last executing test programs: 5.700709881s ago: executing program 2 (id=2776): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r1, 0x84, 0x80, &(0x7f0000000000)="0000040001000000", 0x8) 5.526091151s ago: executing program 3 (id=2651): keyctl$set_reqkey_keyring(0xe, 0x2) pipe2(&(0x7f00000001c0), 0x5000) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8bd, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') preadv(r1, &(0x7f0000000d00)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1, 0x4, 0x200) 4.768457726s ago: executing program 3 (id=2781): bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x12, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x66, '\x00', 0x0, @cgroup_sock_addr=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc84, @void, @value}, 0x94) 4.721959733s ago: executing program 2 (id=2782): r0 = socket(0x15, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x2721, 0x0, 0x0) 4.653408434s ago: executing program 3 (id=2787): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x110, 0x4) sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800) recvfrom(r0, &(0x7f0000000200)=""/131, 0xf92e58a67d38802c, 0x2101, 0x0, 0x0) 4.628163753s ago: executing program 2 (id=2788): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000000)={0x6, 0x0, 0x6, 0x691}, 0x10) sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000001400)={0x0, 0x0, 0x7a}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x6, 0x9}, 0x8) 4.549713036s ago: executing program 2 (id=2792): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)={0x24, 0x1, 0x1, 0x201, 0x0, 0x0, {0x0, 0x0, 0x7}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x2}, @CTA_MARK_MASK={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004800}, 0x40000) recvfrom(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10021, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000017c0)}}], 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="ebffffff0000000800000000000000000000f2533be62e1b"], &(0x7f0000001740)=0x2c) 4.535994437s ago: executing program 3 (id=2793): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = socket$igmp(0x2, 0x3, 0x2) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz1\x00', 0x1ff) socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$swradio(&(0x7f0000000140), 0x0, 0x2) ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000000)={0xf0f040, 0x20}) setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000003d40), 0x4) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) ioctl$TUNDETACHFILTER(r3, 0x401054d6, 0x0) setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, 0x0, 0x0) 3.543243009s ago: executing program 2 (id=2800): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000340)='gL', 0x2}], 0x1}}], 0x1, 0x2000c000) socket(0x2b, 0x6, 0x791) 3.469745795s ago: executing program 2 (id=2802): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x48541, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00'}) r3 = gettid() timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000000380)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) pipe2(&(0x7f0000001440)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r5, 0x0, r4, 0x0, 0x3, 0x0) 2.488322541s ago: executing program 1 (id=2806): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0) 2.337131143s ago: executing program 0 (id=2808): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000140)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000000)={0x48, 0x2, r2}) 2.21002511s ago: executing program 1 (id=2809): mkdirat(0xffffffffffffffff, 0x0, 0x99) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = fsopen(&(0x7f0000000100)='bpf\x00', 0x0) fsmount(r0, 0x1, 0x1) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r3, &(0x7f0000000280)={&(0x7f0000000040), 0x10, 0x0}, 0x0) 2.17474552s ago: executing program 0 (id=2810): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000800)=ANY=[@ANYBLOB="84010000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088058010c8054000b8008000900"], 0x184}}, 0x0) 2.167009168s ago: executing program 4 (id=2811): r0 = socket$kcm(0xa, 0x2, 0x3a) r1 = socket$kcm(0x11, 0xa, 0x300) recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r0, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000780)="80005b020eaa4da2", 0xfdef}], 0x1, 0x0, 0x0, 0x900}, 0x0) 2.013051537s ago: executing program 0 (id=2812): bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x12, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x66, '\x00', 0x0, @cgroup_sock_addr=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc84, @void, @value}, 0x94) 1.972573551s ago: executing program 0 (id=2813): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0xffffffffffffff32, &(0x7f0000000240)={&(0x7f0000000300)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x4000050) 1.881398464s ago: executing program 4 (id=2814): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000037000000", @ANYRES32=r1, @ANYBLOB="08002600901500070800570080"], 0x2c}}, 0x80) 1.788648309s ago: executing program 4 (id=2815): keyctl$set_reqkey_keyring(0xe, 0x2) pipe2(&(0x7f00000001c0), 0x5000) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000d00)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1, 0x4, 0x200) 1.655015936s ago: executing program 4 (id=2816): r0 = socket$kcm(0x2, 0x5, 0x84) sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='S', 0x1}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r1, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002ec0)=[{&(0x7f0000000cc0)=""/4096, 0x1000}, {&(0x7f0000001ec0)=""/4096, 0x1000}], 0x2}, 0x10000) 1.389742891s ago: executing program 3 (id=2817): r0 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0) r5 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20854}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x10) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff, 0x4}, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001440)=ANY=[@ANYBLOB="140100002e00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010000000000000000000600ffffac14141650bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae640b1086cda40e00aec58754734be31d750351dc076eb43d9828149d6cb0c729c193838da5d02621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be820400e900e61d81503d3b557f0ec28da23c"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) r7 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCFLSH(r7, 0x5608, 0x1) write$UHID_INPUT(r1, &(0x7f0000000400)={0x8, {"940de312c9be105c33394390ce360adcb8443d1ca2464ad29fe46c8717a823e29b12011e867516a9c1b63394e6b4922549ac2f98b0bafc013757371b5762e5b03b4c8cfcc5d34368b21917740955f80e80fa98a68cb052b102c03e72a4c6702778dfcc5bb74ce23d914f8b143bd94d7382a385be93f61eef509d6cbffa81afee0e3524b8b768a0ef0ae00ad2a23728722436d1c150b512b6c642cb2eeaecb085719014332015474a4ddf7098bb5ac398c0ce256e4dcfd4613dbe9a34b96439546a28db9ce97b344b6c97289b3854e127b4f533f56439a74fcffc41dfeffc5d7a99c01a0fedfd937af595c05a942216581f8efd1ffa1c23c6f08d6987be16bb52420c80bda5da46987fbf7209487defe0374226a526d3588660192d921bfe407f1d1833f390dd8b41b30c53b4deba5a086c516d9bc8ca572d8f0f875303c85bd16570e89f74d7c4ef547a07dd62f334fee76e2e0ca31cca1ad0528d7448ceecd4c9785c302a40bc114335dea8775958a3beff8eeb31afcb9a2c7561980f8554220769e5e90fdfb2f5a905518ef1667a91e2dd474383e4312ea219fe65d421006734fe04661f75e69ae825120b33fb74293e3b83e7f7f563b475cd6e08fd6878ee424fa141d3aee86d952c212c2e7730796510a463a8da486852b23a1d62b714a11301499029d9efb715a11b64f24cd2660c9a47573ce4dd042e333e433ee28b2bce545cf067040193057de290965c1d547fed137e5eb22f5c0a06ad4de6b78204bf053f37c5d96b8053ea445b640360da8fce3391514dc3d1f4e4b35047138cd8c2717bcba278a4f8c27bac01b469ee3fd04004f58287a18307b0ad4120f2c26b08c3267249bfbe1064a3f171e0cfe595f7ab146f3148c73228edf694dc0c400c36e3493b1aca5f85972dadb8d02bddb607b7a431750ca4863812b8020000000000000042db2971e280541cbfa446c6c6d85b77e3327a2d327c25b7619647374e76b1be266cb68959d2651d0c7438cb1b53982191858c66500d8536013701194a9f02dd77216f932e07a4c4b4558b2a38d7e5c39a453c8fb5fae0d00550a2d143f721cd676d842f2ae39ecbf99e027b4cf9f3c2a9bf3b663e51a0b29cf4cfb0877d5b89fdfa93fd9bf33392e6a2c8df36f9f2faa3716d293b7d94c93458c17df99aaadd218fe4c7b967b43f48725e6bac67bf9176e8c63f94862b036b1870bc314b51fea9d0c92020427abaf5be10d3faad2f684d46a2461f2a92350d6f204f03ad2a9fa54cbd8a7a3e7ba2d54f3615ac5ea47f120572f8ef941e81b0812bfc4227ef5719093afbf90040ef1a5eda64563eb7fd015ea54342340ec8648d911a8f3f358ca124ef8c70685bce2fbaeeebf54d059cefd53751b5cf33fe2d92c9df6a63821b6db5188210565e132768b192fb27e745605c529e3648060a98d656f35e36dc4be3102bd678db0ceb0301c5cb0f7f7a08c55cd038a5f751a7c96116f0bd9c9a349558a7a8fc6a73cce1132549169822bf32d742fc4f4e2e50f59eb669f2384282247c60253edc98f9bc802a288a94e1011a066ce9f6eca5f87d2afd893900c3aff87be959451269bc9ac735c43c1e5ecf5d5bff262a27f0c8a1ad401492ffec662e27b12399096fee9910d0fadfd1e1bcf1f20f8f7e5ff1cce9e8db0fd71dda6f228aa96bba6b4120361a6f6acc832be5daa1aabd03a9ae810f0d21466c1a652a47c11db6a8e52580a8347326113b54a4beeaeb21b45e5ef0aa3cfbfb22d99640b7b935bce8e37cebce586f7fe72208b491795a9fbb220ec9b98dd7811ced86292189ce351e8a64c6afde9c1dccbaaebf7e5e3d5e529e926e814b381342c13ea0757ce52a0b0a155d1c85c4108deffa719a22bef7b681a17504e22d6fe9197699e0a16a7104f412e3a681c8ee41d8fbddc8610c161f1fad9e4a5e526e20ac61496e9f3596cc94b79e9680a64a832dc26d6e33e127abe5c405b16978bc4297a85ccaf1599b195db9d66b698c770d84fa90d89b51eca02ed3a3465b8eca9589af034bd6b9c8f6329e393e4753887696ae5158e8ca3ef2e66fac38a6d6a1b61e81d5b6a3c1cb007d64a33f1fe01cf39b82b270e9083ce13b1a32f0c98376d43cdbf9f17b74655f3000343fe051a75ac658a84629b1245107652d6dfa54b1a7d77922becb74539ffb11292794f12ebfd3ea8888c7cd10692d52c85340f92c5d01464fe36deaaec6ad6cc22870372d61485e2d76accd9bf93e0842efe5652e73100a6627b3a4ce4d1594c8ddb5742897d05fd6f6333fa1b90afeaab9fc7426251d24deeef43784f12c0bb09f102962ee9ab427a53fd8da8e1e3c8000ac7164e61d6258c515dcdd911fb1a519d7b38e556457da330ceda8e948aeaf7421d37faf50071f0d38c08fc938278f247084195e778ac90ab7bfafb59c2a1c643cd18d883a46a6cc41410f505ba209746d6b12c015eddf31b6c9ebf2f04605518033721cdf02b1da210ca1465129b443c0c46247b5f8cceb000af2c551fcea1c1bef29c5859e95bcf0956b9092279b47dc652134d2bc54c3688978fd4d7c203749da5e4824fe314aa57e76f58fadfafcc7660b68b1a6043acf8f9f0c259d16fe236b5906f88816e7ab69b67f762ad79a5f654c507cc49be181525ff05cde4d56b53790151efa8060c4685e2b1dd0ad89551a41e0d3dda33c2b528922849a8dfcd7246c242c3b2aa38a69e3e5a37c5806c4bcff53e08ffc7a830d925e3394b688ffffffffcbfe387c9e7df19cfb2b54303c101557aa2ed080194fe0af76d672ed77dfa4c5c0c0f9693f4e8c446d3bc19c0a8654bb4ba8b4daae69edf414615473ec2aadaa6871b7d08a51e349acc7b16fddf741f71670da4c2b0eadcf19f46f0fd18b59ecf7b943a2a5c90125638a3b3270a366c074868e62fe2e8751ff3e60411d7e1b3fb6a873f7843489f661f1bc401765cdfacbd76e1b52e15fb10fc19dc4803d3a4743ab977fae35eed00d59ddf64fcbc61f5fa0cf4098d0babde4a397d2ef100c23ca9f836656d5f25b018606e148e3f66400a682472ed5d28b7de624ed838277432623c11027da18378e46c3fd340585b4835ab1d771266322eee56c3e6bf3300f5d48b6b01f515ba7f3fb726cfc6fdf6c07a2f46bbc3f36fc9ba6e551a46335337c881cc4a73e79e76638411adcaa81ee3b6d0e6e6c721da36dcab68bfb0ca6ba7b2c267b80120143a5c4be333b2cf85b3bd2425ca691ff367d130dbbd8e5f6a833e093eae9d176c1c3fb61557f9e5080ee7703fe2ca1061b52d0a40d7ee2f408b3ceac303e302d96d929c17026793c66423d748a81adfd7cb29027f327b0dac4055e88e385f0400f97988aa1fa40cdf776f9f07991fb55d9d4bf62ebefced240d821bd4fbba62c1b62320228c6a4ca613878e3eb538eea28e92b5d909fc7e63ed5a544e7698d0b7d3d99415d4028a5da4cc67fcba3b744acd4f92938027f42b785405228a38d85fd678703b9d41a6a54cd48303a6be64408101fc5471641c1c5a747244da684fef97aa48bf1a225007f26d9f4002a0dc14d01191ef1d749ea2ea05c42c173c3244c1039c04341b0cf37574d8b78e357b451bfcfb79762ed6a4fbc689690bf37afaa92702a0349ed9aecd9111df9fd57b97749bbf5003991029344497c9ff85adaa7a2e566647ba5bad341eed62034b581981dd7c9de9fd4c241a54ad4d6e9e1cf7ca984b13c628cc65eca0829e69d4d390581e43cd2ed5c56608b45c109f35350fb875316e71f79c433319462d4b589a1f7f2d14d43092655da23d63c63298ed62dd481ab0bc58e97f397b39c94b32fad6a1e0cd9da2dfbe6897ee4986fdbafdb0e4b575f800df5da43cf318ea7a5e83a0136b3bde3296b2bd230ed212f79500c6a4458522c3881532b7bfd170647ee65931760f35a1c1f95b8c93e4233f0de2a13c83f31522f2bee05a57c8378ac6bdd3c9e30dc188b30dadb936f35a3fa247732ebae6a8d762992f8a96c1d26981bda157f2b676ac9d61bb786ac8c349da94dbf75a21b786cdceb47a92597b6d2b22f7dc1187cdb4681ce9bebd69977bab9eabf2a68c1d3b3463d6c7f1392e12a17deb97f2ce5c9ef4021d3b4e0df6b3f4b693e136e3931837e91617cd85846f3019a74d2d65f36369e73a461753631d72f9e2834c446ae7e173d6b1935adc0ce65eb0eac830d442a0344f2cbaedf8d48cb0a6959d07f208fbb2dae434f4fdf35b265fbdbde4138b455b7941096d55808de601ddd8a41a70b12968862d0b4086d4ff55152aee65eaa761a9588bb25bce193b4e55ebb183807f118bff0ccbd85ea761e7c3b6cccb64f97b3f1bf7a96eecc7ab40e770a1620209b50ba23aab0f769a16c9b8092326987f0cd1de94b911ea6bef5cf15a93829b7cbf03aa85ef577633e058f81e9653fc47d15ab8bead567ed2affbbf5a470302c065086324dc304c777228050ea9f717e45b6676fc9002ccd0428fcb27d839e4139fb17d4ee72e2fe8394e5de0cc814d92663f8c5f87e131a34ef7094078be0cf54763c82004af9727c7972ff1ea6162b279beea87bc2741e996d14f549d0474aabe780c5b80a35eed311cb734c23d01c160e439662c813126747c7d09068e32fa72605d71abc2a332cb59d81071818d5e0944194285f4cfc050392e505dd93c8c882f46fb6b70b4660784d543a6bf34653487840fdc298c8280241174805bf3cf38083224d213cd6076beac135ed3f010000800000000047750cb0f4d2be6beada1c481a0152d80c0b520d2f090455494c83ba78eb91e6558d52ceceb23c956bb382bb280e6382d2cb679eecd2bcfb6107e2e4f568f1be293eaa0d2ebb77169b103d5fe74d745cf082c36022108b4c430a87fa8535f1c56d0c1d5dae50c549b1b08911e2d2619eef61131c7804b35c3ca4dac1f2595c68941b013b5ded8bfd52ed41da13c0886b7f9c61a5244a815711253aad7ea74eae788b1beea9bc15addb199d2fc79e81a34b887a0e4b935ad154e961c8b6972f124cae7742e82db1e714af15f34908960dbb4ea24e44ffd750c9d11dd45bfaae73028bc88fddf74b2d24de205980ba14f4889119f8a6291b3724497503ddf95222d5d050414e487a3dc65e5eda3169e10570a50440be346cc1f1b0c848410b46610c738636707c5d740a8e3a9b688c2c1ea54135bffd2ffd87d9dfa902f3dd97b2a6078fa65f5a5f95da2b9f6124fe07682e27ab65ab96573e762f5060439e18649798e0b9d7864f91dbc4f4ed3a4ab30671f8f7f3c49c7ac504a755f9420fd9b22421afd7203f7cd6dd8c8e7a33709e12d004e402672af2b3f9046bc57854f98482538ad48723cd153cf03103c157cdb1a63e839a02c3f0041d7020280f96f3f7e0ce89c408be10d344540808dee1bfcb01f5293ab606c71ffc09f9e63b93b37e8d8007ad8432d2e81c3d1d40a57711bdb798ee91a3f05f93f4f46f883db0613bf95fabd523d955d0d4a5518e1bb3dae7646af8af8d4a4d7dcfac633c6efa3164f9e05bbb4b05947ac0e6c4edd99a768eda4c7149cf38a460b522d6405aa47fada1c78f56fbd33669719b1496427f290532334b69d0a7cf6c46cefe5ecd0fd923b14929fd3db8a1a94ba63954b58ceb9b1e0f8471a02c13a160aa763083a5fd36c199075a769768e164f17911f5a416bb96198aa0954a7d27e30c480691ce80dc71a49100", 0x1000}}, 0x1006) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab780ef39fa3910d96072000001ea800000000fdffffff0000faffffffffffffff00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac000000000000000000000000001700", "90be8bf4bd00000000000000000000000000001000", [0x4]}}) 1.238595036s ago: executing program 1 (id=2818): r0 = socket(0x2, 0x80805, 0x0) listen(r0, 0xfffffffa) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x30}], 0x1, 0x0) 999.648374ms ago: executing program 0 (id=2819): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0) 471.790542ms ago: executing program 4 (id=2820): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000140)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000000)={0x48, 0x2, r2}) 463.805037ms ago: executing program 1 (id=2821): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000000000000000800090001"], 0x44}}, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, 0x0, 0x0) 442.628949ms ago: executing program 3 (id=2822): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x4c}}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3, 0x1c) syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), 0xffffffffffffffff) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000100000022bf000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r3, 0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xffffd6c0, r4}, 0x38) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=@newlink={0x54, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x24, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_SNOOPING={0x5}, @IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x1}, @IFLA_BR_NF_CALL_IPTABLES={0x5}, @IFLA_BR_MCAST_ROUTER={0x5}]}}}]}, 0x54}}, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYBLOB="5c00000000010104000000000000000002000000240002801400018008000100e000000108000200e00000010c0002800500010000000000080008400000000014000580080001"], 0x5c}}, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) socket$tipc(0x1e, 0x2, 0x0) 346.134908ms ago: executing program 4 (id=2823): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0xac, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x7}]}}]}, 0xac}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x4}}}]}, @NFTA_RULE_COMPAT={0x4}]}], {0x14}}, 0x58}}, 0x0) sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000000000b00000008000300000000000c00018005"], 0x28}}, 0x0) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="140100001f000504000000000000"], 0x114}], 0x1}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_MPATH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010027bd70000000000067db000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990001"], 0x34}}, 0x8080) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r6, &(0x7f0000000340)="4700000001003f", 0x7) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x1a) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000f5ff000000000000f7ffffff000000cc"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r9}, 0x10) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r10}, 0x10) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r11}, 0x10) r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x5, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xd7}, {{0x18, 0x1, 0x1, 0x0, r12}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0xa, 0x0, 0x2}, {0x2, 0x3, 0x3, 0xa, 0x0, 0xfff8}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r7}, {0x6, 0x0, 0xb, 0x9}, {0x46, 0x8, 0xfff0, 0x76}}, @printk={@llu, {0x3, 0x3, 0x3, 0x4, 0x9}}], {{0x7, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r13, &(0x7f0000001800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 257.16576ms ago: executing program 1 (id=2824): r0 = socket$kcm(0xa, 0x2, 0x3a) r1 = socket$kcm(0x11, 0xa, 0x300) recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)}, 0x0) sendmsg$kcm(r0, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000780)="80005b020eaa4da2", 0xfdef}], 0x1, 0x0, 0x0, 0x900}, 0x0) 17.457054ms ago: executing program 0 (id=2825): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000037000000", @ANYRES32=r1, @ANYBLOB="08002600901500070800570080"], 0x2c}}, 0x80) 0s ago: executing program 1 (id=2826): r0 = socket(0x2b, 0x80801, 0x1) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4, 0x3ff, @empty, 0x1}, 0x1c) sendto$inet(r0, 0x0, 0x0, 0x20002050, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_vlan\x00', 0x4}, 0x18) kernel console output (not intermixed with test programs): =c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7fc00000 [ 152.720498][ T31] audit: type=1326 audit(605.459:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8539 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7fc00000 [ 152.720534][ T31] audit: type=1326 audit(605.459:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8539 comm="syz.0.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7fc00000 [ 153.859343][ T8576] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 153.863043][ T8576] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.864319][ T8576] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.511943][ T8634] capability: warning: `syz.3.687' uses deprecated v2 capabilities in a way that may be insecure [ 157.349713][ T8657] syz.1.695: attempt to access beyond end of device [ 157.349713][ T8657] loop3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 157.349967][ T8657] efs: cannot read volume header [ 157.352689][ T8657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 157.352906][ T8657] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.089130][ T6487] Bluetooth: hci3: command 0x0406 tx timeout [ 164.089238][ T6487] Bluetooth: hci0: command 0x0406 tx timeout [ 164.089290][ T6487] Bluetooth: hci2: command 0x0406 tx timeout [ 164.089351][ T6480] Bluetooth: hci4: command 0x0406 tx timeout [ 168.125744][ T8410] bond0: (slave bond_slave_0): interface is now down [ 168.125874][ T8410] bond0: (slave bond_slave_1): interface is now down [ 168.127354][ T8410] bond0: now running without any active interface! [ 170.924304][ T8727] netlink: 'syz.4.715': attribute type 30 has an invalid length. [ 170.924534][ T8727] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 170.924599][ T8727] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 172.541843][ T24] libceph: connect (1)[c::]:6789 error -101 [ 172.541983][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 173.144927][ T6523] libceph: connect (1)[c::]:6789 error -101 [ 173.145122][ T6523] libceph: mon0 (1)[c::]:6789 connect error [ 173.358437][ T8767] ceph: No mds server is up or the cluster is laggy [ 175.109528][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 175.109687][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 175.110828][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 175.110930][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 175.371739][ T6523] libceph: connect (1)[c::]:6789 error -101 [ 175.372944][ T6523] libceph: mon0 (1)[c::]:6789 connect error [ 175.877983][ T1680] libceph: connect (1)[c::]:6789 error -101 [ 175.878133][ T1680] libceph: mon0 (1)[c::]:6789 connect error [ 176.036452][ T8850] ceph: No mds server is up or the cluster is laggy [ 177.041166][ T6464] libceph: connect (1)[c::]:6789 error -101 [ 177.041301][ T6464] libceph: mon0 (1)[c::]:6789 connect error [ 177.057228][ T6464] libceph: connect (1)[c::]:6789 error -101 [ 177.057374][ T6464] libceph: mon0 (1)[c::]:6789 connect error [ 177.285240][ T8906] block device autoloading is deprecated and will be removed. [ 177.722230][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 177.722389][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 177.875370][ T8896] ceph: No mds server is up or the cluster is laggy [ 178.864168][ T8943] netlink: 24 bytes leftover after parsing attributes in process `syz.0.798'. [ 179.111214][ T8965] nbd: must specify at least one socket [ 179.154104][ T8968] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 179.154330][ T8968] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 179.220358][ T8975] netlink: 17279 bytes leftover after parsing attributes in process `syz.3.812'. [ 179.231720][ T8974] tipc: Started in network mode [ 179.231906][ T8974] tipc: Node identity aaaaaaaaaa2a, cluster identity 4711 [ 179.232074][ T8974] tipc: Enabled bearer , priority 27 [ 179.238377][ T8974] netlink: 'syz.1.813': attribute type 10 has an invalid length. [ 179.238486][ T8974] tipc: Resetting bearer [ 179.254734][ T8974] tipc: Resetting bearer [ 179.257168][ T8974] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.264058][ T8974] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 180.515434][ T2294] tipc: Node number set to 8432298 [ 182.362731][ T9064] netlink: 'syz.2.838': attribute type 21 has an invalid length. [ 182.362797][ T9064] netlink: 'syz.2.838': attribute type 20 has an invalid length. [ 182.362821][ T9064] IPv6: NLM_F_CREATE should be specified when creating new route [ 183.028728][ T9072] netlink: 'syz.3.851': attribute type 10 has an invalid length. [ 183.028794][ T9072] netlink: 40 bytes leftover after parsing attributes in process `syz.3.851'. [ 183.144612][ T9072] team0: Port device geneve0 added [ 187.671489][ T2387] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.851006][ T24] psmouse serio1: Failed to reset mouse on : -5 [ 188.670756][ T9149] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 190.038543][ T9181] netlink: 28 bytes leftover after parsing attributes in process `syz.1.889'. [ 191.164074][ T9213] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 191.168518][ T9213] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 192.608794][ T9233] capability: warning: `syz.1.910' uses 32-bit capabilities (legacy support in use) [ 192.661010][ T9238] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 192.661241][ T9238] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 192.934141][ T24] misc userio: Buffer overflowed, userio client isn't keeping up [ 193.741215][ T9235] netlink: 4 bytes leftover after parsing attributes in process `syz.3.911'. [ 194.096915][ T24] input: PS/2 Generic Mouse as /devices/serio1/input/input5 [ 194.310192][ T24] psmouse serio1: Failed to enable mouse on [ 196.019417][ T9308] lo speed is unknown, defaulting to 1000 [ 196.022234][ T9308] lo speed is unknown, defaulting to 1000 [ 196.025523][ T9308] lo speed is unknown, defaulting to 1000 [ 196.029036][ T9308] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 196.034465][ T9308] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 196.043709][ T9308] lo speed is unknown, defaulting to 1000 [ 196.046100][ T9308] lo speed is unknown, defaulting to 1000 [ 196.046829][ T9308] lo speed is unknown, defaulting to 1000 [ 196.047498][ T9308] lo speed is unknown, defaulting to 1000 [ 196.048158][ T9308] lo speed is unknown, defaulting to 1000 [ 196.085013][ T9308] smc: removing ib device syz0 [ 196.787627][ T9327] syz.3.941: attempt to access beyond end of device [ 196.787627][ T9327] loop7: rw=0, sector=0, nr_sectors = 1 limit=0 [ 196.787729][ T9327] efs: cannot read volume header [ 198.612331][ T9357] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 200.308397][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 200.308545][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 200.308871][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 200.308960][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 200.309019][ T9378] ceph: No mds server is up or the cluster is laggy [ 201.336329][ T9422] ceph: No mds server is up or the cluster is laggy [ 201.337359][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 201.338086][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 201.401024][ T9432] netlink: 116 bytes leftover after parsing attributes in process `syz.4.979'. [ 202.147825][ T9456] netlink: 4 bytes leftover after parsing attributes in process `syz.3.988'. [ 202.962704][ T9456] team0: Port device team_slave_1 removed [ 203.102444][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 203.104362][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 203.114312][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 203.114452][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 203.285668][ T1680] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 203.339192][ T9486] ceph: No mds server is up or the cluster is laggy [ 203.342804][ T24] libceph: connect (1)[c::]:6789 error -101 [ 203.342952][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 203.370230][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 203.370380][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 203.455377][ T1680] usb 1-1: config 0 has an invalid interface number: 4 but max is 0 [ 203.455919][ T1680] usb 1-1: config 0 has no interface number 0 [ 203.458033][ T1680] usb 1-1: config 0 interface 4 has no altsetting 0 [ 203.484015][ T9495] xt_CT: You must specify a L4 protocol and not use inversions on it [ 203.488960][ T9495] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 203.686617][ T1680] usb 1-1: New USB device found, idVendor=12d1, idProduct=b1e9, bcdDevice=c4.a1 [ 203.690094][ T1680] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.694183][ T1680] usb 1-1: Product: syz [ 203.697716][ T1680] usb 1-1: Manufacturer: syz [ 203.700360][ T1680] usb 1-1: SerialNumber: syz [ 203.936977][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 203.937125][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 203.953119][ T1680] usb 1-1: config 0 descriptor?? [ 203.974891][ T9471] ceph: No mds server is up or the cluster is laggy [ 204.181929][ T1680] option 1-1:0.4: GSM modem (1-port) converter detected [ 204.189946][ T1680] usb 1-1: USB disconnect, device number 3 [ 204.193603][ T1680] option 1-1:0.4: device disconnected [ 204.523547][ T9522] xt_SECMARK: unable to map security context 'system_u:object_r:dbusd_etc_t:s0' [ 205.141347][ T24] libceph: connect (1)[c::]:6789 error -101 [ 205.141507][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 205.396042][ T24] libceph: connect (1)[c::]:6789 error -101 [ 205.396188][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 205.917630][ T24] libceph: connect (1)[c::]:6789 error -101 [ 205.936316][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 206.324244][ T9531] ceph: No mds server is up or the cluster is laggy [ 207.794530][ T9575] misc userio: The device must be registered before sending interrupts [ 207.794939][ T9575] misc userio: The device must be registered before sending interrupts [ 208.955474][ T9587] random: crng reseeded on system resumption [ 209.331630][ T24] libceph: connect (1)[c::]:6789 error -101 [ 209.331793][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 209.339463][ T24] libceph: connect (1)[c::]:6789 error -101 [ 209.339591][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 209.597661][ T24] libceph: connect (1)[c::]:6789 error -101 [ 209.597863][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 209.633024][ T9617] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1042'. [ 210.121830][ T24] libceph: connect (1)[c::]:6789 error -101 [ 210.128953][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 210.540460][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 210.542524][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 210.554459][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 210.556610][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 210.576775][ T9598] ceph: No mds server is up or the cluster is laggy [ 210.723908][ T9624] ceph: No mds server is up or the cluster is laggy [ 211.574914][ T9648] input: syz0 as /devices/virtual/input/input11 [ 212.268049][ T24] libceph: connect (1)[c::]:6789 error -101 [ 212.268192][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 212.280884][ T24] libceph: connect (1)[c::]:6789 error -101 [ 212.281495][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 213.106661][ T9681] ceph: No mds server is up or the cluster is laggy [ 213.238541][ T24] libceph: connect (1)[c::]:6789 error -101 [ 213.238702][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 213.306428][ T9690] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1064'. [ 216.905187][ T1680] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 217.165294][ T1680] usb 1-1: Using ep0 maxpacket: 8 [ 217.172371][ T1680] usb 1-1: config 0 has an invalid interface number: 55 but max is 0 [ 217.172445][ T1680] usb 1-1: config 0 has no interface number 0 [ 217.172479][ T1680] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 217.172511][ T1680] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 217.172549][ T1680] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 217.172581][ T1680] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 217.172618][ T1680] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 217.172647][ T1680] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.200004][ T1680] usb 1-1: config 0 descriptor?? [ 218.166686][ T1680] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 218.272927][ T1680] usb 1-1: USB disconnect, device number 4 [ 218.386325][ T1680] ldusb 1-1:0.55: LD USB Device #0 now disconnected [ 218.481610][ T24] libceph: connect (1)[c::]:6789 error -101 [ 218.483556][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 218.491655][ T24] libceph: connect (1)[c::]:6789 error -101 [ 218.494621][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 219.190025][ T24] libceph: connect (1)[c::]:6789 error -101 [ 219.192008][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 219.202850][ T9740] ceph: No mds server is up or the cluster is laggy [ 219.321693][ T9757] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1087'. [ 219.351386][ T9763] misc userio: No port type given on /dev/userio [ 219.409773][ T9766] misc userio: The device must be registered before sending interrupts [ 219.413777][ T9766] misc userio: The device must be registered before sending interrupts [ 219.699230][ T6488] block nbd1: Receive control failed (result -107) [ 219.785351][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 219.785498][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 219.785976][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 219.786056][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 219.797564][ T8684] block nbd1: shutting down sockets [ 220.055739][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 220.055876][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 220.208000][ T9797] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1101'. [ 220.485191][ T6524] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 220.490843][ T9783] ceph: No mds server is up or the cluster is laggy [ 220.645342][ T6524] usb 1-1: Using ep0 maxpacket: 8 [ 220.651155][ T6524] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 220.651247][ T6524] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 220.651279][ T6524] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.668153][ T6524] usb 1-1: config 0 descriptor?? [ 220.674296][ T6524] ldusb 1-1:0.0: Interrupt in endpoint not found [ 220.890441][ T6524] usb 1-1: USB disconnect, device number 5 [ 221.177217][ T9822] misc userio: No port type given on /dev/userio [ 221.206586][ T9824] netlink: 116 bytes leftover after parsing attributes in process `syz.3.1112'. [ 221.768729][ T9827] misc userio: The device must be registered before sending interrupts [ 221.774407][ T9827] misc userio: The device must be registered before sending interrupts [ 222.131091][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 222.131227][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 222.144110][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 222.144256][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 222.409187][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 222.411435][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 222.948967][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 222.958945][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 223.043176][ T9848] ceph: No mds server is up or the cluster is laggy [ 223.092807][ T9860] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1123'. [ 223.215017][ T9869] xt_CT: No such helper "snmp" [ 223.936980][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 223.937124][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 223.998188][ T9874] ceph: No mds server is up or the cluster is laggy [ 225.357107][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 225.357252][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 225.357858][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 225.357947][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 226.041026][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 226.041175][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 226.312239][ T9919] ceph: No mds server is up or the cluster is laggy [ 226.499725][ T9936] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1148'. [ 226.547643][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 226.547797][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 226.553303][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 226.555386][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 226.637926][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 226.638081][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 226.854275][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 226.854427][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 227.384625][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 227.393600][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 227.500259][ T9937] ceph: No mds server is up or the cluster is laggy [ 227.697961][ T9967] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1160'. [ 228.373582][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 228.373734][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 228.375440][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 228.375542][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 228.635508][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 228.635643][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 228.677205][ T9994] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1169'. [ 228.791374][T10000] o2cb: This node has not been configured. [ 228.797534][T10000] o2cb: Cluster check failed. Fix errors before retrying. [ 228.797602][T10000] (syz.2.1171,10000,0):user_dlm_register:674 ERROR: status = -22 [ 228.797634][T10000] (syz.2.1171,10000,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1" [ 228.819937][T10001] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1172'. [ 229.000238][T10022] netlink: 116 bytes leftover after parsing attributes in process `syz.3.1182'. [ 229.126176][ T9973] ceph: No mds server is up or the cluster is laggy [ 229.150103][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 229.150250][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 229.800556][T10033] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1187'. [ 231.039074][T10061] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1197'. [ 231.084853][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 231.084991][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 231.092108][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 231.092249][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 231.199797][T10070] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1200'. [ 231.426354][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 231.432119][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 231.539177][T10078] lo speed is unknown, defaulting to 1000 [ 231.548705][T10078] lo speed is unknown, defaulting to 1000 [ 231.552443][T10078] lo speed is unknown, defaulting to 1000 [ 232.161115][T10078] infiniband syz0: set active [ 232.161169][T10078] infiniband syz0: added lo [ 232.186307][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 232.186452][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 232.186736][ T6524] lo speed is unknown, defaulting to 1000 [ 232.216478][T10079] netlink: 'syz.1.1202': attribute type 1 has an invalid length. [ 232.216550][T10079] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1202'. [ 232.231739][T10078] RDS/IB: syz0: added [ 232.231826][T10078] smc: adding ib device syz0 with port count 1 [ 232.231874][T10078] smc: ib device syz0 port 1 has pnetid SYZ0 (user defined) [ 232.232356][T10078] lo speed is unknown, defaulting to 1000 [ 232.257348][ T6524] lo speed is unknown, defaulting to 1000 [ 232.274979][T10059] ceph: No mds server is up or the cluster is laggy [ 232.334602][T10083] misc userio: Invalid payload size [ 232.334894][T10083] misc userio: No port type given on /dev/userio [ 232.382803][T10078] lo speed is unknown, defaulting to 1000 [ 232.385973][T10085] misc userio: The device must be registered before sending interrupts [ 232.386094][T10085] misc userio: The device must be registered before sending interrupts [ 232.453799][T10078] lo speed is unknown, defaulting to 1000 [ 232.525188][T10078] lo speed is unknown, defaulting to 1000 [ 232.594153][T10078] lo speed is unknown, defaulting to 1000 [ 232.861217][T10098] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1210'. [ 233.189409][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 233.193113][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 233.302617][T10121] syz0: rxe_newlink: already configured on lo [ 233.464158][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 233.466303][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 233.492583][T10121] netlink: 'syz.1.1216': attribute type 1 has an invalid length. [ 233.492740][T10121] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1216'. [ 233.874177][T10113] ceph: No mds server is up or the cluster is laggy [ 233.971045][T10126] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1221'. [ 233.974467][ T31] kauditd_printk_skb: 512 callbacks suppressed [ 233.974543][ T31] audit: type=1326 audit(686.709:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10130 comm="syz.0.1220" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x0 [ 235.235168][ T2294] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 235.268366][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 235.268516][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 235.469690][T10164] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1236'. [ 235.477023][T10156] ceph: No mds server is up or the cluster is laggy [ 236.648404][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 236.648545][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 236.666377][ T2294] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 236.666454][ T2294] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 236.668039][ T2294] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 236.668074][ T2294] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.668096][ T2294] usb 1-1: Product: syz [ 236.668115][ T2294] usb 1-1: Manufacturer: syz [ 236.668134][ T2294] usb 1-1: SerialNumber: syz [ 236.888462][T10142] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 238.768750][ T24] libceph: connect (1)[c::]:6789 error -101 [ 238.768898][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 238.773486][ T24] libceph: connect (1)[c::]:6789 error -101 [ 238.773653][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 238.896982][ T2294] cdc_mbim 1-1:1.0: failed GET_NTB_PARAMETERS [ 238.897108][ T2294] cdc_mbim 1-1:1.0: bind() failure [ 238.914510][ T2294] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 238.920529][ T2294] cdc_ncm 1-1:1.1: bind() failure [ 238.980045][ T2294] usb 1-1: USB disconnect, device number 6 [ 239.125328][T10216] ceph: No mds server is up or the cluster is laggy [ 239.189499][ T24] libceph: connect (1)[c::]:6789 error -101 [ 239.189646][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 239.307841][T10236] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1265'. [ 241.031850][T10273] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1278'. [ 241.046482][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 241.046611][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 241.631791][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 241.633838][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 241.650789][T10262] ceph: No mds server is up or the cluster is laggy [ 242.191427][ T31] audit: type=1326 audit(694.919:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10286 comm="syz.2.1284" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9935bce8 code=0x7fc00000 [ 242.198186][ T31] audit: type=1326 audit(694.919:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10286 comm="syz.2.1284" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=20 compat=0 ip=0xffff9935bce8 code=0x7fc00000 [ 242.586704][T10304] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1290'. [ 242.628124][ T31] audit: type=1326 audit(695.349:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10286 comm="syz.2.1284" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9935bce8 code=0x7fc00000 [ 243.765434][ T55] Bluetooth: hci4: command 0x0406 tx timeout [ 243.766781][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 243.766929][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 243.984551][T10336] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1302'. [ 244.025421][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 244.025551][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 245.001620][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 245.003463][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 245.006715][T10319] ceph: No mds server is up or the cluster is laggy [ 245.643685][T10357] syzkaller0: entered allmulticast mode [ 245.938035][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 245.938173][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 245.940041][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 245.940148][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 245.963038][T10360] syz0: rxe_newlink: already configured on lo [ 246.868640][T10372] ceph: No mds server is up or the cluster is laggy [ 246.881558][ T6554] libceph: connect (1)[c::]:6789 error -101 [ 246.881709][ T6554] libceph: mon0 (1)[c::]:6789 connect error [ 246.905345][T10389] netlink: 'syz.1.1305': attribute type 1 has an invalid length. [ 246.908573][T10389] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1305'. [ 248.112983][T10415] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nbd2": -EINTR [ 248.535246][T10422] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1333'. [ 248.793192][T10437] loop0: detected capacity change from 0 to 2048 [ 248.793629][T10437] EXT4-fs: Ignoring removed nomblk_io_submit option [ 248.821030][T10437] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.849811][ T6485] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.914307][T10450] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1343'. [ 249.045862][ T2387] ieee802154 phy1 wpan1: encryption failed: -22 [ 250.133536][T10478] xt_hashlimit: max too large, truncated to 1048576 [ 250.209732][T10481] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1356'. [ 250.253825][T10484] loop4: detected capacity change from 0 to 256 [ 250.428399][T10490] loop1: detected capacity change from 0 to 32768 [ 250.558617][T10490] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 251.203265][ T6473] ocfs2: Unmounting device (7,1) on (node local) [ 251.485104][T10521] rdma_rxe: rxe_newlink: failed to add lo [ 251.621318][T10520] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1370'. [ 251.653353][T10521] netlink: 'syz.2.1369': attribute type 1 has an invalid length. [ 251.653461][T10521] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1369'. [ 253.305439][T10570] rdma_rxe: rxe_newlink: failed to add lo [ 253.494091][T10570] netlink: 'syz.4.1384': attribute type 1 has an invalid length. [ 253.494220][T10570] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1384'. [ 254.469860][ T6488] Bluetooth: hci0: unexpected event for opcode 0x1005 [ 254.953118][T10603] rdma_rxe: rxe_newlink: failed to add lo [ 255.130388][T10603] netlink: 'syz.4.1400': attribute type 1 has an invalid length. [ 255.130518][T10603] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1400'. [ 257.783992][T10638] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 257.787866][T10638] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 257.975206][T10642] rdma_rxe: rxe_newlink: failed to add lo [ 258.138241][T10642] netlink: 'syz.0.1412': attribute type 1 has an invalid length. [ 258.138291][T10642] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1412'. [ 258.731619][T10654] process 'syz.2.1421' launched './file1' with NULL argv: empty string added [ 258.796123][T10657] loop1: detected capacity change from 0 to 256 [ 259.605417][ T6523] libceph: connect (1)[c::]:6789 error -101 [ 259.607465][ T6523] libceph: mon0 (1)[c::]:6789 connect error [ 259.615197][T10664] ceph: No mds server is up or the cluster is laggy [ 259.615475][ T6523] libceph: connect (1)[c::]:6789 error -101 [ 259.619742][ T6523] libceph: mon0 (1)[c::]:6789 connect error [ 260.653423][ T24] libceph: connect (1)[c::]:6789 error -101 [ 260.653585][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 260.667393][T10698] ceph: No mds server is up or the cluster is laggy [ 260.669883][ T1680] libceph: connect (1)[c::]:6789 error -101 [ 260.672257][ T1680] libceph: mon0 (1)[c::]:6789 connect error [ 260.832580][T10710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 260.832910][T10710] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 262.405546][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 262.407665][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 262.412992][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 262.418172][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 262.677386][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 262.677530][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 263.395873][T10778] syz.0.1464: attempt to access beyond end of device [ 263.395873][T10778] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 263.546459][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 263.546610][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 263.564226][T10745] ceph: No mds server is up or the cluster is laggy [ 264.775205][ T11] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 264.905187][ T11] usb 1-1: device descriptor read/64, error -71 [ 265.167327][T10822] ceph: No mds server is up or the cluster is laggy [ 265.225156][ T11] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 265.310816][ T6523] libceph: connect (1)[c::]:6789 error -101 [ 265.310983][ T6523] libceph: mon0 (1)[c::]:6789 connect error [ 265.355495][ T11] usb 1-1: device descriptor read/64, error -71 [ 265.449204][T10840] 9pnet_fd: Insufficient options for proto=fd [ 265.917079][ T11] usb usb1-port1: attempt power cycle [ 266.055249][T10844] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1484'. [ 266.062261][T10844] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1484'. [ 266.396359][T10850] syz.1.1480: attempt to access beyond end of device [ 266.396359][T10850] nbd1: rw=4096, sector=0, nr_sectors = 2 limit=0 [ 267.246481][ T11] usb 1-1: new full-speed USB device number 9 using dummy_hcd [ 267.303836][ T11] usb 1-1: device descriptor read/8, error -71 [ 267.726206][T10874] ceph: No mds server is up or the cluster is laggy [ 267.728816][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 267.728974][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 267.936839][T10881] loop1: detected capacity change from 0 to 64 [ 267.985811][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 267.990015][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 268.004169][T10881] hfs: inconsistency in B*Tree (1,0,2,2,3) [ 268.442472][T10896] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1500'. [ 268.649702][ T1680] libceph: connect (1)[c::]:6789 error -101 [ 268.649846][ T1680] libceph: mon0 (1)[c::]:6789 connect error [ 268.650710][T10908] ceph: No mds server is up or the cluster is laggy [ 268.651064][ T1680] libceph: connect (1)[c::]:6789 error -101 [ 268.651159][ T1680] libceph: mon0 (1)[c::]:6789 connect error [ 269.311556][T10940] ceph: No mds server is up or the cluster is laggy [ 269.314093][ T11] libceph: connect (1)[c::]:6789 error -101 [ 269.316133][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 269.887370][ T11] libceph: connect (1)[c::]:6789 error -101 [ 269.887529][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 271.103922][T10972] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 271.110261][T10972] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 272.001641][ T11] libceph: connect (1)[c::]:6789 error -101 [ 272.001805][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 272.094770][T10997] loop4: detected capacity change from 0 to 2048 [ 272.103336][T10997] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 272.156412][T10989] ceph: No mds server is up or the cluster is laggy [ 272.352740][T11009] netlink: 'syz.2.1545': attribute type 10 has an invalid length. [ 272.373865][T11009] syz_tun: entered promiscuous mode [ 272.391497][T11009] syz_tun: entered allmulticast mode [ 272.391887][T11009] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 273.323964][T11033] loop4: detected capacity change from 0 to 64 [ 273.925446][T11033] hfs: inconsistency in B*Tree (1,0,2,2,3) [ 273.938178][T11030] ceph: No mds server is up or the cluster is laggy [ 273.943748][ T24] libceph: connect (1)[c::]:6789 error -101 [ 273.943911][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 274.093933][T11047] netlink: 116 bytes leftover after parsing attributes in process `syz.3.1560'. [ 274.985203][T11062] syz0: rxe_newlink: already configured on lo [ 275.592747][T11062] netlink: 'syz.1.1565': attribute type 1 has an invalid length. [ 275.592915][T11062] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1565'. [ 275.600413][T11062] loop9: detected capacity change from 0 to 7 [ 275.795966][T11062] Dev loop9: unable to read RDB block 7 [ 275.796035][T11062] loop9: unable to read partition table [ 275.796140][T11062] loop9: partition table beyond EOD, truncated [ 275.796177][T11062] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 275.909667][T11064] loop0: detected capacity change from 0 to 32768 [ 276.025930][T11064] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=xxhash,data_checksum=xxhash,compression=lz4,str_hash=crc64,norecovery,reconstruct_alloc [ 276.026332][T11064] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 276.026587][T11064] bcachefs (loop0): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete [ 276.026587][T11064] Doing compatible version upgrade from 1.19: autofix_errors to 1.25: extent_flags [ 276.026587][T11064] running recovery passes: check_extents_to_backpointers [ 276.027032][T11064] bcachefs (loop0): dropping and reconstructing all alloc info [ 276.038313][T11064] bcachefs (loop0): invalid bkey in btree_node btree=snapshots level=0: u64s 8 type snapshot 117440512:4294967295:0 len 0 ver 0: is_subvol 0 deleted 0 parent 0 children 0 0 subvol 1 tree 0 [ 276.038372][T11064] bad pos, deleting [ 276.039917][T11064] bcachefs (loop0): accounting_read... done [ 276.040157][T11064] bcachefs (loop0): alloc_read... done [ 276.040309][T11064] bcachefs (loop0): snapshots_read... done [ 276.040546][T11064] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean [ 276.040901][T11064] bcachefs (loop0): done starting filesystem [ 276.217172][ T6485] bcachefs (loop0): shutting down [ 276.766205][ T31] audit: type=1326 audit(729.509:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11091 comm="syz.4.1575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 276.767892][ T31] audit: type=1326 audit(729.509:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11091 comm="syz.4.1575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=221 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 276.768043][ T31] audit: type=1326 audit(729.509:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11091 comm="syz.4.1575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 276.768153][ T31] audit: type=1326 audit(729.509:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11091 comm="syz.4.1575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 276.781331][T11089] netlink: 116 bytes leftover after parsing attributes in process `syz.3.1574'. [ 276.850861][T11094] netlink: 'syz.4.1578': attribute type 10 has an invalid length. [ 276.861325][ T31] audit: type=1326 audit(729.599:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11097 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 276.861464][ T31] audit: type=1326 audit(729.599:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11097 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 276.866462][T11094] syz_tun: entered promiscuous mode [ 276.881139][ T31] audit: type=1326 audit(729.619:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11097 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=5 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 276.881210][ T31] audit: type=1326 audit(729.619:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11097 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 276.881262][ T31] audit: type=1326 audit(729.619:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11097 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 276.881302][ T31] audit: type=1326 audit(729.619:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11097 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=14 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 276.883148][T11094] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 276.940478][ T6485] bcachefs (loop0): shutdown complete [ 277.566600][T11108] rdma_rxe: rxe_newlink: failed to add lo [ 278.654058][T11117] syz_tun: entered allmulticast mode [ 278.716818][T11116] syz_tun: left allmulticast mode [ 278.721890][T11121] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1587'. [ 278.753242][T11123] overlayfs: failed to resolve './file0': -2 [ 279.769170][T11147] rdma_rxe: rxe_newlink: failed to add lo [ 280.421202][T11153] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1600'. [ 280.542100][T11157] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 280.547637][T11157] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 280.570184][T11158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 284.062322][T11200] rdma_rxe: rxe_newlink: failed to add lo [ 284.625167][T11202] netlink: 116 bytes leftover after parsing attributes in process `syz.3.1618'. [ 285.403002][ T31] kauditd_printk_skb: 11 callbacks suppressed [ 285.405438][ T31] audit: type=1326 audit(738.129:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11221 comm="syz.4.1626" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 285.412209][ T31] audit: type=1326 audit(738.129:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11221 comm="syz.4.1626" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 285.419103][ T31] audit: type=1326 audit(738.139:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11221 comm="syz.4.1626" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 285.425585][ T31] audit: type=1326 audit(738.139:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11221 comm="syz.4.1626" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 285.432159][ T31] audit: type=1326 audit(738.139:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11221 comm="syz.4.1626" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 285.438737][ T31] audit: type=1326 audit(738.139:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11221 comm="syz.4.1626" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 285.446103][ T31] audit: type=1326 audit(738.139:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11221 comm="syz.4.1626" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 285.454252][ T31] audit: type=1326 audit(738.139:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11221 comm="syz.4.1626" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 285.481715][ T31] audit: type=1326 audit(738.139:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11221 comm="syz.4.1626" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=76 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 287.747138][T11235] rdma_rxe: rxe_newlink: failed to add lo [ 288.136589][T11235] loop9: detected capacity change from 0 to 7 [ 288.176425][T11235] Dev loop9: unable to read RDB block 7 [ 288.176735][T11235] loop9: unable to read partition table [ 288.177064][T11235] loop9: partition table beyond EOD, truncated [ 288.177197][T11235] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 288.409921][T11244] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1632'. [ 288.500364][T11247] netlink: 'syz.3.1634': attribute type 24 has an invalid length. [ 289.017411][ T11] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 289.279185][ T11] usb 1-1: Using ep0 maxpacket: 16 [ 289.317417][ T11] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 289.322633][ T11] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 289.412670][ T11] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 289.418926][ T11] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.424223][ T11] usb 1-1: Product: syz [ 289.427367][ T11] usb 1-1: Manufacturer: syz [ 289.430503][ T11] usb 1-1: SerialNumber: syz [ 289.561216][ T11] usb 1-1: config 0 descriptor?? [ 289.580387][ T11] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 289.580465][ T11] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class) [ 289.826347][T11278] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1646'. [ 289.999582][T11282] rdma_rxe: rxe_newlink: failed to add lo [ 290.342782][ T11] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 290.361628][ T11] em28xx 1-1:0.0: Config register raw data: 0xfffffffb [ 290.788908][T11295] loop4: detected capacity change from 0 to 256 [ 290.802729][T11295] FAT-fs (loop4): Directory bread(block 1285) failed [ 290.816544][T11295] FAT-fs (loop4): FAT read failed (blocknr 1281) [ 290.988815][ T11] em28xx 1-1:0.0: Unknown AC97 audio processor detected! [ 290.991281][ T11] em28xx 1-1:0.0: couldn't setup AC97 register 2 [ 290.994054][ T11] em28xx 1-1:0.0: couldn't setup AC97 register 4 [ 290.998080][ T11] em28xx 1-1:0.0: couldn't setup AC97 register 6 [ 291.000348][ T11] em28xx 1-1:0.0: couldn't setup AC97 register 54 [ 291.002728][ T11] em28xx 1-1:0.0: couldn't setup AC97 register 56 [ 291.265911][ T11] em28xx 1-1:0.0: couldn't setup AC97 register 2 [ 291.268402][ T11] em28xx 1-1:0.0: couldn't setup AC97 register 4 [ 291.271648][ T11] em28xx 1-1:0.0: couldn't setup AC97 register 6 [ 291.273853][ T11] em28xx 1-1:0.0: couldn't setup AC97 register 54 [ 291.276497][ T11] em28xx 1-1:0.0: couldn't setup AC97 register 56 [ 291.282395][ T11] usb 1-1: USB disconnect, device number 11 [ 291.305675][T11315] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1662'. [ 292.409316][T11344] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1673'. [ 292.416983][ T11] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 292.565218][ T11] usb 1-1: Using ep0 maxpacket: 32 [ 292.568854][ T11] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 292.572452][ T11] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 292.579813][ T11] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 292.582772][ T11] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 292.586302][ T11] usb 1-1: Product: syz [ 292.587969][ T11] usb 1-1: Manufacturer: syz [ 292.627236][ T11] hub 1-1:4.0: USB hub found [ 292.834357][T11355] 9pnet_fd: Insufficient options for proto=fd [ 293.269941][ T11] hub 1-1:4.0: 2 ports detected [ 294.990640][ T625] hub 1-1:4.0: activate --> -90 [ 295.260974][T11411] netlink: 'syz.4.1702': attribute type 4 has an invalid length. [ 295.313296][T11411] netlink: 'syz.4.1702': attribute type 4 has an invalid length. [ 295.402512][ T6464] usb 1-1: USB disconnect, device number 12 [ 295.404513][ T2294] usb 1-1: Failed to suspend device, error -71 [ 296.436578][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 296.436729][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 296.444135][T11432] ceph: No mds server is up or the cluster is laggy [ 296.453574][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 296.453728][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 298.058407][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 298.058549][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 298.063426][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 298.063562][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 298.067598][T11476] ceph: No mds server is up or the cluster is laggy [ 299.245645][T11495] rdma_rxe: rxe_newlink: failed to add lo [ 299.285030][T11495] loop9: detected capacity change from 0 to 7 [ 299.325916][T11495] Dev loop9: unable to read RDB block 7 [ 299.325992][T11495] loop9: unable to read partition table [ 299.326098][T11495] loop9: partition table beyond EOD, truncated [ 299.326125][T11495] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 299.886670][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 299.886829][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 299.890860][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 299.890992][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 299.894756][T11512] ceph: No mds server is up or the cluster is laggy [ 300.353097][ T6464] libceph: connect (1)[c::]:6789 error -101 [ 300.353231][ T6464] libceph: mon0 (1)[c::]:6789 connect error [ 300.637698][T11532] netlink: 'syz.3.1744': attribute type 4 has an invalid length. [ 300.675570][T11532] netlink: 'syz.3.1744': attribute type 4 has an invalid length. [ 301.524045][T11540] loop4: detected capacity change from 0 to 2048 [ 301.534345][T11540] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 301.681181][T11561] netlink: 'syz.4.1756': attribute type 4 has an invalid length. [ 301.698200][T11561] netlink: 'syz.4.1756': attribute type 4 has an invalid length. [ 301.740468][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 301.740613][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 301.844718][ T31] audit: type=1326 audit(754.569:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11551 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 301.844960][ T31] audit: type=1326 audit(754.579:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11551 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 301.845163][ T31] audit: type=1326 audit(754.579:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11551 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 301.845204][ T31] audit: type=1326 audit(754.579:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11551 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 301.845242][ T31] audit: type=1326 audit(754.579:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11551 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 301.845279][ T31] audit: type=1326 audit(754.579:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11551 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 301.845317][ T31] audit: type=1326 audit(754.579:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11551 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 301.845354][ T31] audit: type=1326 audit(754.579:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11551 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 301.845390][ T31] audit: type=1326 audit(754.579:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11551 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=76 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 302.710110][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 302.710260][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 303.215491][ T6464] libceph: connect (1)[c::]:6789 error -101 [ 303.215642][ T6464] libceph: mon0 (1)[c::]:6789 connect error [ 303.895157][T11554] ceph: No mds server is up or the cluster is laggy [ 304.086059][T11572] loop4: detected capacity change from 0 to 64 [ 304.136483][T11572] hfs: inconsistency in B*Tree (1,0,2,2,3) [ 306.229138][T11604] ceph: No mds server is up or the cluster is laggy [ 306.229585][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 306.229724][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 306.290446][T11610] loop0: detected capacity change from 0 to 64 [ 306.336024][T11610] hfs: inconsistency in B*Tree (1,0,2,2,3) [ 306.787570][ T31] audit: type=1326 audit(759.519:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11614 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 308.502160][T11622] loop1: detected capacity change from 0 to 2048 [ 308.525005][T11622] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 309.234648][T11635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 309.240052][T11635] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 309.387679][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 309.387837][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 309.388820][T11637] ceph: No mds server is up or the cluster is laggy [ 310.518644][ T2387] ieee802154 phy1 wpan1: encryption failed: -22 [ 310.921507][T11668] loop1: detected capacity change from 0 to 2048 [ 310.942569][T11668] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 311.050056][T11677] loop1: detected capacity change from 0 to 64 [ 311.093929][T11677] hfs: inconsistency in B*Tree (1,0,2,2,3) [ 311.452513][ T31] kauditd_printk_skb: 8 callbacks suppressed [ 311.452600][ T31] audit: type=1326 audit(764.179:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.1.1797" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 311.452818][ T31] audit: type=1326 audit(764.179:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.1.1797" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 311.453003][ T31] audit: type=1326 audit(764.189:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.1.1797" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 311.453125][ T31] audit: type=1326 audit(764.189:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.1.1797" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 311.453293][ T31] audit: type=1326 audit(764.189:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.1.1797" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 311.453475][ T31] audit: type=1326 audit(764.189:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.1.1797" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 311.453652][ T31] audit: type=1326 audit(764.189:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.1.1797" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 311.453847][ T31] audit: type=1326 audit(764.189:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.1.1797" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 311.454073][ T31] audit: type=1326 audit(764.189:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.1.1797" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=76 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 312.346043][T11678] ceph: No mds server is up or the cluster is laggy [ 313.941255][T11705] loop0: detected capacity change from 0 to 2048 [ 313.949254][T11705] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 314.517604][T11725] ceph: No mds server is up or the cluster is laggy [ 314.518725][ T11] libceph: connect (1)[c::]:6789 error -101 [ 314.518867][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 314.736076][T11734] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 314.739078][T11734] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 315.716044][ T31] audit: type=1326 audit(768.449:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11745 comm="syz.2.1821" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9935bce8 code=0x7ffc0000 [ 317.110041][ T24] libceph: connect (1)[c::]:6789 error -101 [ 317.140706][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 317.161570][T11755] ceph: No mds server is up or the cluster is laggy [ 317.225376][ T24] libceph: connect (1)[c::]:6789 error -101 [ 317.235336][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 317.541396][ T24] libceph: connect (1)[c::]:6789 error -101 [ 317.559661][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 318.414865][T11776] loop4: detected capacity change from 0 to 64 [ 318.433235][T11776] hfs: inconsistency in B*Tree (1,0,2,2,3) [ 319.270699][T11783] netlink: 'syz.4.1832': attribute type 4 has an invalid length. [ 319.612726][T11799] ceph: No mds server is up or the cluster is laggy [ 320.083851][ T31] kauditd_printk_skb: 8 callbacks suppressed [ 320.083947][ T31] audit: type=1326 audit(772.809:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11807 comm="syz.1.1843" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 320.084190][ T31] audit: type=1326 audit(772.809:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11807 comm="syz.1.1843" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 320.084373][ T31] audit: type=1326 audit(772.809:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11807 comm="syz.1.1843" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 320.084476][ T31] audit: type=1326 audit(772.809:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11807 comm="syz.1.1843" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 320.084587][ T31] audit: type=1326 audit(772.809:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11807 comm="syz.1.1843" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 320.084621][ T31] audit: type=1326 audit(772.809:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11807 comm="syz.1.1843" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 320.084653][ T31] audit: type=1326 audit(772.809:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11807 comm="syz.1.1843" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 320.084695][ T31] audit: type=1326 audit(772.809:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11807 comm="syz.1.1843" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 320.084729][ T31] audit: type=1326 audit(772.809:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11807 comm="syz.1.1843" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=76 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 321.954377][T11819] netlink: 'syz.3.1848': attribute type 4 has an invalid length. [ 323.088072][T11845] loop4: detected capacity change from 0 to 256 [ 323.090287][T11845] exfat: Deprecated parameter 'utf8' [ 323.091739][T11845] exfat: Deprecated parameter 'utf8' [ 323.118946][T11845] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d) [ 323.127736][ T26] libceph: connect (1)[c::]:6789 error -101 [ 323.127880][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 323.131759][T11835] ceph: No mds server is up or the cluster is laggy [ 323.139437][ T26] libceph: connect (1)[c::]:6789 error -101 [ 323.141519][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 323.761202][ T31] audit: type=1326 audit(776.489:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11860 comm="syz.1.1864" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15bce8 code=0x7ffc0000 [ 325.432595][ T31] kauditd_printk_skb: 65 callbacks suppressed [ 325.434847][ T31] audit: type=1326 audit(777.349:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11860 comm="syz.1.1864" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffaaedb918 code=0x7ffc0000 [ 325.630455][T11880] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 325.630699][T11880] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 325.718595][ T26] libceph: connect (1)[c::]:6789 error -101 [ 325.718751][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 325.758860][T11884] ceph: No mds server is up or the cluster is laggy [ 325.847933][ T26] libceph: connect (1)[c::]:6789 error -101 [ 325.848077][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 325.854645][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 325.854828][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 325.863509][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 325.863725][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 326.135571][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 326.135733][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 326.321001][ T31] audit: type=1326 audit(779.039:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11906 comm="syz.3.1880" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 326.321302][ T31] audit: type=1326 audit(779.049:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11906 comm="syz.3.1880" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 326.321499][ T31] audit: type=1326 audit(779.049:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11906 comm="syz.3.1880" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 326.321700][ T31] audit: type=1326 audit(779.049:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11906 comm="syz.3.1880" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 326.321907][ T31] audit: type=1326 audit(779.049:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11906 comm="syz.3.1880" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 326.322118][ T31] audit: type=1326 audit(779.059:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11906 comm="syz.3.1880" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff9b1537cc code=0x7ffc0000 [ 326.322329][ T31] audit: type=1326 audit(779.059:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11906 comm="syz.3.1880" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff9c013918 code=0x7ffc0000 [ 326.322525][ T31] audit: type=1326 audit(779.059:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11906 comm="syz.3.1880" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 326.322802][ T31] audit: type=1326 audit(779.059:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11906 comm="syz.3.1880" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 326.983599][T11896] ceph: No mds server is up or the cluster is laggy [ 327.183096][ T11] libceph: connect (1)[c::]:6789 error -101 [ 327.183251][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 327.683099][T11928] ceph: No mds server is up or the cluster is laggy [ 327.687879][ T26] libceph: connect (1)[c::]:6789 error -101 [ 327.688020][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 328.336256][T11947] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1894'. [ 328.509900][T11955] rdma_rxe: rxe_newlink: failed to add lo [ 328.707978][T11955] netlink: 'syz.0.1892': attribute type 1 has an invalid length. [ 328.708105][T11955] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1892'. [ 328.715128][T11955] loop9: detected capacity change from 0 to 7 [ 329.058227][T11955] Dev loop9: unable to read RDB block 7 [ 329.058308][T11955] loop9: unable to read partition table [ 329.058424][T11955] loop9: partition table beyond EOD, truncated [ 329.058463][T11955] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 329.213720][T11949] ceph: No mds server is up or the cluster is laggy [ 329.274728][T11969] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1901'. [ 329.831850][ T26] libceph: connect (1)[c::]:6789 error -101 [ 329.833935][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 329.837590][T11966] ceph: No mds server is up or the cluster is laggy [ 329.838768][ T26] libceph: connect (1)[c::]:6789 error -101 [ 329.838883][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 329.952524][T11977] loop1: detected capacity change from 0 to 4096 [ 330.553954][T12004] rdma_rxe: rxe_newlink: failed to add lo [ 331.214248][ T11] libceph: connect (1)[c::]:6789 error -101 [ 331.214399][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 331.214709][ T11] libceph: connect (1)[c::]:6789 error -101 [ 331.214789][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 331.269393][T12007] ceph: No mds server is up or the cluster is laggy [ 331.324862][T12010] ceph: No mds server is up or the cluster is laggy [ 331.525588][ T11] libceph: connect (1)[c::]:6789 error -101 [ 331.527596][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 332.115938][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 332.116083][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 332.172266][ T6488] Bluetooth: Unknown LE signaling command 0xfb [ 332.172469][ T6488] Bluetooth: Wrong link type (-22) [ 332.907579][T12047] ceph: No mds server is up or the cluster is laggy [ 332.910044][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 332.910192][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 333.707998][T12049] ceph: No mds server is up or the cluster is laggy [ 333.741207][T12072] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 333.744170][T12072] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 334.016603][ T26] libceph: connect (1)[c::]:6789 error -101 [ 334.016762][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 334.020012][T12081] ceph: No mds server is up or the cluster is laggy [ 334.020413][ T26] libceph: connect (1)[c::]:6789 error -101 [ 334.020539][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 334.239422][T12103] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1945'. [ 334.360267][T12108] loop1: detected capacity change from 0 to 2048 [ 334.377421][T12108] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 334.409115][ T26] libceph: connect (1)[c::]:6789 error -101 [ 334.409263][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 334.491878][T12116] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 334.498612][T12116] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 334.815411][ T26] libceph: connect (1)[c::]:6789 error -101 [ 334.815550][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 335.154032][T12105] ceph: No mds server is up or the cluster is laggy [ 335.234331][T12126] loop1: detected capacity change from 0 to 256 [ 335.235176][T12126] exfat: Deprecated parameter 'utf8' [ 335.273186][T12126] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 335.434909][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 335.436124][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 335.443418][T12133] ceph: No mds server is up or the cluster is laggy [ 335.446198][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 335.448198][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 335.930944][T12164] ceph: No mds server is up or the cluster is laggy [ 335.933398][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 335.933556][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 336.541819][T12191] ceph: No mds server is up or the cluster is laggy [ 336.715012][T12204] loop1: detected capacity change from 0 to 2048 [ 336.724595][ T24] libceph: connect (1)[c::]:6789 error -101 [ 336.724780][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 336.725954][T12204] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 336.727619][ T24] libceph: connect (1)[c::]:6789 error -101 [ 336.727745][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 336.729733][T12202] ceph: No mds server is up or the cluster is laggy [ 336.758131][T12210] loop4: detected capacity change from 0 to 256 [ 337.683144][T12239] ceph: No mds server is up or the cluster is laggy [ 338.069605][ T31] kauditd_printk_skb: 176 callbacks suppressed [ 338.101543][ T31] audit: type=1326 audit(790.729:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12251 comm="syz.4.2002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 338.111752][ T31] audit: type=1326 audit(790.739:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12251 comm="syz.4.2002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 338.121442][ T31] audit: type=1326 audit(790.739:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12251 comm="syz.4.2002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 338.131289][ T31] audit: type=1326 audit(790.739:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12251 comm="syz.4.2002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 338.140911][ T31] audit: type=1326 audit(790.739:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12251 comm="syz.4.2002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 338.150381][ T31] audit: type=1326 audit(790.739:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12251 comm="syz.4.2002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 338.160134][ T31] audit: type=1326 audit(790.739:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12251 comm="syz.4.2002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 338.160335][ T31] audit: type=1326 audit(790.739:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12251 comm="syz.4.2002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 338.160523][ T31] audit: type=1326 audit(790.749:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12251 comm="syz.4.2002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffad9537cc code=0x7ffc0000 [ 338.160662][ T31] audit: type=1326 audit(790.749:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12251 comm="syz.4.2002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffae899918 code=0x7ffc0000 [ 338.859829][T12266] netlink: 'syz.3.2007': attribute type 10 has an invalid length. [ 338.873775][T12266] syz_tun: entered promiscuous mode [ 338.905408][ T8519] bond0: (slave syz_tun): interface is now down [ 338.925446][ T612] bond0: (slave syz_tun): interface is now down [ 338.934960][T12266] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 338.951256][ T612] bond0: (slave syz_tun): interface is now down [ 338.969812][ T612] bond0: now running without any active interface! [ 339.241936][T12273] loop1: detected capacity change from 0 to 2048 [ 339.266126][T12273] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 339.445417][T12281] netlink: 'syz.3.2014': attribute type 24 has an invalid length. [ 339.534438][T12279] ceph: No mds server is up or the cluster is laggy [ 339.877849][T12295] netlink: 'syz.0.2019': attribute type 10 has an invalid length. [ 339.897549][T12295] syz_tun: entered promiscuous mode [ 339.911630][T12295] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 340.056599][T12303] loop1: detected capacity change from 0 to 2048 [ 340.067974][T12303] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 340.307597][T12311] ceph: No mds server is up or the cluster is laggy [ 340.309642][ T11] libceph: connect (1)[c::]:6789 error -101 [ 340.309787][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 340.418821][T12329] netlink: 'syz.3.2034': attribute type 10 has an invalid length. [ 340.557417][T12332] syz_tun: entered allmulticast mode [ 340.559919][T12331] syz_tun: left allmulticast mode [ 340.670571][T12339] loop4: detected capacity change from 0 to 2048 [ 340.682645][T12339] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 340.899211][T12347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 340.899443][T12347] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 340.917976][T12345] loop0: detected capacity change from 0 to 32768 [ 340.923238][T12345] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2040 (12345) [ 340.933489][T12345] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 340.933608][T12345] BTRFS info (device loop0): using crc32c (crc32c-arm64) checksum algorithm [ 340.933643][T12345] BTRFS info (device loop0): using free-space-tree [ 341.095384][ T6485] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 341.359328][T12369] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2043'. [ 341.670661][T12376] netlink: 'syz.0.2045': attribute type 10 has an invalid length. [ 341.765369][T12382] syz_tun: entered allmulticast mode [ 341.768027][T12381] syz_tun: left allmulticast mode [ 342.301427][T12406] netlink: 'syz.1.2059': attribute type 10 has an invalid length. [ 342.304145][T12406] syz_tun: entered promiscuous mode [ 342.319918][T12406] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 342.361939][T12410] syz_tun: entered allmulticast mode [ 342.364167][T12409] syz_tun: left allmulticast mode [ 342.943752][T12435] netlink: 'syz.4.2073': attribute type 10 has an invalid length. [ 342.974831][T12437] syz_tun: entered allmulticast mode [ 342.979338][T12436] syz_tun: left allmulticast mode [ 343.276904][T12454] loop4: detected capacity change from 0 to 164 [ 343.279907][T12454] iso9660: Unknown parameter 'ÿÿÿÿ' [ 343.344289][ T11] libceph: connect (1)[c::]:6789 error -101 [ 343.344530][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 343.349709][T12458] ceph: No mds server is up or the cluster is laggy [ 343.350029][ T11] libceph: connect (1)[c::]:6789 error -101 [ 343.350152][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 343.432330][T12469] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2086'. [ 343.439115][T12469] netlink: 'syz.2.2086': attribute type 10 has an invalid length. [ 344.176130][T12490] ceph: No mds server is up or the cluster is laggy [ 344.178657][ T26] libceph: connect (1)[c::]:6789 error -101 [ 344.178827][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 344.213392][T12494] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2098'. [ 344.214919][T12494] netlink: 'syz.3.2098': attribute type 10 has an invalid length. [ 344.391074][T12510] netlink: 'syz.3.2105': attribute type 24 has an invalid length. [ 344.442973][T12513] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2107'. [ 344.572604][ T26] libceph: connect (1)[c::]:6789 error -101 [ 344.572750][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 344.577860][T12520] ceph: No mds server is up or the cluster is laggy [ 344.580135][ T26] libceph: connect (1)[c::]:6789 error -101 [ 344.581999][ T26] libceph: mon0 (1)[c::]:6789 connect error [ 344.611494][T12526] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2112'. [ 344.615208][T12526] netlink: 'syz.2.2112': attribute type 10 has an invalid length. [ 344.734640][T12538] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 344.749156][T12538] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 344.782546][T12542] netlink: 1 bytes leftover after parsing attributes in process `syz.0.2119'. [ 344.782628][T12542] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 344.966956][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 344.967105][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 344.971038][T12555] ceph: No mds server is up or the cluster is laggy [ 344.973522][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 344.976063][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 345.163338][T12562] loop0: detected capacity change from 0 to 2048 [ 345.207930][T12562] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 345.226414][ T6485] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.422223][T12577] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2131'. [ 345.719666][T12588] syz_tun: entered allmulticast mode [ 345.734292][T12586] ceph: No mds server is up or the cluster is laggy [ 345.734717][ T11] libceph: connect (1)[c::]:6789 error -101 [ 345.734825][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 346.295524][ T11] libceph: connect (1)[c::]:6789 error -101 [ 346.295676][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 346.468358][T12597] GUP no longer grows the stack in syz.1.2138 (12597): 20004000-20008000 (20002000) [ 346.468596][T12597] CPU: 0 UID: 0 PID: 12597 Comm: syz.1.2138 Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT [ 346.468611][T12597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 346.468619][T12597] Call trace: [ 346.468623][T12597] show_stack+0x2c/0x3c (C) [ 346.468643][T12597] dump_stack_lvl+0xe4/0x150 [ 346.468657][T12597] dump_stack+0x1c/0x1028 [ 346.468669][T12597] __get_user_pages+0x3238/0x3408 [ 346.468694][T12597] get_user_pages_remote+0x328/0xa30 [ 346.468709][T12597] __access_remote_vm+0x1fc/0x6e8 [ 346.468720][T12597] access_remote_vm+0x48/0x60 [ 346.468731][T12597] proc_pid_cmdline_read+0x458/0x970 [ 346.468747][T12597] vfs_readv+0x53c/0x834 [ 346.468759][T12597] __arm64_sys_preadv+0x188/0x298 [ 346.468774][T12597] invoke_syscall+0x98/0x2b8 [ 346.468787][T12597] el0_svc_common+0x130/0x23c [ 346.468800][T12597] do_el0_svc+0x48/0x58 [ 346.468818][T12597] el0_svc+0x54/0x168 [ 346.468833][T12597] el0t_64_sync_handler+0x84/0x108 [ 346.468847][T12597] el0t_64_sync+0x198/0x19c [ 346.635280][T12608] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2146'. [ 346.695939][T12614] syz_tun: entered allmulticast mode [ 346.753955][T12620] loop1: detected capacity change from 0 to 16 [ 346.770818][T12620] erofs (device loop1): mounted with root inode @ nid 36. [ 346.790909][T12621] netlink: set zone limit has 8 unknown bytes [ 346.791569][T12622] ceph: No mds server is up or the cluster is laggy [ 346.791957][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 346.792094][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 346.800661][T12620] erofs (device loop1): failed to decompress -20 in[62, 4034] out[1849] [ 346.800923][T12620] erofs (device loop1): read error -117 @ 43 of nid 36 [ 347.684785][T12647] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2162'. [ 347.859353][T12656] syz_tun: entered allmulticast mode [ 348.054617][ T11] libceph: connect (1)[c::]:6789 error -101 [ 348.054778][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 348.195164][T12679] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2174'. [ 348.226490][T12682] io-wq is not configured for unbound workers [ 348.306425][ T11] libceph: connect (1)[c::]:6789 error -101 [ 348.306580][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 349.108378][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 349.115245][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 349.125154][T12665] ceph: No mds server is up or the cluster is laggy [ 349.438507][T12713] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2187'. [ 349.469414][T12718] ALSA: mixer_oss: invalid OSS volume '' [ 349.619850][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 349.621801][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 350.065502][ T55] Bluetooth: hci4: command 0x0406 tx timeout [ 350.249350][ T11] libceph: connect (1)[c::]:6789 error -101 [ 350.249504][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 350.340156][T12728] ceph: No mds server is up or the cluster is laggy [ 350.514593][T12752] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2202'. [ 350.572112][T12760] loop1: detected capacity change from 0 to 512 [ 350.595520][ T26] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 350.647169][T12760] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2207: bg 0: block 393: padding at end of block bitmap is not set [ 350.649098][T12760] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 350.649956][T12760] EXT4-fs (loop1): 2 truncates cleaned up [ 350.650886][T12760] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 350.749249][T12760] EXT4-fs error (device loop1): ext4_append:79: inode #2: comm syz.1.2207: Logical block already allocated [ 350.779882][ T6473] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.815281][ T26] usb 1-1: Using ep0 maxpacket: 16 [ 351.131975][ T26] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 351.132105][ T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 351.132214][ T26] usb 1-1: Product: syz [ 351.132464][ T26] usb 1-1: Manufacturer: syz [ 351.132574][ T26] usb 1-1: SerialNumber: syz [ 351.341784][ T26] r8152-cfgselector 1-1: Unknown version 0x0000 [ 351.343795][ T26] r8152-cfgselector 1-1: config 0 descriptor?? [ 351.646561][ T26] r8152-cfgselector 1-1: Unknown version 0x0000 [ 351.648563][ T26] r8152-cfgselector 1-1: bad CDC descriptors [ 351.657960][ T26] r8152-cfgselector 1-1: USB disconnect, device number 13 [ 351.718357][T12786] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2217'. [ 351.801320][T12791] netlink: 'syz.1.2218': attribute type 4 has an invalid length. [ 351.805815][ T6524] lo speed is unknown, defaulting to 1000 [ 352.932050][T12820] bridge0: port 2(bridge_slave_1) entered disabled state [ 352.932369][T12820] bridge0: port 1(bridge_slave_0) entered disabled state [ 353.014217][T12824] nbd: must specify a size in bytes for the device [ 353.030541][T12820] tipc: Resetting bearer [ 353.049957][T12829] netlink: 'syz.2.2232': attribute type 4 has an invalid length. [ 353.298138][T12841] xt_CT: No such helper "snmp" [ 353.342324][T12820] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 353.348725][T12820] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 354.213864][T12820] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.213934][T12820] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.213963][T12820] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.213991][T12820] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.351377][ T2294] lo speed is unknown, defaulting to 1000 [ 354.351450][ T2294] syz0: Port: 1 Link DOWN [ 354.355394][ T26] lo speed is unknown, defaulting to 1000 [ 354.373398][ T6526] lo speed is unknown, defaulting to 1000 [ 354.446893][T12855] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 354.447152][T12855] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 354.776918][T12871] netlink: 'syz.4.2249': attribute type 21 has an invalid length. [ 354.779645][T12871] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2249'. [ 355.358738][T12878] loop4: detected capacity change from 0 to 512 [ 355.472780][T12878] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2251: bg 0: block 393: padding at end of block bitmap is not set [ 355.489892][T12878] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 355.492928][T12878] EXT4-fs (loop4): 2 truncates cleaned up [ 355.500815][T12878] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 355.523041][T12878] EXT4-fs error (device loop4): ext4_append:79: inode #2: comm syz.4.2251: Logical block already allocated [ 355.544625][T12889] netlink: 'syz.3.2255': attribute type 4 has an invalid length. [ 355.592147][ T6481] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.863404][T12925] netlink: 'syz.0.2269': attribute type 4 has an invalid length. [ 357.916368][T12946] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2278'. [ 358.024181][T12954] netlink: 'syz.4.2281': attribute type 4 has an invalid length. [ 358.808684][ T11] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 358.955227][ T11] usb 1-1: Using ep0 maxpacket: 16 [ 358.958132][ T11] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 358.958214][ T11] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 359.003942][ T11] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 359.028845][ T11] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 359.053494][ T11] usb 1-1: Product: syz [ 359.074828][ T11] usb 1-1: Manufacturer: syz [ 359.079459][ T11] usb 1-1: SerialNumber: syz [ 359.639103][ T11] usb 1-1: config 0 descriptor?? [ 359.645725][ T11] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 359.648431][ T11] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class) [ 360.629834][ T11] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 360.677058][ T11] em28xx 1-1:0.0: Config register raw data: 0x35 [ 360.680419][ T11] em28xx 1-1:0.0: I2S Audio (3 sample rate(s)) [ 360.682350][ T11] em28xx 1-1:0.0: No AC97 audio processor [ 361.223838][ T11] usb 1-1: USB disconnect, device number 14 [ 361.810092][T13028] netlink: 300 bytes leftover after parsing attributes in process `syz.4.2308'. [ 363.315967][T13065] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 363.316309][T13065] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 363.336599][T13065] loop4: detected capacity change from 0 to 64 [ 364.010356][T13083] loop1: detected capacity change from 0 to 128 [ 364.014197][T13083] ufs: You didn't specify the type of your ufs filesystem [ 364.014197][T13083] [ 364.014197][T13083] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 364.014197][T13083] [ 364.014197][T13083] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 364.064108][T13083] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 364.109099][T13083] loop1: detected capacity change from 0 to 1024 [ 364.337809][T13098] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 364.343347][T13098] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 365.000570][ T31] kauditd_printk_skb: 174 callbacks suppressed [ 365.000673][ T31] audit: type=1326 audit(817.719:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.0.2340" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 365.000853][ T31] audit: type=1326 audit(817.719:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.0.2340" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 365.001463][ T31] audit: type=1326 audit(817.719:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.0.2340" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 365.001648][ T31] audit: type=1326 audit(817.719:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.0.2340" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 365.001842][ T31] audit: type=1326 audit(817.719:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.0.2340" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 365.002030][ T31] audit: type=1326 audit(817.719:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.0.2340" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 365.002228][ T31] audit: type=1326 audit(817.719:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.0.2340" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 365.002437][ T31] audit: type=1326 audit(817.729:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.0.2340" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff9f1537cc code=0x7ffc0000 [ 365.002647][ T31] audit: type=1326 audit(817.729:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.0.2340" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffa0050918 code=0x7ffc0000 [ 365.002837][ T31] audit: type=1326 audit(817.729:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.0.2340" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 366.601484][T13122] rdma_rxe: rxe_newlink: failed to add lo [ 366.637775][T13122] netlink: 'syz.4.2345': attribute type 1 has an invalid length. [ 366.637839][T13122] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2345'. [ 366.639323][T13122] loop9: detected capacity change from 0 to 7 [ 366.639805][T13122] Dev loop9: unable to read RDB block 7 [ 366.639868][T13122] loop9: unable to read partition table [ 366.639957][T13122] loop9: partition table beyond EOD, truncated [ 366.639985][T13122] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 366.736833][T13128] netlink: 'syz.2.2348': attribute type 4 has an invalid length. [ 369.567942][T13167] 9pnet_fd: Insufficient options for proto=fd [ 369.933665][T13192] rdma_rxe: rxe_newlink: failed to add lo [ 371.570649][T13237] rdma_rxe: rxe_newlink: failed to add lo [ 371.609273][T13237] netlink: 'syz.4.2389': attribute type 1 has an invalid length. [ 371.609336][T13237] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2389'. [ 371.616202][T13237] loop9: detected capacity change from 0 to 7 [ 371.618352][T13237] Dev loop9: unable to read RDB block 7 [ 371.618439][T13237] loop9: unable to read partition table [ 371.618539][T13237] loop9: partition table beyond EOD, truncated [ 371.618567][T13237] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 371.926294][ T2387] ieee802154 phy1 wpan1: encryption failed: -22 [ 373.401838][T13293] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2412'. [ 374.188167][T13297] rdma_rxe: rxe_newlink: failed to add lo [ 374.339795][T13297] netlink: 'syz.0.2413': attribute type 1 has an invalid length. [ 374.339849][T13297] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2413'. [ 374.359343][T13297] loop9: detected capacity change from 0 to 7 [ 374.372314][ T31] kauditd_printk_skb: 358 callbacks suppressed [ 374.374374][ T31] audit: type=1326 audit(826.879:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13294 comm="syz.4.2414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 374.380912][ T31] audit: type=1326 audit(826.879:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13294 comm="syz.4.2414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 374.387487][ T31] audit: type=1326 audit(826.889:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13294 comm="syz.4.2414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 374.394041][ T31] audit: type=1326 audit(826.889:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13294 comm="syz.4.2414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 374.400645][ T31] audit: type=1326 audit(826.889:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13294 comm="syz.4.2414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 374.407712][ T31] audit: type=1326 audit(826.889:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13294 comm="syz.4.2414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 374.414648][ T31] audit: type=1326 audit(826.889:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13294 comm="syz.4.2414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffad9537cc code=0x7ffc0000 [ 374.421675][ T31] audit: type=1326 audit(826.889:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13294 comm="syz.4.2414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffae899918 code=0x7ffc0000 [ 374.428901][ T31] audit: type=1326 audit(826.889:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13294 comm="syz.4.2414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 374.435789][ T31] audit: type=1326 audit(826.889:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13294 comm="syz.4.2414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad95bce8 code=0x7ffc0000 [ 374.556621][T13297] Dev loop9: unable to read RDB block 7 [ 374.556722][T13297] loop9: unable to read partition table [ 374.556836][T13297] loop9: partition table beyond EOD, truncated [ 374.556874][T13297] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 374.690341][T13307] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2417'. [ 374.699470][T13308] netlink: 'syz.0.2418': attribute type 4 has an invalid length. [ 374.843400][T13315] loop0: detected capacity change from 0 to 1024 [ 374.911517][T13315] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 375.115259][ T6485] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 375.627846][T13333] lo speed is unknown, defaulting to 1000 [ 375.628918][T13333] lo speed is unknown, defaulting to 1000 [ 375.649756][T13335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 375.651165][T13335] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 376.457588][T13346] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2431'. [ 376.476612][T13347] netlink: 'syz.0.2432': attribute type 4 has an invalid length. [ 376.693039][T13337] rdma_rxe: rxe_newlink: failed to add lo [ 376.763354][T13358] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 377.122651][T13371] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2442'. [ 377.826714][T13379] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2444'. [ 377.923101][T13386] netlink: 'syz.1.2446': attribute type 4 has an invalid length. [ 377.930867][ T6526] lo speed is unknown, defaulting to 1000 [ 377.930957][ T6526] syz0: Port: 1 Link ACTIVE [ 377.931019][ T6526] lo speed is unknown, defaulting to 1000 [ 378.406515][T13401] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2453'. [ 378.470827][T13394] rdma_rxe: rxe_newlink: failed to add lo [ 379.301866][T13416] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2459'. [ 379.476178][T13424] netlink: 'syz.4.2462': attribute type 4 has an invalid length. [ 379.843987][ T31] kauditd_printk_skb: 56 callbacks suppressed [ 379.972790][T13437] rdma_rxe: rxe_newlink: failed to add lo [ 380.487996][ T31] audit: type=1326 audit(832.559:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.3.2464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 380.488086][ T31] audit: type=1326 audit(832.559:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.3.2464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 380.488124][ T31] audit: type=1326 audit(832.559:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.3.2464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 380.488162][ T31] audit: type=1326 audit(832.559:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.3.2464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 380.488200][ T31] audit: type=1326 audit(832.559:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.3.2464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 380.488237][ T31] audit: type=1326 audit(832.569:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.3.2464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff9b1537cc code=0x7ffc0000 [ 380.488275][ T31] audit: type=1326 audit(832.569:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.3.2464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff9c013918 code=0x7ffc0000 [ 380.488312][ T31] audit: type=1326 audit(832.569:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.3.2464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15bce8 code=0x7ffc0000 [ 380.488350][ T31] audit: type=1326 audit(832.579:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.3.2464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff9b1537cc code=0x7ffc0000 [ 380.488387][ T31] audit: type=1326 audit(832.579:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.3.2464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff9c013918 code=0x7ffc0000 [ 381.779072][T13458] netlink: 'syz.1.2475': attribute type 4 has an invalid length. [ 382.018284][T13465] rdma_rxe: rxe_newlink: failed to add lo [ 382.039014][T13466] veth0_vlan: entered allmulticast mode [ 382.054154][T13465] netlink: 'syz.4.2479': attribute type 1 has an invalid length. [ 382.054229][T13465] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2479'. [ 382.055738][T13465] loop9: detected capacity change from 0 to 7 [ 382.064388][T13465] Dev loop9: unable to read RDB block 7 [ 382.064475][T13465] loop9: unable to read partition table [ 382.064576][T13465] loop9: partition table beyond EOD, truncated [ 382.064603][T13465] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 384.317742][T13499] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2492'. [ 384.361061][T13502] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 384.646433][T13510] loop0: detected capacity change from 0 to 16 [ 384.650901][T13510] erofs (device loop0): mounted with root inode @ nid 36. [ 384.656736][T13510] erofs (device loop0): read error -117 @ 0 of nid 36 [ 384.659593][T13510] erofs (device loop0): failed to readdir of logical block 0 of nid 36 [ 385.039400][ T31] kauditd_printk_skb: 206 callbacks suppressed [ 385.039485][ T31] audit: type=1326 audit(837.749:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.0.2498" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 385.039683][ T31] audit: type=1326 audit(837.749:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.0.2498" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 385.039881][ T31] audit: type=1326 audit(837.749:1747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.0.2498" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 385.040045][ T31] audit: type=1326 audit(837.749:1748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.0.2498" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 385.040475][ T31] audit: type=1326 audit(837.749:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.0.2498" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 385.040644][ T31] audit: type=1326 audit(837.749:1750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.0.2498" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 385.040810][ T31] audit: type=1326 audit(837.749:1751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.0.2498" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 385.040977][ T31] audit: type=1326 audit(837.759:1752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.0.2498" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff9f1537cc code=0x7ffc0000 [ 385.041141][ T31] audit: type=1326 audit(837.759:1753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.0.2498" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffa0050918 code=0x7ffc0000 [ 385.041301][ T31] audit: type=1326 audit(837.759:1754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13511 comm="syz.0.2498" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 387.035676][T13539] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2507'. [ 387.171238][T13547] netlink: 'syz.2.2512': attribute type 10 has an invalid length. [ 387.489727][T13559] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 388.587315][T13572] netlink: 'syz.0.2521': attribute type 1 has an invalid length. [ 388.607077][T13572] 8021q: adding VLAN 0 to HW filter on device bond1 [ 388.632361][T13572] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2521'. [ 388.667377][T13577] netlink: 'syz.3.2523': attribute type 10 has an invalid length. [ 388.753248][T13586] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 388.827955][T13593] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2531'. [ 389.357041][T13572] bond1 (unregistering): Released all slaves [ 389.368325][T13589] netlink: 566 bytes leftover after parsing attributes in process `syz.2.2529'. [ 389.970768][T13615] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.2539'. [ 390.047782][ T31] kauditd_printk_skb: 367 callbacks suppressed [ 390.047858][ T31] audit: type=1326 audit(842.789:2122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13602 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff9f1537cc code=0x7ffc0000 [ 390.047901][ T31] audit: type=1326 audit(842.789:2123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13602 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffa0050918 code=0x7ffc0000 [ 390.047938][ T31] audit: type=1326 audit(842.789:2124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13602 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=76 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 390.057764][ T31] audit: type=1326 audit(842.799:2125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13602 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff9f1537cc code=0x7ffc0000 [ 390.057830][ T31] audit: type=1326 audit(842.799:2126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13602 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffa0050918 code=0x7ffc0000 [ 390.057884][ T31] audit: type=1326 audit(842.799:2127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13602 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=76 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 390.067784][ T31] audit: type=1326 audit(842.809:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13602 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff9f1537cc code=0x7ffc0000 [ 390.067857][ T31] audit: type=1326 audit(842.809:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13602 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffa0050918 code=0x7ffc0000 [ 390.067911][ T31] audit: type=1326 audit(842.809:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13602 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=76 compat=0 ip=0xffff9f15bce8 code=0x7ffc0000 [ 390.069617][T13621] loop4: detected capacity change from 0 to 2048 [ 390.071539][T13623] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2543'. [ 390.072213][T13623] netlink: 'syz.2.2543': attribute type 10 has an invalid length. [ 390.078449][ T31] audit: type=1326 audit(842.819:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13602 comm="syz.0.2535" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff9f1537cc code=0x7ffc0000 [ 390.305608][T13621] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 390.503205][ T6481] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.543511][T13642] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.2551'. [ 390.762208][T13648] loop4: detected capacity change from 0 to 32768 [ 390.800073][T13650] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2554'. [ 390.804154][T13650] netlink: 'syz.1.2554': attribute type 10 has an invalid length. [ 391.467379][T13686] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2570'. [ 391.472728][T13686] netlink: 'syz.2.2570': attribute type 10 has an invalid length. [ 391.494167][T13689] netlink: 71 bytes leftover after parsing attributes in process `syz.4.2571'. [ 392.362715][T13718] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2584'. [ 392.364909][T13718] netlink: 'syz.3.2584': attribute type 10 has an invalid length. [ 392.884188][T13741] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2591'. [ 392.891631][T13741] xt_hashlimit: size too large, truncated to 1048576 [ 393.145857][T13759] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2593'. [ 393.344439][T13775] netlink: 'syz.2.2596': attribute type 10 has an invalid length. [ 393.898631][T13833] netlink: 'syz.1.2609': attribute type 10 has an invalid length. [ 393.981342][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 393.984274][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 393.987306][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 393.989533][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 394.245538][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 394.245686][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 394.729497][T13872] __nla_validate_parse: 4 callbacks suppressed [ 394.732009][T13872] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2621'. [ 394.736120][T13872] netlink: 'syz.1.2621': attribute type 10 has an invalid length. [ 394.751021][T13874] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.2622'. [ 394.755642][ T6526] libceph: connect (1)[c::]:6789 error -101 [ 394.755788][ T6526] libceph: mon0 (1)[c::]:6789 connect error [ 394.765840][T13837] ceph: No mds server is up or the cluster is laggy [ 395.458582][T13903] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.2633'. [ 395.469275][T13904] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2634'. [ 395.479916][T13904] netlink: 'syz.3.2634': attribute type 10 has an invalid length. [ 395.697253][T13923] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2641'. [ 395.700671][T13923] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2641'. [ 395.969143][T13933] syzkaller0: entered promiscuous mode [ 395.969222][T13933] syzkaller0: entered allmulticast mode [ 396.313412][T13909] ceph: No mds server is up or the cluster is laggy [ 396.580250][T13941] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2647'. [ 407.724745][ T55] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 407.728922][ T55] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 407.743386][ T55] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 407.750591][ T55] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 407.751062][ T55] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 407.780652][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 407.780798][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 407.882473][ T6474] bond0: (slave syz_tun): Releasing backup interface [ 408.023030][T13960] lo speed is unknown, defaulting to 1000 [ 408.029197][T13960] lo speed is unknown, defaulting to 1000 [ 408.036125][ T2294] libceph: connect (1)[c::]:6789 error -101 [ 408.039117][ T2294] libceph: mon0 (1)[c::]:6789 connect error [ 408.459667][ T8410] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.527963][T13964] ceph: No mds server is up or the cluster is laggy [ 408.541068][T13984] Cannot find add_set index 0 as target [ 408.552357][ T6464] libceph: connect (1)[c::]:6789 error -101 [ 408.552509][ T6464] libceph: mon0 (1)[c::]:6789 connect error [ 408.712176][ T8410] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.889652][ T8410] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.007557][ T8410] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.089036][T13960] chnl_net:caif_netlink_parms(): no params data found [ 409.257136][T13960] bridge0: port 1(bridge_slave_0) entered blocking state [ 409.257219][T13960] bridge0: port 1(bridge_slave_0) entered disabled state [ 409.257355][T13960] bridge_slave_0: entered allmulticast mode [ 409.258555][T13960] bridge_slave_0: entered promiscuous mode [ 409.263051][T13960] bridge0: port 2(bridge_slave_1) entered blocking state [ 409.263104][T13960] bridge0: port 2(bridge_slave_1) entered disabled state [ 409.263327][T13960] bridge_slave_1: entered allmulticast mode [ 409.265964][T13960] bridge_slave_1: entered promiscuous mode [ 409.349648][T13960] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 409.375709][T13960] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 409.448947][ T8410] bridge_slave_1: left allmulticast mode [ 409.449188][ T8410] bridge_slave_1: left promiscuous mode [ 409.450904][ T8410] bridge0: port 2(bridge_slave_1) entered disabled state [ 409.487711][ T8410] bridge_slave_0: left allmulticast mode [ 409.487785][ T8410] bridge_slave_0: left promiscuous mode [ 409.487910][ T8410] bridge0: port 1(bridge_slave_0) entered disabled state [ 409.500436][T14021] ceph: No mds server is up or the cluster is laggy [ 409.500839][ T6524] libceph: connect (1)[c::]:6789 error -101 [ 409.500954][ T6524] libceph: mon0 (1)[c::]:6789 connect error [ 409.845311][ T55] Bluetooth: hci5: command tx timeout [ 410.603835][T14058] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2678'. [ 411.145827][ T8410] team0: Port device geneve0 removed [ 411.927397][ T55] Bluetooth: hci5: command tx timeout [ 411.931221][ T8410] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 411.979496][ T8410] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 412.026618][ T8410] bond0 (unregistering): Released all slaves [ 412.038717][T13960] team0: Port device team_slave_0 added [ 412.065643][T14058] hsr_slave_0: left promiscuous mode [ 412.067793][T14058] hsr_slave_1: left promiscuous mode [ 412.154792][T13960] team0: Port device team_slave_1 added [ 412.176479][T13960] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 412.182141][T13960] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 412.185393][T13960] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 412.186849][T13960] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 412.186879][T13960] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 412.186905][T13960] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 412.391603][T13960] hsr_slave_0: entered promiscuous mode [ 412.392145][T13960] hsr_slave_1: entered promiscuous mode [ 412.392497][T13960] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 412.392538][T13960] Cannot create hsr debugfs directory [ 412.688456][T14075] rdma_rxe: rxe_newlink: failed to add lo [ 412.895501][T14103] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma? [ 413.437184][T14119] rdma_rxe: rxe_newlink: failed to add lo [ 413.478178][T14119] netlink: 'syz.0.2700': attribute type 1 has an invalid length. [ 413.478253][T14119] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2700'. [ 413.479478][T14119] loop9: detected capacity change from 0 to 7 [ 413.487788][T14119] Dev loop9: unable to read RDB block 7 [ 413.487876][T14119] loop9: unable to read partition table [ 413.488007][T14119] loop9: partition table beyond EOD, truncated [ 413.488047][T14119] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 413.647107][T14155] netlink: 'syz.0.2708': attribute type 16 has an invalid length. [ 413.647180][T14155] netlink: 'syz.0.2708': attribute type 17 has an invalid length. [ 413.758929][T14155] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 413.973010][T13960] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 414.014946][T13960] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 414.016515][ T55] Bluetooth: hci5: command tx timeout [ 414.026156][T13960] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 414.030917][T13960] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 414.160338][T14179] rdma_rxe: rxe_newlink: failed to add lo [ 414.249548][T13960] 8021q: adding VLAN 0 to HW filter on device bond0 [ 414.355728][T14179] netlink: 'syz.4.2715': attribute type 1 has an invalid length. [ 414.355797][T14179] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2715'. [ 414.359040][T14179] loop9: detected capacity change from 0 to 7 [ 414.377528][T14179] Dev loop9: unable to read RDB block 7 [ 414.377608][T14179] loop9: unable to read partition table [ 414.377718][T14179] loop9: partition table beyond EOD, truncated [ 414.377746][T14179] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 414.635534][T13960] 8021q: adding VLAN 0 to HW filter on device team0 [ 414.773258][ T6677] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.773345][ T6677] bridge0: port 1(bridge_slave_0) entered forwarding state [ 414.774257][ T6677] bridge0: port 2(bridge_slave_1) entered blocking state [ 414.774297][ T6677] bridge0: port 2(bridge_slave_1) entered forwarding state [ 414.901910][T13960] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 414.929062][T14213] C: renamed from team_slave_0 (while UP) [ 414.932618][T14213] netlink: 'syz.2.2725': attribute type 1 has an invalid length. [ 414.932711][T14213] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 415.266028][T14234] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2727'. [ 415.268122][T14234] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2727'. [ 415.293231][T14237] macsec1: entered promiscuous mode [ 415.294913][T14237] gretap0: entered promiscuous mode [ 415.436681][T14237] gretap0: left promiscuous mode [ 415.779191][T13960] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 415.906111][T13960] veth0_vlan: entered promiscuous mode [ 415.920991][T13960] veth1_vlan: entered promiscuous mode [ 415.928324][T14257] netlink: 'syz.1.2734': attribute type 22 has an invalid length. [ 415.928444][T14257] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2734'. [ 415.953900][T13960] veth0_macvtap: entered promiscuous mode [ 415.970950][T13960] veth1_macvtap: entered promiscuous mode [ 415.978377][T13960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 415.981557][T13960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 415.984432][T13960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 415.991505][T13960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 415.994366][T13960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 415.998384][T13960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.003102][T13960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.006308][T13960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.009994][T13960] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 416.018730][T13960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.018808][T13960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.018835][T13960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.018855][T13960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.018873][T13960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.018892][T13960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.018909][T13960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.018927][T13960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.019450][T13960] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 416.020808][T13960] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.020859][T13960] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.020887][T13960] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.020915][T13960] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.086010][ T55] Bluetooth: hci5: command tx timeout [ 416.390184][ T8410] hsr_slave_0: left promiscuous mode [ 416.390665][ T8410] hsr_slave_1: left promiscuous mode [ 416.391475][ T8410] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 416.391732][ T8410] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 416.392867][ T8410] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 416.392929][ T8410] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 416.453004][ T8410] veth1_macvtap: left promiscuous mode [ 416.453239][ T8410] veth0_macvtap: left promiscuous mode [ 416.453333][ T8410] veth1_vlan: left promiscuous mode [ 416.472736][ T11] IPVS: starting estimator thread 0... [ 416.575564][T14285] IPVS: using max 40 ests per chain, 96000 per kthread [ 417.029983][T14314] rdma_rxe: rxe_newlink: failed to add lo [ 417.187830][T14314] netlink: 'syz.0.2746': attribute type 1 has an invalid length. [ 417.190104][T14314] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2746'. [ 417.206924][T14314] loop9: detected capacity change from 0 to 7 [ 417.221648][T14314] Dev loop9: unable to read RDB block 7 [ 417.223734][T14314] loop9: unable to read partition table [ 417.227628][T14314] loop9: partition table beyond EOD, truncated [ 417.231198][T14314] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 418.664068][T14338] xt_hashlimit: size too large, truncated to 1048576 [ 418.716839][T14340] xt_hashlimit: size too large, truncated to 1048576 [ 418.829202][ T8410] team0 (unregistering): Port device team_slave_0 removed [ 419.157033][T14349] rdma_rxe: rxe_newlink: failed to add lo [ 421.071077][ T9549] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 421.073450][ T9549] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 421.379081][ T625] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 421.379151][ T625] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 421.570430][T14384] sctp: [Deprecated]: syz.1.2777 (pid 14384) Use of struct sctp_assoc_value in delayed_ack socket option. [ 421.570430][T14384] Use struct sctp_sack_info instead [ 421.684834][T14390] rdma_rxe: rxe_newlink: failed to add lo [ 421.831528][T14390] netlink: 'syz.0.2773': attribute type 1 has an invalid length. [ 421.831630][T14390] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2773'. [ 421.837796][T14390] loop9: detected capacity change from 0 to 7 [ 421.869642][T14390] Dev loop9: unable to read RDB block 7 [ 421.869764][T14390] loop9: unable to read partition table [ 421.870171][T14390] loop9: partition table beyond EOD, truncated [ 421.870321][T14390] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 422.823250][T14426] lo speed is unknown, defaulting to 1000 [ 422.824069][T14426] lo speed is unknown, defaulting to 1000 [ 423.354327][T14440] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 424.043446][T14461] rdma_rxe: rxe_newlink: failed to add lo [ 424.082436][T14461] netlink: 'syz.4.2801': attribute type 1 has an invalid length. [ 424.082497][T14461] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2801'. [ 424.083833][T14461] loop9: detected capacity change from 0 to 7 [ 424.133824][T14461] Dev loop9: unable to read RDB block 7 [ 424.133904][T14461] loop9: unable to read partition table [ 424.134021][T14461] loop9: partition table beyond EOD, truncated [ 424.134061][T14461] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 424.682970][ T31] kauditd_printk_skb: 515 callbacks suppressed [ 424.683460][ T31] audit: type=1326 audit(877.419:2647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14451 comm="syz.2.2802" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9935bce8 code=0x7ffc0000 [ 424.683736][ T31] audit: type=1326 audit(877.419:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14451 comm="syz.2.2802" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffff9935bce8 code=0x7ffc0000 [ 424.683923][ T31] audit: type=1326 audit(877.419:2649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14451 comm="syz.2.2802" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9935bce8 code=0x7ffc0000 [ 424.684122][ T31] audit: type=1326 audit(877.419:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14451 comm="syz.2.2802" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9935bce8 code=0x7ffc0000 [ 424.684293][ T31] audit: type=1326 audit(877.419:2651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14451 comm="syz.2.2802" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9935bce8 code=0x7ffc0000 [ 424.684467][ T31] audit: type=1326 audit(877.419:2652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14451 comm="syz.2.2802" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=76 compat=0 ip=0xffff9935bce8 code=0x7ffc0000 [ 424.692872][ T31] audit: type=1326 audit(877.429:2653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14451 comm="syz.2.2802" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff993537cc code=0x7ffc0000 [ 424.693004][ T31] audit: type=1326 audit(877.429:2654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14451 comm="syz.2.2802" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff9a1c3918 code=0x7ffc0000 [ 424.693138][ T31] audit: type=1326 audit(877.429:2655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14451 comm="syz.2.2802" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=76 compat=0 ip=0xffff9935bce8 code=0x7ffc0000 [ 424.702792][ T31] audit: type=1326 audit(877.439:2656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14451 comm="syz.2.2802" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff993537cc code=0x7ffc0000 [ 424.866099][T14471] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 425.080901][T14476] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2810'. [ 425.083599][T14476] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2810'. [ 425.331820][T14487] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2814'. [ 425.960406][T14497] rdma_rxe: rxe_newlink: failed to add lo [ 426.000457][T14497] netlink: 'syz.3.2817': attribute type 1 has an invalid length. [ 426.000511][T14497] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2817'. [ 426.007710][T14497] loop9: detected capacity change from 0 to 7 [ 426.010557][T14497] Dev loop9: unable to read RDB block 7 [ 426.010615][T14497] loop9: unable to read partition table [ 426.010724][T14497] loop9: partition table beyond EOD, truncated [ 426.010762][T14497] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 426.726683][T14505] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 426.961728][T14515] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2822'. [ 426.961836][T14515] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2822'. [ 426.971201][T14514] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2823'. [ 427.168892][T14520] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2825'. [ 427.193050][T14522] [ 427.193737][T14522] ====================================================== [ 427.195687][T14522] WARNING: possible circular locking dependency detected [ 427.197522][T14522] 6.15.0-rc2-syzkaller-gc72692105976 #0 Not tainted [ 427.199312][T14522] ------------------------------------------------------ [ 427.201191][T14522] syz.1.2826/14522 is trying to acquire lock: [ 427.202824][T14522] ffff800093071868 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c [ 427.205069][T14522] [ 427.205069][T14522] but task is already holding lock: [ 427.207068][T14522] ffff0000f4e90aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x170/0xd0c [ 427.209903][T14522] [ 427.209903][T14522] which lock already depends on the new lock. [ 427.209903][T14522] [ 427.212750][T14522] [ 427.212750][T14522] the existing dependency chain (in reverse order) is: [ 427.215273][T14522] [ 427.215273][T14522] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 427.217651][T14522] __mutex_lock_common+0x1f0/0x2604 [ 427.219293][T14522] mutex_lock_nested+0x2c/0x38 [ 427.220825][T14522] smc_switch_to_fallback+0x48/0xa7c [ 427.222434][T14522] smc_sendmsg+0xfc/0x9f8 [ 427.223818][T14522] __sys_sendto+0x360/0x4d8 [ 427.225244][T14522] __arm64_sys_sendto+0xd8/0xf8 [ 427.226869][T14522] invoke_syscall+0x98/0x2b8 [ 427.228284][T14522] el0_svc_common+0x130/0x23c [ 427.229720][T14522] do_el0_svc+0x48/0x58 [ 427.231019][T14522] el0_svc+0x54/0x168 [ 427.232277][T14522] el0t_64_sync_handler+0x84/0x108 [ 427.233852][T14522] el0t_64_sync+0x198/0x19c [ 427.235324][T14522] [ 427.235324][T14522] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 427.237461][T14522] sockopt_lock_sock+0x88/0x148 [ 427.239093][T14522] do_ip_setsockopt+0x138c/0x32c0 [ 427.240609][T14522] ip_setsockopt+0x80/0x128 [ 427.242031][T14522] raw_setsockopt+0x104/0x2a4 [ 427.243465][T14522] sock_common_setsockopt+0xb0/0xcc [ 427.245104][T14522] do_sock_setsockopt+0x2a0/0x4e0 [ 427.246679][T14522] __arm64_sys_setsockopt+0x170/0x1e0 [ 427.248360][T14522] invoke_syscall+0x98/0x2b8 [ 427.249866][T14522] el0_svc_common+0x130/0x23c [ 427.251360][T14522] do_el0_svc+0x48/0x58 [ 427.252629][T14522] el0_svc+0x54/0x168 [ 427.253960][T14522] el0t_64_sync_handler+0x84/0x108 [ 427.255494][T14522] el0t_64_sync+0x198/0x19c [ 427.256944][T14522] [ 427.256944][T14522] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 427.259032][T14522] __lock_acquire+0x17b8/0x32c4 [ 427.260562][T14522] lock_acquire+0x150/0x2e8 [ 427.262053][T14522] __mutex_lock_common+0x1f0/0x2604 [ 427.263803][T14522] mutex_lock_nested+0x2c/0x38 [ 427.265247][T14522] rtnl_lock+0x20/0x2c [ 427.266482][T14522] start_sync_thread+0xe0/0x24bc [ 427.268217][T14522] do_ip_vs_set_ctl+0x558/0xd84 [ 427.269853][T14522] nf_setsockopt+0x270/0x290 [ 427.271290][T14522] ip_setsockopt+0x118/0x128 [ 427.272746][T14522] ipv6_setsockopt+0x114/0x174 [ 427.274316][T14522] tcp_setsockopt+0xcc/0xe8 [ 427.275758][T14522] sock_common_setsockopt+0xb0/0xcc [ 427.277397][T14522] smc_setsockopt+0x1f8/0xd0c [ 427.278889][T14522] do_sock_setsockopt+0x2a0/0x4e0 [ 427.280405][T14522] __arm64_sys_setsockopt+0x170/0x1e0 [ 427.282061][T14522] invoke_syscall+0x98/0x2b8 [ 427.283537][T14522] el0_svc_common+0x130/0x23c [ 427.284994][T14522] do_el0_svc+0x48/0x58 [ 427.286298][T14522] el0_svc+0x54/0x168 [ 427.287555][T14522] el0t_64_sync_handler+0x84/0x108 [ 427.289128][T14522] el0t_64_sync+0x198/0x19c [ 427.290494][T14522] [ 427.290494][T14522] other info that might help us debug this: [ 427.290494][T14522] [ 427.293336][T14522] Chain exists of: [ 427.293336][T14522] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 427.293336][T14522] [ 427.297148][T14522] Possible unsafe locking scenario: [ 427.297148][T14522] [ 427.299158][T14522] CPU0 CPU1 [ 427.300627][T14522] ---- ---- [ 427.302136][T14522] lock(&smc->clcsock_release_lock); [ 427.303591][T14522] lock(sk_lock-AF_INET); [ 427.305515][T14522] lock(&smc->clcsock_release_lock); [ 427.307714][T14522] lock(rtnl_mutex); [ 427.308838][T14522] [ 427.308838][T14522] *** DEADLOCK *** [ 427.308838][T14522] [ 427.311099][T14522] 1 lock held by syz.1.2826/14522: [ 427.312575][T14522] #0: ffff0000f4e90aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x170/0xd0c [ 427.315663][T14522] [ 427.315663][T14522] stack backtrace: [ 427.317345][T14522] CPU: 1 UID: 0 PID: 14522 Comm: syz.1.2826 Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT [ 427.320363][T14522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 427.323143][T14522] Call trace: [ 427.324033][T14522] show_stack+0x2c/0x3c (C) [ 427.325223][T14522] dump_stack_lvl+0xe4/0x150 [ 427.326545][T14522] dump_stack+0x1c/0x1028 [ 427.327813][T14522] print_circular_bug+0x32c/0x334 [ 427.329231][T14522] check_noncircular+0x15c/0x178 [ 427.330578][T14522] __lock_acquire+0x17b8/0x32c4 [ 427.331899][T14522] lock_acquire+0x150/0x2e8 [ 427.333151][T14522] __mutex_lock_common+0x1f0/0x2604 [ 427.334570][T14522] mutex_lock_nested+0x2c/0x38 [ 427.335891][T14522] rtnl_lock+0x20/0x2c [ 427.337049][T14522] start_sync_thread+0xe0/0x24bc [ 427.338469][T14522] do_ip_vs_set_ctl+0x558/0xd84 [ 427.339887][T14522] nf_setsockopt+0x270/0x290 [ 427.341165][T14522] ip_setsockopt+0x118/0x128 [ 427.342419][T14522] ipv6_setsockopt+0x114/0x174 [ 427.343709][T14522] tcp_setsockopt+0xcc/0xe8 [ 427.344950][T14522] sock_common_setsockopt+0xb0/0xcc [ 427.346444][T14522] smc_setsockopt+0x1f8/0xd0c [ 427.347770][T14522] do_sock_setsockopt+0x2a0/0x4e0 [ 427.349134][T14522] __arm64_sys_setsockopt+0x170/0x1e0 [ 427.350617][T14522] invoke_syscall+0x98/0x2b8 [ 427.351935][T14522] el0_svc_common+0x130/0x23c [ 427.353197][T14522] do_el0_svc+0x48/0x58 [ 427.354367][T14522] el0_svc+0x54/0x168 [ 427.355397][T14522] el0t_64_sync_handler+0x84/0x108 [ 427.356908][T14522] el0t_64_sync+0x198/0x19c [ 427.789031][T14522] IPVS: Error connecting to the multicast addr [ 431.565163][ T8410] unregister_netdevice: waiting for batadv0 to become free. Usage count = 3 [ 433.365539][ T2387] ieee802154 phy1 wpan1: encryption failed: -22