 960.775794][ C3] ? __pfx_zswap_store+0x10/0x10 [ 960.775807][ C3] ? do_raw_spin_lock+0x128/0x260 [ 960.832198][ C3] ? find_held_lock+0x2b/0x80 [ 960.832224][ C3] ? folio_free_swap+0x3d9/0xb50 [ 960.832246][ C3] ? _raw_spin_unlock+0x28/0x50 [ 960.832266][ C3] ? folio_free_swap+0x39/0xb50 [ 960.832283][ C3] ? rcu_is_watching+0x12/0xc0 [ 960.832302][ C3] swap_writeout+0x49d/0x12b0 [ 960.832317][ C3] ? _raw_spin_unlock_irq+0x23/0x50 [ 960.832337][ C3] shmem_writeout+0xf12/0x1a00 [ 960.832356][ C3] ? __pfx_shmem_writeout+0x10/0x10 [ 960.832374][ C3] ? inode_to_bdi+0x9e/0x160 [ 960.832391][ C3] ? folio_clear_dirty_for_io+0x178/0x820 [ 960.832412][ C3] shrink_folio_list+0x3af8/0x6000 [ 960.832433][ C3] ? __pfx_shrink_folio_list+0x10/0x10 [ 960.832447][ C3] ? trace_mm_vmscan_lru_isolate+0x87/0x250 [ 960.832468][ C3] ? isolate_folios+0x1929/0x39c0 [ 960.832480][ C3] ? isolate_folios+0x19ce/0x39c0 [ 960.832516][ C3] ? mark_held_locks+0x40/0x70 [ 960.832532][ C3] evict_folios+0x7fa/0x1e90 [ 960.832552][ C3] ? __mod_zone_page_state+0xe2/0x190 [ 960.832566][ C3] ? __pfx_evict_folios+0x10/0x10 [ 960.832580][ C3] ? lru_gen_add_folio+0x20f/0x13e0 [ 960.832603][ C3] ? __pfx___might_resched+0x10/0x10 [ 960.832618][ C3] ? mem_cgroup_get_nr_swap_pages+0x20/0x120 [ 960.832635][ C3] try_to_shrink_lruvec+0x57e/0x990 [ 960.832655][ C3] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 960.832674][ C3] shrink_one+0x307/0x7f0 [ 960.832689][ C3] ? shrink_node+0x2682/0x3e20 [ 960.832705][ C3] shrink_node+0x26a2/0x3e20 [ 960.832724][ C3] ? shrink_node+0x23a9/0x3e20 [ 960.832742][ C3] ? __pfx_shrink_node+0x10/0x10 [ 960.832758][ C3] ? find_held_lock+0x2b/0x80 [ 960.832782][ C3] ? balance_pgdat+0xbb7/0x1ca0 [ 960.832796][ C3] balance_pgdat+0xbb7/0x1ca0 [ 960.832815][ C3] ? find_held_lock+0x2b/0x80 [ 960.832835][ C3] ? __pfx_balance_pgdat+0x10/0x10 [ 960.832850][ C3] ? lockdep_hardirqs_on+0x78/0x100 [ 960.832863][ C3] ? debug_object_free+0x295/0x550 [ 960.832881][ C3] ? __lock_acquire+0x4a5/0x2630 [ 960.832901][ C3] ? find_held_lock+0x2b/0x80 [ 960.832919][ C3] ? cgroup1_freezing+0x12c/0x3b0 [ 960.832935][ C3] ? cgroup1_freezing+0x12c/0x3b0 [ 960.896957][ C3] ? cgroup1_freezing+0x136/0x3b0 [ 960.896981][ C3] ? freezing_slow_path+0xb5/0x1a0 [ 960.897000][ C3] kswapd+0x556/0xba0 [ 960.897019][ C3] ? __pfx_kswapd+0x10/0x10 [ 960.897034][ C3] ? rcu_is_cpu_rrupt_from_idle+0x1b0/0x270 [ 960.897053][ C3] ? __pfx_autoremove_wake_function+0x10/0x10 [ 960.897067][ C3] ? __kthread_parkme+0x18c/0x230 [ 960.897081][ C3] ? kthread+0x13a/0x450 [ 960.897094][ C3] ? __pfx_kswapd+0x10/0x10 [ 960.897109][ C3] kthread+0x370/0x450 [ 960.897123][ C3] ? __pfx_kthread+0x10/0x10 [ 960.913872][ C3] ret_from_fork+0x754/0xd80 [ 960.913896][ C3] ? __pfx_ret_from_fork+0x10/0x10 [ 960.913914][ C3] ? __switch_to+0x7b4/0x1120 [ 960.913926][ C3] ? __pfx_kthread+0x10/0x10 [ 960.913941][ C3] ret_from_fork_asm+0x1a/0x30 [ 960.913963][ C3] [ 960.913972][ C3] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 960.913983][ C3] CPU: 3 UID: 0 PID: 109 Comm: kswapd1 Tainted: G L syzkaller #0 PREEMPT(full) [ 960.913999][ C3] Tainted: [L]=SOFTLOCKUP [ 960.914003][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 960.914011][ C3] Call Trace: [ 960.914016][ C3] [ 960.914021][ C3] dump_stack_lvl+0x100/0x190 [ 960.914037][ C3] vpanic+0x552/0x970 [ 960.914049][ C3] ? __pfx_vpanic+0x10/0x10 [ 960.914065][ C3] panic+0xd1/0xe0 [ 960.914076][ C3] ? __pfx_panic+0x10/0x10 [ 960.914091][ C3] ? check_panic_on_warn+0x1f/0x90 [ 960.914108][ C3] check_panic_on_warn.cold+0x19/0x34 [ 960.914120][ C3] ? __queue_work+0xd08/0x1150 [ 960.914136][ C3] __warn.cold+0x191/0x348 [ 960.914149][ C3] __report_bug+0x296/0x3d0 [ 960.914160][ C3] ? __queue_work+0xd08/0x1150 [ 960.914176][ C3] ? __pfx___report_bug+0x10/0x10 [ 960.914188][ C3] ? __pfx_hci_cmd_timeout+0x10/0x10 [ 960.914208][ C3] ? hrtimer_start_range_ns+0x3f9/0xfd0 [ 960.914224][ C3] ? look_up_lock_class+0x64/0x120 [ 960.914240][ C3] report_bug_entry+0xe1/0x290 [ 960.914251][ C3] ? __queue_work+0xd0c/0x1150 [ 960.914266][ C3] handle_bug+0x1c9/0x2a0 [ 960.914280][ C3] exc_invalid_op+0x17/0x50 [ 960.914295][ C3] asm_exc_invalid_op+0x1a/0x20 [ 960.914307][ C3] RIP: 0010:__queue_work+0xd0c/0x1150 [ 960.914324][ C3] Code: 00 00 00 fc ff df 49 8d 94 24 78 01 00 00 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 04 04 00 00 48 8d 3d 28 36 0d 0f 48 8b 75 18 <67> 48 0f b9 3a e9 2a f7 ff ff e8 45 a7 38 00 90 0f 0b 90 e9 b2 f5 [ 960.914335][ C3] RSP: 0018:ffffc900005e8c00 EFLAGS: 00010046 [ 960.914346][ C3] RAX: dffffc0000000000 RBX: 0000000000000100 RCX: 1ffff1100d039151 [ 960.914353][ C3] RDX: ffff888078195178 RSI: ffffffff8a808280 RDI: ffffffff90dc89d0 [ 960.914361][ C3] RBP: ffff8880681c8a70 R08: 0000000000000005 R09: 0000000000000000 [ 960.914368][ C3] R10: 0000000000000100 R11: 0000000000000000 R12: ffff888078195000 [ 960.914375][ C3] R13: 1ffff920000bd192 R14: ffffffff81cf64c0 R15: 0000000000000001 [ 960.914383][ C3] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 960.914403][ C3] ? __pfx_hci_cmd_timeout+0x10/0x10 [ 960.914426][ C3] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 960.914443][ C3] call_timer_fn+0x19a/0x670 [ 960.914454][ C3] ? __pfx_call_timer_fn+0x10/0x10 [ 960.914487][ C3] ? debug_object_activate+0x331/0x490 [ 960.914515][ C3] ? __run_timers+0x560/0xb30 [ 960.914528][ C3] ? __run_timers+0x560/0xb30 [ 960.914542][ C3] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 960.914559][ C3] __run_timers+0x570/0xb30 [ 960.914575][ C3] ? __pfx___run_timers+0x10/0x10 [ 960.914592][ C3] ? _raw_spin_lock_irq+0x45/0x50 [ 960.914612][ C3] run_timer_base+0x114/0x190 [ 960.914624][ C3] ? __pfx_run_timer_base+0x10/0x10 [ 960.914638][ C3] run_timer_softirq+0x1a/0x50 [ 960.914650][ C3] handle_softirqs+0x1eb/0x9e0 [ 960.914664][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 960.914675][ C3] ? irqtime_account_irq+0x176/0x2d0 [ 960.914690][ C3] ? scomp_acomp_comp_decomp+0x741/0xc40 [ 960.914702][ C3] do_softirq+0xac/0xe0 [ 960.914713][ C3] [ 960.914718][ C3] [ 960.914722][ C3] __local_bh_enable_ip+0xf8/0x120 [ 960.914734][ C3] scomp_acomp_comp_decomp+0x741/0xc40 [ 960.914747][ C3] ? find_held_lock+0x2b/0x80 [ 960.914766][ C3] ? __pfx_scomp_acomp_comp_decomp+0x10/0x10 [ 960.914782][ C3] crypto_acomp_compress+0x14c/0x520 [ 960.914802][ C3] zswap_store+0xeda/0x29d0 [ 960.914816][ C3] ? print_kernel_ident+0x11/0x40 [ 960.914839][ C3] ? __pfx_zswap_store+0x10/0x10 [ 960.914851][ C3] ? do_raw_spin_lock+0x128/0x260 [ 960.914867][ C3] ? find_held_lock+0x2b/0x80 [ 960.914885][ C3] ? folio_free_swap+0x3d9/0xb50 [ 960.914906][ C3] ? _raw_spin_unlock+0x28/0x50 [ 960.914924][ C3] ? folio_free_swap+0x39/0xb50 [ 960.914941][ C3] ? rcu_is_watching+0x12/0xc0 [ 960.914961][ C3] swap_writeout+0x49d/0x12b0 [ 960.914975][ C3] ? _raw_spin_unlock_irq+0x23/0x50 [ 960.914995][ C3] shmem_writeout+0xf12/0x1a00 [ 960.915014][ C3] ? __pfx_shmem_writeout+0x10/0x10 [ 960.915032][ C3] ? inode_to_bdi+0x9e/0x160 [ 960.915050][ C3] ? folio_clear_dirty_for_io+0x178/0x820 [ 960.915071][ C3] shrink_folio_list+0x3af8/0x6000 [ 960.915092][ C3] ? __pfx_shrink_folio_list+0x10/0x10 [ 960.915106][ C3] ? trace_mm_vmscan_lru_isolate+0x87/0x250 [ 960.915128][ C3] ? isolate_folios+0x1929/0x39c0 [ 960.915141][ C3] ? isolate_folios+0x19ce/0x39c0 [ 960.915173][ C3] ? mark_held_locks+0x40/0x70 [ 960.915188][ C3] evict_folios+0x7fa/0x1e90 [ 960.915209][ C3] ? __mod_zone_page_state+0xe2/0x190 [ 960.915223][ C3] ? __pfx_evict_folios+0x10/0x10 [ 960.915237][ C3] ? lru_gen_add_folio+0x20f/0x13e0 [ 960.915260][ C3] ? __pfx___might_resched+0x10/0x10 [ 960.915276][ C3] ? mem_cgroup_get_nr_swap_pages+0x20/0x120 [ 960.915293][ C3] try_to_shrink_lruvec+0x57e/0x990 [ 960.915313][ C3] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 960.915332][ C3] shrink_one+0x307/0x7f0 [ 960.915347][ C3] ? shrink_node+0x2682/0x3e20 [ 960.915363][ C3] shrink_node+0x26a2/0x3e20 [ 960.915383][ C3] ? shrink_node+0x23a9/0x3e20 [ 960.915401][ C3] ? __pfx_shrink_node+0x10/0x10 [ 960.915417][ C3] ? find_held_lock+0x2b/0x80 [ 960.915442][ C3] ? balance_pgdat+0xbb7/0x1ca0 [ 960.915457][ C3] balance_pgdat+0xbb7/0x1ca0 [ 960.915475][ C3] ? find_held_lock+0x2b/0x80 [ 960.915495][ C3] ? __pfx_balance_pgdat+0x10/0x10 [ 960.915515][ C3] ? lockdep_hardirqs_on+0x78/0x100 [ 960.915529][ C3] ? debug_object_free+0x295/0x550 [ 960.915546][ C3] ? __lock_acquire+0x4a5/0x2630 [ 960.915566][ C3] ? find_held_lock+0x2b/0x80 [ 960.915584][ C3] ? cgroup1_freezing+0x12c/0x3b0 [ 960.915600][ C3] ? cgroup1_freezing+0x12c/0x3b0 [ 960.915621][ C3] ? cgroup1_freezing+0x136/0x3b0 [ 960.915639][ C3] ? freezing_slow_path+0xb5/0x1a0 [ 960.915658][ C3] kswapd+0x556/0xba0 [ 960.915677][ C3] ? __pfx_kswapd+0x10/0x10 [ 960.915692][ C3] ? rcu_is_cpu_rrupt_from_idle+0x1b0/0x270 [ 960.915710][ C3] ? __pfx_autoremove_wake_function+0x10/0x10 [ 960.915725][ C3] ? __kthread_parkme+0x18c/0x230 [ 960.915739][ C3] ? kthread+0x13a/0x450 [ 960.915752][ C3] ? __pfx_kswapd+0x10/0x10 [ 960.915768][ C3] kthread+0x370/0x450 [ 960.915781][ C3] ? __pfx_kthread+0x10/0x10 [ 960.915796][ C3] ret_from_fork+0x754/0xd80 [ 960.915814][ C3] ? __pfx_ret_from_fork+0x10/0x10 [ 960.915831][ C3] ? __switch_to+0x7b4/0x1120 [ 960.915843][ C3] ? __pfx_kthread+0x10/0x10 [ 960.915859][ C3] ret_from_fork_asm+0x1a/0x30 [ 960.915877][ C3] [ 960.916911][ C3] Kernel Offset: disabled