last executing test programs: 6.898333702s ago: executing program 0 (id=335): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2040005, 0x1c3143) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0xfffffffe, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xb29, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x40, 0x3}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x0, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r0, 0x80089419, &(0x7f0000000280)) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000001a000000bca30000000000002403000020feffff720af0fff8ffffff71a4f2ff000000001f030000000000002e100200000000002604fdffff0200007b010000000000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000940)) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, r1, {0xfffffffa}}, './file0\x00'}) sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=@newsa={0x14c, 0x10, 0x1, 0x8000000, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {@in=@broadcast, 0x0, 0x33}, @in=@local, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x5680000000}, {0x10, 0x9}, 0x0, 0x0, 0x2, 0x1}, [@algo_auth={0x48, 0x1, {{'sha256\x00'}}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xfffffffe}, @mark={0xc, 0x15, {0x35075c, 0x6}}]}, 0x14c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) 5.634088463s ago: executing program 2 (id=343): mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2, 0x1) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10408, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b7db000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e83a02650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0) flock(r2, 0x6) 5.606559521s ago: executing program 0 (id=344): socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @vbi={0x6, 0x2, 0xc7a, 0x38414762, [0x3, 0x7], [0x2, 0x6], 0x2}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0) read$msr(r0, &(0x7f0000019540)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = getegid() fchown(r0, 0x0, r2) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xaf) prctl$PR_SET_SECUREBITS(0x1c, 0x1d) syz_open_dev$usbfs(&(0x7f0000000480), 0xd, 0x141341) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00'}) socket(0x10, 0x80002, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000280)=0x1) ioctl$TCXONC(r4, 0x540a, 0x2) 4.558155683s ago: executing program 0 (id=346): openat$ptmx(0xffffffffffffff9c, 0x0, 0x40980, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$TUNSETLINK(r1, 0x400454cd, 0x118) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1c00000e01000b00000014"], 0x36) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x1) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) socket(0x1d, 0x2, 0x6) openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYBLOB="3f00000006020400300012800b000100627275"], 0x50}, 0x1, 0x4000, 0x0, 0x44000}, 0x0) 3.637458174s ago: executing program 3 (id=348): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="0e00010002"], 0x8) (fail_nth: 2) 3.588770273s ago: executing program 3 (id=349): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18) connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x0, 0xff}}, 0x18) sendmmsg(r0, &(0x7f000000a200), 0x3ffffffffffff31, 0x60000800) connect$can_j1939(r0, &(0x7f0000000a40)={0x1d, r1, 0x1, {0x0, 0xf0, 0x1}, 0x2}, 0x18) 3.507960478s ago: executing program 3 (id=350): r0 = openat$kvm(0xffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x37) shutdown(r1, 0x1) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) 3.330565048s ago: executing program 3 (id=351): bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x7, 0x4, 0x900, 0x5, 0x28}, 0x50) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000000)={'ip6gre0\x00', 0x0, 0x29, 0x9, 0x3, 0x6, 0x58, @private0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1, 0x7800, 0x2, 0x5}}) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0) r3 = socket$inet(0xa, 0x801, 0x84) listen(r3, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000000c0)={0x0, 0x0, 0x79}, 0x8) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000300)=@newqdisc={0x24, 0x24, 0x100, 0x1800001e, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x4}, {0x8, 0x5}, {0xe, 0x4}}}, 0xfffffffffffffe09}, 0x1, 0x0, 0x0, 0x4048005}, 0x20000000) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000340)=[{0x20, 0xc, 0x77, 0xfffff038}, {0x6, 0x0, 0x0, 0x2}]}, 0x8) sendmmsg(r1, &(0x7f0000001c00), 0x400000000000159, 0x40840) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$vim2m(0x0, 0x41d3, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1}) ioctl$vim2m_VIDIOC_DQBUF(r4, 0xc044560f, &(0x7f0000000380)=@mmap={0x0, 0x1, 0x4, 0x0, 0x7, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "37bb54f0"}}) syz_clone3(&(0x7f0000000080)={0x1000, &(0x7f0000000040)=0xffffffffffffffff, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) pidfd_getfd(r5, r5, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=@can_newroute={0x44, 0x18, 0x1, 0x70bd29, 0x25dfdbfd, {0x1d, 0x1, 0x6}, [@CGW_MOD_XOR={0x15, 0x3, {{{0x0, 0x1}, 0x7, 0x0, 0x0, 0x0, "63c36d06f388c8fb"}, 0x2}}, @CGW_MOD_SET={0x15, 0x4, {{{0x3, 0x1, 0x0, 0x1}, 0x0, 0x6, 0x0, 0x0, '\t\x00'}, 0x1}}]}, 0x44}}, 0x0) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500), 0xc) 2.464759162s ago: executing program 3 (id=354): mlock(&(0x7f0000a74000/0x1000)=nil, 0x1000) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') mount$bpf(0x0, &(0x7f0000000ac0)='.\x00', &(0x7f0000000b00), 0x400008, &(0x7f0000000080)={[{@gid={'gid', 0x3d, 0xee00}}]}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) pread64(r1, 0x0, 0x0, 0x101) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0) bind$pptp(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x2, {0x1, @multicast2}}, 0x1e) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x10000, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x8}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='cubic', 0x9) mbind(&(0x7f00001e7000/0x2000)=nil, 0x2000, 0x8003, &(0x7f0000000000)=0x9, 0x3, 0x2) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00') madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) read$FUSE(r5, &(0x7f00000007c0)={0x2020}, 0x2020) r6 = socket$netlink(0x10, 0x3, 0x0) writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f3f000000170a001700000000040037000d000300013325", 0x2b}], 0x1) lseek(r0, 0x10001, 0x0) 2.445176906s ago: executing program 2 (id=355): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x800) socket$nl_audit(0x10, 0x3, 0x9) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff0800090000000000080011000000000008000e00800000000800", @ANYRES64=r1], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 2.321626575s ago: executing program 2 (id=356): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000140)=0x4) 1.457984083s ago: executing program 2 (id=357): fcntl$setsig(0xffffffffffffffff, 0xa, 0x21) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x800, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x73, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa12, 0xffffffff}, 0x0) waitid(0x2, 0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0) mlock(&(0x7f0000646000/0x3000)=nil, 0x3000) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r4 = mq_open(&(0x7f0000000000)='eth0\x00', 0x42, 0x0, 0x0) r5 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x11, 0x0) r6 = syz_io_uring_setup(0xce, &(0x7f0000000480)={0x0, 0x1b69, 0x800, 0x0, 0x335}, &(0x7f0000000080)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f0000000300)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r4, 0x3, 0x0}) io_uring_enter(r6, 0x47ba, 0x98f1, 0x20, 0x0, 0x0) mq_timedsend(r5, 0x0, 0x0, 0x6, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000380)={'pimreg\x00', 0x5005}) write$tun(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="00030800ed0619000c0047510fa2006600000d2f90787f000001e000000186060000000300000421880b00000001080008000c0086dd080088be00000002142845080100000000000002080022eb000000012705690102000000000000020002990808006558000000036c281ca6af69b2c81e673b56732f8e1fce0dc4013df1cc589d0e1600b756cc38adabb1441bbf31392bf902003f143613f4f718d181bc5b730b10b7ed60e5aa8e74442f36b9f2af2cf28520cdf06c0fb80a701816a774d281e6dbc3ddb3fbe032fda9784231ae7d4c2db388a8960a7fa4580c9970cfd851244a356410458a5cb4fcbaf163b7a2f527597dbe71c15abe3d6c757ea8ba5b22f7a4629df8e438511fe1690a8117970c1ea61442fbb3bfe5c348138093bc2a53daeba108c57d98fc236d6d97f2fb149378f154de945eba6d9a8ac1887bef8fe22de3ddf5e8f07f86ea1918ee63338bbe357ee7edb2a953721232018b67fc9d5a2580dc7a4c8aa2268a5d490be84712fbf93dfffb498e5752d873438a4a5eb8bcbf8b724ecf09899b59b9c726d9772b337a7c6f50c969e5a78aa1939b7805d0a6e57ed474d7ff9e2a151538d0cae4b3ab638ed29f57060fa1ce535d297321748e915356689f377fd86b63837f12c2110b8697de321da59219d15653ab3b40c5c61123d367de347e30fffa61a2aeb311a21da82579cbe483479e53692519d0e87eedb9d1ab2d02366316383ecc2efd9057f97ecf1748961a2a9a0555276b241458c8a966aaf976684c31a2ae59a3fc6eeea6ef4f40938491f9fd2e3b3190d1b3ccf9e1222b23a1a00737a3bcfa930c6c3652fe8d9d2d2d84ead8b99c53d20ab5673b4608adf6898b0273b202c2b06324f687b602bb98c93a563187cb7b9eeb7f4d18d7ddcf803c6d592983dcbeeab893f809829d1368c456ec796b82086248d2341041f05bbc14af84378f75caaef5b439ab90054f7540a22ebd0043515da40a8b6da103b469c4442d0df76f03d9dcd43cadf88eacdbcec59ea7792884bc038f69a995aedfe97372cac67c0898c6fa71fff10a26d3a6f36b9224f61332246a0f84ae2d5f13d9b18e11bbe2829fde0c7f157073da9e9c9912ef6e87505474a3d0123ed542acca43764c27437d975819a161857b320f4003f60da53e3c1e287b4d9238dc5460861ee145f5b71f9fe832c6da25779f94ec7e5fdd74ac2265b4ef2e64dab59b8682667ea4cb42c41e6a6a16d30e4f890361b56f4e4a8632967edab7fee129bec73830c55ec49e1ebd76b37ef83e6cb5712d3baa08e3ea0b58ae799ac0dce7778504e74b4106915ae53ced0607b2f82fa3051086c2b7381bdcc74b4fd9b9870b51da18672d8c070c2b996f9f04c86c9c4d43c0171da15182ba62919993c81f465eb5646a1e576e9f02fbe83609e518e57849ce1bfc6c5918819e96a1567dc67ffdd3451e80a75dc7dd17d716721380ccb619e8525d65190cf5c0539b1069c6db79d51b717d53f206631685af56a91d075f525d5c48a37befb9d71edfb38459e21143bf33f50806e1ead2391d6b3b5d551f4409667f995fdd3970d0b0b493f723cd9623e17516b2795062454628e3a9cce41c9c9118a921692f437fc2df7c75f9827aca01a1f1f8e0d692ecc85dee316a524cca2ac38c00cfae8e297f78d96197d912cd43e2aba0e49e641aafedbe6985a5b288d224fba3e52cf0f155414ebaa5252d9012f975b9facb40eb41d78fbb42a31a156e98b45782aa1718bdb7dba63b1d89b01940a07d0f6c72f589a3166533ae230c51e38ada77024acd1d474ad574a28cf953528ce124c67652cf4ce78315f53d7674dc81eaae2482226383141634357b5d166055d51de5d2958f4808f873b7489aba19f67b76c366a5ee58eb58fdf0d2c42723c5ac14b5b3491dd0beab2d8904af5158ec1c380555e1becc989a712fd1d31b22621cfebb46efe520276e95c066a91250fd6707eef3325785fd2556972793e9b95c27b8c248e5e1485aae843a8571d7a6df2d170851df7e00394291f1712e10287aab9fb7e05504a5f079f6845771abb88fcd05998d927f8aa25af0070c312c9d66bfc1509607c46391d8be07da9ddf5d80a84f78a5f7ea23014e837bd4e0733336d215f95e9610fb239118695934b8fd2babd6bee50db5658a8eea37966e4d5775e4c0b3f051d5d03f79797ab212bc0b8aa8beeb12c52c89d3f3d5f00da4a300e48d16479321262cf0b06377f6927ab7b2d78f7f776b2857684f56281cb2b91287967e72ab9daed371d1d046bfedc1937cde2db24c559f9b963da800ce232ff8b6b3fa50dc6b54d14c65518a182431803b6f12bf0ee2004fe703e86adcd826654203ca1d74a28901a20484a8f484dc8d354be090e0289866a13dbfc8f9b967e0acc018e9426f4aba5e8f62d6fbd7aea97f57e510889109989c13468ca739e7c16b081e68ded4ba62336e3f0da49e4ad6bed0ee05cf59e641d98a5a39d2dc3ed155607ee1656d54d8546ca1d046fea4ff330581a422de0ee95dbb6a2a369d16639d0f4a3ad995fa74cf10339dc0689348fa5a11b0a44592248ae59fa60bc50c31c48573fed7539dbc451697f0057c3d585866382d6050d802d22cceec270fd31b35c1430275000f3ebd9bfe7a346d9643ecff99c940c9e4f9a9e6745c4012404e74a1a4a3041ca2871fac33e6774300b1e264d77c7240ef68e7819acde82e8487555955e4549e2a09475aba300596f11de1b9c731c363fb7559a0f4576c1ba7a239490194d9fef85711cfc6c4784a1253fce5c66dcb013be354cfbe33aa16fa11c57d132b006db1310632d4ad36ba89e42872f7119a3559b8878a0566a18d57a7fd779236eab1a240f05dc4e0aaa9821efe6d69d0c1e46e8e1be55d12fe561e1eabd2bd62f92784ff62543fc19ce255a531a2a9d8cd581f9dcfbf1840cfec06f907bcaaa8b869a924fc49ec7943eb228cda14fe18f6c2779e0ac8926bd179af732b6d6097c4704cfc93eb952721e00cfec60b80290f2b669acca7d395e982c50b28acb2891a169924732361266ffc1dcbf6328cb66930a5767af49d408b1b43e43ff9ac6b9d996cdf194af8905f63e5375ee5d8cc507cf693589e82d6e3bea879b4602c72ce72376d4729e6b3452eaf238066fb4de979998f95bad095e8a743c806f636a2d920d28848a65ad658db973680d83c220d00bd9934ee9cb0855c1fcce8f3906bb42437fcbc0c32faea7d1b8cf3dd08735e8317447eb026be9a128a2fdf1756ac400c9ecc1d7dbc58eaad009d7691e345f302bf2013a9e0e7fb84a3c0ae4f0a87ac88ba530b0fcdbcde19c2c5c9f6c27a029eab82ae5783be5682bc78ed58f663864b9bcb0aac99d8697579e279ac118275d35aaab7fe16ccc53744aa0e114659bf0aa035aa004593fd7ccac065395d57cfad3a240912ca6cec7c2de2506931640a07eceb8d11e4a3bdc8739b4b77270dbc769b3f0ce83720a0337e1bf9a2e84ecd60bbb32f5618b7447a0295784d296d3bb36be053bb8627c6857c24c4240aff6a8c00b83cc8a147d8e859262dde72a8e3c889ba09e2734304dd62ed8fd5bc90c0380904f4ef1fa147777a0186af2453ceb099909cb1639f16921f54d5f472e27157db291344759e08ad658615a58422ad7ceff39cdcb1666fe5bec61b8abce3b2a534c553e75616a18479cc32a560a5bd064042dd11756e4a36c1c03c5c2cad2ba4df9be073382e68d9a0bbe55729b847f5d9b6b168bf972f889425b5360e0aaaf9d2bdfef7c0b3ae1adc754cb8e914b1dea770f5c24114800476d27c10e115c178d1376df58c0e570f0908f64e82272682a5f7b41f7cb51c6d3c9e09ab0eeb7d09722f2aa2105801ad32452679ccf87933fa885b02eb023909852a422bd74483d5d7de04b4e2f623e450725751db743010027bacda092c621ccd981fda4a0f4150a8a2040273d3a7ea14c1d368a20d0db6cc62a276c50360f0f12f61b322f2c5051de1b98365a8cdc5b5a0bbd1425b5b0be770e3e3da5d464c766c7c4c485d4280043799f7b20942061b3f9e57accae3703e68b4ef98dc73c15152bfc21115caf402fd4e100b60ec65c3b49e44cf8b3043e85e4c0631d240f2097fd23c0469c4e5c1f7346dc0aa4530250ab6987b020d691ae566dfdebb3752db8ac45740959c6c31b37fc37e202e43c93fc83e8ae3b46cfb808ff1b4e2901487f661edb20973c24db0a34df8e62a9550b54b1a2e84bed8b4292d416ed590455741566dd28b021a69a489a096e97e04c9eb639f83a6f2bef9e0f1ce21ce7251c6a1dc88b5e67b1cfb8f8c917dc6f5d5b8181046e70786dd8fb48b3c23140625050d64bbb66f6dc86afbb9bb2e0a7d62856a7d8a205ea631e6709c40aa2c2e4ae97ac4c5d1ace85cc42438842ab3469f72a34aeef42b26cb3a0d1a0d3ab7e7a4f4aa155be86d03ed743258d391df54eec2d802e316dfc564859eafb1b021f20cba99a9102641e30c6cfca2c1a43a7fa5791f25575eb1e5b4d85ed3e5d42f8f03f64095737b2ea7422f6dcdbcf68040a11e0e3025fdfd9bddae0fc4f531c956ef03059cf5ebb6889408dbf4c71f1dbb31cf6d4e8aa5f9fe4d78ff1963e5286ebeba05eb5a25d87d9095b321eef41cf06cbaa4f93f81846aaa8a5e67cab517eef4d646fb45b5441ec4f666d67edc79dd7b59bdef5fb0dc682114afaf094699333174c1c31e316510f80cba569b9524c1396b2c8630b32fa26751c5fea5bd6713028cc89554cfa3337d10ea257e36cd107fbd41cca03901bcead871fe41b18dcf1338927e95fe367bce6e3e108ee0e1a1fb66c712b769f524cf4f16a91ed7f1cf451e238b24d6dce5e2453f22145a7ee7a8ac756aec6c824ccb7c50df7d1eeb87f511f56b6db5a131eaeb725585ef1636aa439498423d5f9ee6aae35d65996a4191f3ded1413bc7f605430920d0551e2e1aa4a24a6c811cf971f254e1269a5f10c4b1a2a952f469dec044ac6dd90d2a5893c9719e675c33419876fb92ffa92b6fcbf77ffb39d51df19c5d0921e6ebe35bb7349f8486296ab0194485578b606d8d6572baaba169249eb6d2b8fca8f0712f83e7c0dcf1a2f03dc5223afbc5702569197ac19959bcb6490c0cda65948f3b6bddedf06718fac1622c5e02b8464da91fd7209ac98187b41eb87a65027b08a763882b48d9659c84140b83f97b33a2e707a708ca82c927d6be8eca09d1d828545454af9baeab837c0dcb53e17fcc4089c8d122713a3b9954df11efb5d50a31648af9995ce46099db6d6bf7067f8f3dd6bb2b5558f080af414d121803b7ee44ed59046af5c1e721002b783d8aafd0f2482be8b34db271ad6528666d951586601a0589e3d6f90804da1db71e179241099d2e4ed45fe41a950475710643b8897fe9cd8dda28a4f93771fba0ab22fe53af42d35fbdd094703cb1ffb9f5394c77a81c9e5cd2c045509b677117b6eb1be2d15e2fea89d31b01ca2080d3784328f0e2609124bd73011ade2660d46a73a51bac7d2f4223e9351d5d19855893348095bf2b24789410f97a5ef0d632672a6e49153cd8d849ef660acbad7d20c6da951057642072d38ffb36f8c93e0f53c8ae8f3f3c57e01c45f07d4fb7fa1eb67860b69a51088612ee12743d563eb782eef787970178c28b18f1e3965fabb9f27a3718dd536736b8ea8ceaa0f61f26d997b0f261a82c79b1ae3de59373ff055aee7d8f431247eeeaabaa81f77cda91aea7fb8c627cfeb97e6ee27cd387f67bc9f7908edc00519289405ef9399d86d26613de021e7ca76e59f39b0f17d9babd965154b96faa0c176d65aed3b8e0204933cd04e1951ea2a41a3a24a31dc867c212bfcaf7cbc9d51da1bfdd7d90aefa96ba63222811a0ffeba5220ee37ecabff9452f52"], 0xfac) socket$netlink(0x10, 0x3, 0x0) socket$can_raw(0x1d, 0x3, 0x1) syz_open_dev$video(0x0, 0x8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x14) 1.457187517s ago: executing program 0 (id=358): socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @vbi={0x6, 0x2, 0xc7a, 0x38414762, [0x3, 0x7], [0x2, 0x6], 0x2}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0) read$msr(r0, &(0x7f0000019540)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = getegid() fchown(r0, 0x0, r3) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xaf) prctl$PR_SET_SECUREBITS(0x1c, 0x1d) syz_open_dev$usbfs(&(0x7f0000000480), 0xd, 0x141341) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) socket(0x10, 0x80002, 0x0) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_aout(r6, &(0x7f0000000340)=ANY=[], 0xff2e) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280)=0x1) ioctl$TCXONC(r6, 0x540a, 0x2) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000100)) sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0x9, 0x7}}}, 0x24}}, 0x0) 1.330948729s ago: executing program 1 (id=360): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r0, 0x0, 0x0) unshare(0x22020400) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x822c}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write(r4, &(0x7f0000000340)="5c000000010003", 0x7) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x6, 0x0, 0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', &(0x7f0000000380)='./file0/file0\x00'}) io_uring_enter(r1, 0x3516, 0x4, 0x0, 0x0, 0x0) 882.41037ms ago: executing program 1 (id=361): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00') read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020) 814.442515ms ago: executing program 1 (id=362): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETLOCK(r0, &(0x7f0000000a00)=ANY=[], 0x200002e6) fcntl$setpipe(r0, 0x407, 0x7000000) 609.745731ms ago: executing program 1 (id=363): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00') read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020) (fail_nth: 2) 547.64836ms ago: executing program 3 (id=364): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x22, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xfffffffffffffea1, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x9}, 0x80}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x6) socket$netlink(0x10, 0x3, 0x15) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) pipe(0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) sendto$inet6(r4, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) shutdown(r4, 0x1) r5 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) preadv(r5, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/98, 0x62}], 0x1, 0x0, 0x0) fcntl$setownex(r5, 0xf, &(0x7f0000000280)={0x2, r0}) close(r5) r6 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101) r7 = dup(r6) write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c) ioctl$SIOCGIFMTU(r7, 0x8921, &(0x7f00000001c0)={'syzkaller0\x00'}) 488.175737ms ago: executing program 0 (id=365): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="180000000100ffff000000000000000085000000ae00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0xcbfc0f2606956c3f, 0x1, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r0}, 0x18) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x5, 0xc8, 0x1}}}, 0x7) 487.818907ms ago: executing program 1 (id=366): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_RESPONSE_INTVL={0xc, 0x22, 0x6}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000000)) 437.741598ms ago: executing program 0 (id=367): openat$ptmx(0xffffffffffffff9c, 0x0, 0x40980, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$TUNSETLINK(r1, 0x400454cd, 0x118) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1c00000e01000b00000014"], 0x36) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x1) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) socket(0x1d, 0x2, 0x6) openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYBLOB="3f00000006020400300012800b000100627275"], 0x50}, 0x1, 0x4000, 0x0, 0x44000}, 0x0) 437.191739ms ago: executing program 1 (id=368): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x7, 0x4, 0x900, 0x5, 0x28}, 0x50) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000000)={'ip6gre0\x00', 0x0, 0x29, 0x9, 0x3, 0x6, 0x58, @private0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1, 0x7800, 0x2, 0x5}}) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, 0x0, 0x0) r5 = socket$inet(0xa, 0x801, 0x84) listen(r5, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000000c0)={0x0, 0x0, 0x79}, 0x8) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000300)=@newqdisc={0x24, 0x24, 0x100, 0x1800001e, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x4}, {0x8, 0x5}, {0xe, 0x4}}}, 0xfffffffffffffe09}, 0x1, 0x0, 0x0, 0x4048005}, 0x20000000) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000340)=[{0x20, 0xc, 0x77, 0xfffff038}, {0x6, 0x0, 0x0, 0x2}]}, 0x8) sendmmsg(r3, &(0x7f0000001c00), 0x400000000000159, 0x40840) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_open_dev$vim2m(0x0, 0x41d3, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1}) ioctl$vim2m_VIDIOC_DQBUF(r6, 0xc044560f, &(0x7f0000000380)=@mmap={0x0, 0x1, 0x4, 0x0, 0x7, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "37bb54f0"}}) syz_clone3(&(0x7f0000000080)={0x1000, &(0x7f0000000040)=0xffffffffffffffff, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) pidfd_getfd(r7, r7, 0x0) socket$nl_route(0x10, 0x3, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000001a80)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r1, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r8}, 0xc) 237.219687ms ago: executing program 2 (id=369): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r0, 0x0, 0x0) unshare(0x22020400) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x822c}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write(r4, &(0x7f0000000340)="5c000000010003", 0x7) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x6, 0x0, 0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', &(0x7f0000000380)='./file0/file0\x00'}) io_uring_enter(r1, 0x3516, 0x4, 0x0, 0x0, 0x0) 0s ago: executing program 2 (id=370): r0 = dup(0xffffffffffffffff) getsockname$qrtr(r0, &(0x7f00000001c0), &(0x7f0000000200)=0xc) socket(0x2, 0x80805, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) r4 = socket$kcm(0x2b, 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x2, 0x0, 0x0) sendmsg$inet(r4, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000c08d) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="d80000001e0081054e81f782060000000000000006007c095dd2466518000e800a00142603600e1208000f0000000406a80016c00800094014000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791433a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad909d5e1cace81ed0bffece0b42a9eca0200e6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:9916' (ED25519) to the list of known hosts. [ 48.909483][ T5933] cgroup: Unknown subsys name 'net' [ 49.063171][ T5933] cgroup: Unknown subsys name 'cpuset' [ 49.069728][ T5933] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 50.066917][ T5933] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 53.944214][ T5960] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 53.947996][ T5962] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 53.953384][ T5960] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 53.955920][ T5965] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 53.957002][ T5959] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 53.959035][ T5965] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 53.962974][ T5959] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 53.965660][ T5961] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 53.967193][ T5959] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 53.969484][ T5961] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 53.972156][ T5965] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 53.972657][ T5959] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 53.973239][ T5959] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 53.980115][ T5959] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 53.981289][ T5965] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 53.984888][ T5303] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 53.985585][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 53.986267][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 53.986952][ T5965] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 53.987958][ T5965] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 54.277358][ T5957] chnl_net:caif_netlink_parms(): no params data found [ 54.318856][ T5950] chnl_net:caif_netlink_parms(): no params data found [ 54.355271][ T5963] chnl_net:caif_netlink_parms(): no params data found [ 54.477396][ T5957] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.480834][ T5957] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.483513][ T5957] bridge_slave_0: entered allmulticast mode [ 54.486409][ T5957] bridge_slave_0: entered promiscuous mode [ 54.490396][ T5952] chnl_net:caif_netlink_parms(): no params data found [ 54.510612][ T5957] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.513049][ T5957] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.515490][ T5957] bridge_slave_1: entered allmulticast mode [ 54.518183][ T5957] bridge_slave_1: entered promiscuous mode [ 54.567692][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.571085][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.574045][ T5950] bridge_slave_0: entered allmulticast mode [ 54.577245][ T5950] bridge_slave_0: entered promiscuous mode [ 54.607304][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.610677][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.613408][ T5950] bridge_slave_1: entered allmulticast mode [ 54.616144][ T5950] bridge_slave_1: entered promiscuous mode [ 54.620418][ T5957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.623891][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.626241][ T5963] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.628774][ T5963] bridge_slave_0: entered allmulticast mode [ 54.631473][ T5963] bridge_slave_0: entered promiscuous mode [ 54.651728][ T5957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.655959][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.658364][ T5963] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.661242][ T5963] bridge_slave_1: entered allmulticast mode [ 54.664079][ T5963] bridge_slave_1: entered promiscuous mode [ 54.688315][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.697706][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.720722][ T5963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.739564][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.741946][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.744323][ T5952] bridge_slave_0: entered allmulticast mode [ 54.747347][ T5952] bridge_slave_0: entered promiscuous mode [ 54.751780][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.754435][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.756759][ T5952] bridge_slave_1: entered allmulticast mode [ 54.759750][ T5952] bridge_slave_1: entered promiscuous mode [ 54.763417][ T5963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.768076][ T5957] team0: Port device team_slave_0 added [ 54.772186][ T5950] team0: Port device team_slave_0 added [ 54.791765][ T5957] team0: Port device team_slave_1 added [ 54.794766][ T5950] team0: Port device team_slave_1 added [ 54.814623][ T5963] team0: Port device team_slave_0 added [ 54.825496][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.832524][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.837375][ T5963] team0: Port device team_slave_1 added [ 54.882856][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.885246][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.895164][ T5957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.901145][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.904239][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.915593][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.922177][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.925283][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.935405][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.941044][ T5963] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.944074][ T5963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.955383][ T5963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.961346][ T5952] team0: Port device team_slave_0 added [ 54.964081][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.967087][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.978030][ T5957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.995535][ T5963] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.998651][ T5963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.009741][ T5963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.015599][ T5952] team0: Port device team_slave_1 added [ 55.031025][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.033354][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.042360][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.050148][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.052426][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.061458][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.141235][ T5950] hsr_slave_0: entered promiscuous mode [ 55.144238][ T5950] hsr_slave_1: entered promiscuous mode [ 55.150243][ T5952] hsr_slave_0: entered promiscuous mode [ 55.152638][ T5952] hsr_slave_1: entered promiscuous mode [ 55.154759][ T5952] debugfs: 'hsr0' already exists in 'hsr' [ 55.156689][ T5952] Cannot create hsr debugfs directory [ 55.170372][ T5963] hsr_slave_0: entered promiscuous mode [ 55.173695][ T5963] hsr_slave_1: entered promiscuous mode [ 55.176740][ T5963] debugfs: 'hsr0' already exists in 'hsr' [ 55.179720][ T5963] Cannot create hsr debugfs directory [ 55.187884][ T5957] hsr_slave_0: entered promiscuous mode [ 55.190388][ T5957] hsr_slave_1: entered promiscuous mode [ 55.192640][ T5957] debugfs: 'hsr0' already exists in 'hsr' [ 55.194679][ T5957] Cannot create hsr debugfs directory [ 55.515205][ T5963] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 55.521512][ T5963] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 55.525933][ T5963] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 55.538971][ T5963] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 55.571525][ T5952] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 55.576084][ T5952] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 55.580906][ T5952] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 55.586860][ T5952] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 55.648319][ T5957] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 55.655175][ T5957] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 55.661198][ T5957] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 55.666077][ T5957] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 55.741214][ T5963] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.752526][ T5950] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 55.759882][ T5950] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 55.767932][ T5950] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 55.774741][ T5950] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 55.795501][ T5963] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.812787][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.815439][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.819851][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.822421][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.841930][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.847378][ T5957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.896871][ T5957] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.903202][ T5952] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.927508][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.930826][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.934913][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.937369][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.953449][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.956267][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.960552][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.963488][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.989441][ T5955] Bluetooth: hci0: command tx timeout [ 55.994959][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.013230][ T5950] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.031882][ T764] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.035064][ T764] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.044347][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.047543][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.058740][ T5955] Bluetooth: hci1: command tx timeout [ 56.059176][ T5960] Bluetooth: hci3: command tx timeout [ 56.059224][ T5965] Bluetooth: hci2: command tx timeout [ 56.095123][ T5963] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.140048][ T5963] veth0_vlan: entered promiscuous mode [ 56.152482][ T5963] veth1_vlan: entered promiscuous mode [ 56.173008][ T5963] veth0_macvtap: entered promiscuous mode [ 56.177072][ T5963] veth1_macvtap: entered promiscuous mode [ 56.205444][ T5963] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.212587][ T5957] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.225227][ T5963] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.231265][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.242798][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.252133][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.258554][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.276383][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.282299][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.319319][ T5957] veth0_vlan: entered promiscuous mode [ 56.334000][ T5957] veth1_vlan: entered promiscuous mode [ 56.364931][ T5952] veth0_vlan: entered promiscuous mode [ 56.378082][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.380862][ T5952] veth1_vlan: entered promiscuous mode [ 56.382361][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.402781][ T5957] veth0_macvtap: entered promiscuous mode [ 56.408130][ T5957] veth1_macvtap: entered promiscuous mode [ 56.412175][ T5950] veth0_vlan: entered promiscuous mode [ 56.412794][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.418152][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.422845][ T5950] veth1_vlan: entered promiscuous mode [ 56.434435][ T5952] veth0_macvtap: entered promiscuous mode [ 56.446045][ T5952] veth1_macvtap: entered promiscuous mode [ 56.454332][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.467400][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.470385][ T5963] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 56.482644][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.500444][ T5950] veth0_macvtap: entered promiscuous mode [ 56.508332][ T764] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.513288][ T764] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.542354][ T5950] veth1_macvtap: entered promiscuous mode [ 56.551124][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.554347][ T93] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.557363][ T93] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.589613][ T46] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.593825][ T46] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.610300][ T46] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.615016][ T46] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.626347][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.659310][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.669023][ T764] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.673072][ T764] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.702739][ T93] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.714494][ T93] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.738718][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.742257][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.742741][ T93] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.758898][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 56.766901][ T93] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.773855][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.785238][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.825852][ T93] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.830992][ T93] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.849583][ T764] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.852332][ T764] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.904981][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.910620][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.993237][ T6044] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 57.027932][ T6042] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 57.031245][ T6042] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 57.049208][ T6042] vhci_hcd vhci_hcd.0: Device attached [ 57.097996][ T6048] syz.3.4 uses obsolete (PF_INET,SOCK_PACKET) [ 57.116880][ T6048] PF_CAN: dropped non conform CAN XL skbuff: dev type 280, len 40 [ 57.228605][ T53] vhci_hcd: vhci_device speed not set [ 57.231436][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 57.271317][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.275817][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.280397][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.285396][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 57.289909][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.295666][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.298511][ T53] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 57.300466][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.306341][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.488087][ T6044] Zero length message leads to an empty skb [ 57.556177][ T6045] netlink: 'syz.0.1': attribute type 4 has an invalid length. [ 57.559603][ T6045] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1'. [ 57.876651][ T6059] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 57.879132][ T6059] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 57.906774][ T6059] vhci_hcd vhci_hcd.0: Device attached [ 57.964825][ T6059] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4'. [ 58.074923][ T5960] Bluetooth: hci0: command tx timeout [ 58.138845][ T5960] Bluetooth: hci1: command tx timeout [ 58.139099][ T5955] Bluetooth: hci2: command tx timeout [ 58.139494][ T5965] Bluetooth: hci3: command tx timeout [ 58.208513][ T29] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 59.071110][ T6060] vhci_hcd: connection reset by peer [ 59.074612][ T764] vhci_hcd: stop threads [ 59.076433][ T764] vhci_hcd: release socket [ 59.078256][ T764] vhci_hcd: disconnect device [ 59.242423][ T6043] vhci_hcd: connection reset by peer [ 59.245103][ T93] vhci_hcd: stop threads [ 59.246595][ T93] vhci_hcd: release socket [ 59.248139][ T93] vhci_hcd: disconnect device [ 59.696330][ T6078] netlink: 156 bytes leftover after parsing attributes in process `syz.1.6'. [ 60.139432][ T5965] Bluetooth: hci0: command tx timeout [ 60.218747][ T5965] Bluetooth: hci3: command tx timeout [ 60.218828][ T5960] Bluetooth: hci2: command tx timeout [ 60.220460][ T5965] Bluetooth: hci1: command tx timeout [ 62.518494][ T53] vhci_hcd: vhci_device speed not set [ 62.649206][ T5965] Bluetooth: hci0: command tx timeout [ 62.651084][ T5965] Bluetooth: hci1: command tx timeout [ 62.652951][ T5965] Bluetooth: hci2: command tx timeout [ 62.654859][ T5965] Bluetooth: hci3: command tx timeout [ 63.329533][ T29] vhci_hcd: vhci_device speed not set [ 63.617781][ T6125] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12'. [ 63.628235][ T6123] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.632322][ T6123] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.894395][ T6125] bridge_slave_1: left allmulticast mode [ 63.910709][ T6125] bridge_slave_1: left promiscuous mode [ 63.932884][ T6125] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.133759][ T6125] bridge_slave_0: left allmulticast mode [ 64.148300][ T6125] bridge_slave_0: left promiscuous mode [ 64.152475][ T6125] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.619912][ T6154] netlink: 156 bytes leftover after parsing attributes in process `syz.1.17'. [ 67.650564][ T6167] overlay: ./file0 is not a directory [ 68.436074][ T40] audit: type=1326 audit(1764647176.276:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz.3.20" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f44579 code=0x0 [ 69.191216][ T6188] Trying to write to read-only block-device nullb0 [ 69.268506][ T6016] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 69.431474][ T6189] loop6: detected capacity change from 0 to 524287999 [ 69.436827][ T6016] usb 7-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0xED, changing to 0x8D [ 69.442652][ T6016] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x8D has invalid maxpacket 52921, setting to 64 [ 69.445849][ T5956] Buffer I/O error on dev loop6, logical block 0, async page read [ 69.447557][ T6016] usb 7-1: config 0 interface 0 has no altsetting 0 [ 69.450074][ T5956] Buffer I/O error on dev loop6, logical block 0, async page read [ 69.455548][ T5956] Buffer I/O error on dev loop6, logical block 0, async page read [ 69.455567][ T6016] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 69.458144][ T5956] Buffer I/O error on dev loop6, logical block 0, async page read [ 69.458211][ T5956] Buffer I/O error on dev loop6, logical block 0, async page read [ 69.462408][ T6016] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 69.466205][ T5956] Buffer I/O error on dev loop6, logical block 0, async page read [ 69.469099][ T6016] usb 7-1: Product: syz [ 69.475707][ T5956] Buffer I/O error on dev loop6, logical block 0, async page read [ 69.477116][ T6016] usb 7-1: Manufacturer: syz [ 69.482700][ T6016] usb 7-1: SerialNumber: syz [ 69.489358][ T5956] Buffer I/O error on dev loop6, logical block 0, async page read [ 69.493057][ T5956] ldm_validate_partition_table(): Disk read failed. [ 69.496350][ T5956] Buffer I/O error on dev loop6, logical block 0, async page read [ 69.509390][ T6016] usb 7-1: config 0 descriptor?? [ 69.522349][ T6016] usb 7-1: selecting invalid altsetting 0 [ 69.537933][ T6191] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22'. [ 69.543778][ T6191] netlink: 3 bytes leftover after parsing attributes in process `syz.1.22'. [ 69.555357][ T6191] batadv1: entered allmulticast mode [ 69.569876][ T5956] Buffer I/O error on dev loop6, logical block 0, async page read [ 69.575570][ T5956] Dev loop6: unable to read RDB block 0 [ 69.582617][ T5956] loop6: unable to read partition table [ 69.589782][ T6189] ldm_validate_partition_table(): Disk read failed. [ 69.593206][ T6189] Dev loop6: unable to read RDB block 0 [ 69.598984][ T6189] loop6: unable to read partition table [ 69.603078][ T6189] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 69.603813][ T6190] ldm_validate_partition_table(): Disk read failed. [ 69.626466][ T6190] Dev loop6: unable to read RDB block 0 [ 69.630564][ T6190] loop6: unable to read partition table [ 69.639368][ T6190] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 69.734550][ T24] usb 7-1: USB disconnect, device number 2 [ 70.968505][ T6212] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 72.121269][ T6207] batadv_slave_1: entered promiscuous mode [ 72.136862][ T6209] batadv_slave_1: left promiscuous mode [ 73.011204][ T6222] netlink: 156 bytes leftover after parsing attributes in process `syz.0.30'. [ 75.572070][ T6252] netlink: 4 bytes leftover after parsing attributes in process `syz.2.36'. [ 76.346194][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.349964][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.456909][ T6251] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 76.459626][ T6251] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 76.470590][ T6251] vhci_hcd vhci_hcd.0: Device attached [ 76.748598][ T5369] usb 44-1: SetAddress Request (2) to port 0 [ 76.750721][ T5369] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd [ 77.155977][ T6263] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.158779][ T6263] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.169310][ T6263] netlink: 12 bytes leftover after parsing attributes in process `syz.1.38'. [ 77.182388][ T6263] bridge_slave_1: left allmulticast mode [ 77.184479][ T6263] bridge_slave_1: left promiscuous mode [ 77.186583][ T6263] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.206253][ T6263] bridge_slave_0: left allmulticast mode [ 77.209156][ T6263] bridge_slave_0: left promiscuous mode [ 77.211337][ T6263] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.491130][ T6255] vhci_hcd: connection reset by peer [ 77.494394][ T1176] vhci_hcd: stop threads [ 77.504274][ T1176] vhci_hcd: release socket [ 77.814972][ T1176] vhci_hcd: disconnect device [ 79.038365][ T6288] program syz.1.41 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 79.089254][ T1112] ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 [ 79.091680][ T1112] ata1.00: irq_stat 0x40000000 [ 79.096826][ T1112] ata1.00: failed command: ZAC MANAGEMENT OUT [ 79.100897][ T1112] ata1.00: cmd 9f/02:00:00:00:00/00:00:00:00:00/40 tag 29 [ 79.100897][ T1112] res 41/04:00:00:00:00/00:00:00:00:00/40 Emask 0x1 (device error) [ 79.108756][ T1112] ata1.00: status: { DRDY ERR } [ 79.110375][ T1112] ata1.00: error: { ABRT } [ 79.111908][ T1112] ata1.00: device reported invalid CHS sector 0 [ 79.478686][ T6281] netlink: 4 bytes leftover after parsing attributes in process `syz.3.42'. [ 79.481544][ T6281] bridge_slave_1: left allmulticast mode [ 79.483477][ T6281] bridge_slave_1: left promiscuous mode [ 79.485547][ T6281] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.495079][ T6281] bridge_slave_0: left allmulticast mode [ 79.496971][ T6281] bridge_slave_0: left promiscuous mode [ 79.499644][ T6281] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.779687][ T6295] warning: `syz.3.45' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 81.819795][ T5369] usb 44-1: device descriptor read/8, error -110 [ 82.233381][ T5369] usb usb44-port1: attempt power cycle [ 82.532648][ T6322] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 82.534889][ T6322] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 82.542311][ T6322] vhci_hcd vhci_hcd.0: Device attached [ 83.019285][ T6099] usb 43-1: new low-speed USB device number 3 using vhci_hcd [ 83.262213][ T6339] netlink: 36 bytes leftover after parsing attributes in process `syz.3.47'. [ 83.515472][ T6333] vhci_hcd: connection reset by peer [ 83.518630][ T61] vhci_hcd: stop threads [ 83.522172][ T61] vhci_hcd: release socket [ 83.525028][ T61] vhci_hcd: disconnect device [ 85.329284][ T6366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.58'. [ 86.257255][ T1333] cfg80211: failed to load regulatory.db [ 87.254600][ T6389] netlink: 'syz.2.57': attribute type 10 has an invalid length. [ 87.263564][ T6389] batman_adv: batadv0: Adding interface: team0 [ 87.266323][ T6389] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.277164][ T6389] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 87.294007][ T6389] netlink: 'syz.2.57': attribute type 10 has an invalid length. [ 87.297257][ T6389] netlink: 2 bytes leftover after parsing attributes in process `syz.2.57'. [ 87.301183][ T6389] team0: entered promiscuous mode [ 87.303515][ T6389] team_slave_0: entered promiscuous mode [ 87.306367][ T6389] team_slave_1: entered promiscuous mode [ 87.312850][ T6389] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.316251][ T6389] batman_adv: batadv0: Interface activated: team0 [ 87.319150][ T6389] batman_adv: batadv0: Interface deactivated: team0 [ 87.321859][ T6389] batman_adv: batadv0: Removing interface: team0 [ 87.651207][ T6398] netlink: 12 bytes leftover after parsing attributes in process `syz.3.62'. [ 88.568535][ T6099] vhci_hcd: vhci_device speed not set [ 88.788516][ T40] audit: type=1326 audit(1764647196.616:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6402 comm="syz.1.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 88.797370][ T40] audit: type=1326 audit(1764647196.616:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6402 comm="syz.1.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 88.816856][ T40] audit: type=1326 audit(1764647196.616:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6402 comm="syz.1.64" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 88.826730][ T40] audit: type=1326 audit(1764647196.616:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6402 comm="syz.1.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 88.835925][ T40] audit: type=1326 audit(1764647196.616:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6402 comm="syz.1.64" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 88.845006][ T40] audit: type=1326 audit(1764647196.616:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6402 comm="syz.1.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 88.854103][ T40] audit: type=1326 audit(1764647196.616:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6402 comm="syz.1.64" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 88.863003][ T40] audit: type=1326 audit(1764647196.616:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6402 comm="syz.1.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 88.872184][ T40] audit: type=1326 audit(1764647196.616:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6402 comm="syz.1.64" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 88.881062][ T40] audit: type=1326 audit(1764647196.616:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6402 comm="syz.1.64" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 89.022335][ T6408] mmap: syz.1.64 (6408) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 90.691295][ T6426] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 90.693814][ T6426] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 90.780236][ T6426] vhci_hcd vhci_hcd.0: Device attached [ 90.818245][ T6426] netlink: 36 bytes leftover after parsing attributes in process `syz.3.67'. [ 90.821737][ T5369] usb usb44-port1: unable to enumerate USB device [ 91.480933][ T6427] vhci_hcd: connection closed [ 91.482887][ T1184] vhci_hcd: stop threads [ 91.485904][ T1184] vhci_hcd: release socket [ 91.487394][ T1184] vhci_hcd: disconnect device [ 91.861801][ T6444] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.864525][ T6444] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.880623][ T6444] netlink: 12 bytes leftover after parsing attributes in process `syz.0.71'. [ 91.888353][ T6444] bridge_slave_1: left allmulticast mode [ 91.889495][ T34] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 91.890878][ T6444] bridge_slave_1: left promiscuous mode [ 91.896632][ T6444] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.903663][ T6444] bridge_slave_0: left allmulticast mode [ 91.905600][ T6444] bridge_slave_0: left promiscuous mode [ 91.907817][ T6444] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.048529][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 92.052621][ T34] usb 6-1: config 1 interface 0 altsetting 8 bulk endpoint 0x1 has invalid maxpacket 8 [ 92.055847][ T34] usb 6-1: config 1 interface 0 has no altsetting 0 [ 92.072245][ T34] usb 6-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 92.075482][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.080478][ T34] usb 6-1: Product: ࠖ [ 92.081976][ T34] usb 6-1: Manufacturer: ࠚ [ 92.083579][ T34] usb 6-1: SerialNumber: syz [ 92.090610][ T6441] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 92.336984][ T6441] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 92.358992][ T34] usb 6-1: USB disconnect, device number 2 [ 96.985905][ T6503] netlink: 156 bytes leftover after parsing attributes in process `syz.2.83'. [ 97.587862][ T53] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 98.563274][ T6510] netlink: 156 bytes leftover after parsing attributes in process `syz.1.85'. [ 99.078519][ T6099] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 99.230810][ T6099] usb 7-1: config index 0 descriptor too short (expected 35577, got 27) [ 99.233835][ T6099] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 99.236789][ T6099] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 99.240892][ T6099] usb 7-1: config 1 has no interface number 0 [ 99.243645][ T6099] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 99.247529][ T6099] usb 7-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 99.249392][ T53] usb 5-1: config 0 has no interfaces? [ 99.252209][ T6099] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 99.256784][ T6099] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.275983][ T53] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 99.277840][ T6099] snd_usb_pod 7-1:1.1: Line 6 Pocket POD found [ 99.279346][ T53] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.288636][ T53] usb 5-1: Product: syz [ 99.290094][ T53] usb 5-1: Manufacturer: syz [ 99.291678][ T53] usb 5-1: SerialNumber: syz [ 99.294860][ T53] usb 5-1: config 0 descriptor?? [ 99.876942][ T6099] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now attached [ 100.102586][ T6038] usb 7-1: USB disconnect, device number 3 [ 100.127173][ T6038] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now disconnected [ 101.317653][ T53] usb 5-1: USB disconnect, device number 2 [ 105.325810][ T6073] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 105.479774][ T6073] usb 8-1: config 0 has no interfaces? [ 105.483286][ T6073] usb 8-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 105.487446][ T6073] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.491325][ T6073] usb 8-1: Product: syz [ 105.493304][ T6073] usb 8-1: Manufacturer: syz [ 105.495520][ T6073] usb 8-1: SerialNumber: syz [ 105.501072][ T6073] usb 8-1: config 0 descriptor?? [ 105.888587][ T6073] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 106.040225][ T6073] usb 5-1: config 0 has no interfaces? [ 106.043808][ T6073] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 106.046878][ T6073] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.049998][ T6073] usb 5-1: Product: syz [ 106.051479][ T6073] usb 5-1: Manufacturer: syz [ 106.053048][ T6073] usb 5-1: SerialNumber: syz [ 106.061455][ T6073] usb 5-1: config 0 descriptor?? [ 106.160316][ T6610] overlay: Unknown parameter 'subj_role' [ 106.456425][ T6612] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 106.488893][ T6612] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 107.681956][ T6073] usb 8-1: USB disconnect, device number 2 [ 107.955078][ T40] kauditd_printk_skb: 36 callbacks suppressed [ 107.955088][ T40] audit: type=1326 audit(1764647215.796:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6615 comm="syz.3.105" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 107.964476][ T40] audit: type=1326 audit(1764647215.796:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6615 comm="syz.3.105" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 107.973638][ T40] audit: type=1326 audit(1764647215.806:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6615 comm="syz.3.105" exe="/syz-executor" sig=0 arch=40000003 syscall=237 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 107.981300][ T40] audit: type=1326 audit(1764647215.806:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6615 comm="syz.3.105" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 107.992156][ T40] audit: type=1326 audit(1764647215.806:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6615 comm="syz.3.105" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 108.003816][ T53] libceph: connect (1)[c::]:6789 error -101 [ 108.006068][ T53] libceph: mon0 (1)[c::]:6789 connect error [ 108.010139][ T40] audit: type=1326 audit(1764647215.816:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6615 comm="syz.3.105" exe="/syz-executor" sig=0 arch=40000003 syscall=241 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 108.018147][ T40] audit: type=1326 audit(1764647215.816:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6615 comm="syz.3.105" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 108.027272][ T40] audit: type=1326 audit(1764647215.816:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6615 comm="syz.3.105" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 108.036949][ T40] audit: type=1326 audit(1764647215.816:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6615 comm="syz.3.105" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 108.043845][ T6625] input: syz1 as /devices/virtual/input/input6 [ 108.044367][ T6620] ceph: No mds server is up or the cluster is laggy [ 108.044404][ T40] audit: type=1326 audit(1764647215.816:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6615 comm="syz.3.105" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 108.909871][ T53] usb 5-1: USB disconnect, device number 3 [ 110.512134][ T6645] netlink: 4 bytes leftover after parsing attributes in process `syz.3.111'. [ 112.196578][ T6671] netlink: 12 bytes leftover after parsing attributes in process `syz.3.115'. [ 112.488702][ T6016] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 112.663530][ T6016] usb 5-1: config 0 has no interfaces? [ 112.681280][ T6016] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 112.685564][ T6016] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.695113][ T6677] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 112.697416][ T6677] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 112.699544][ T6016] usb 5-1: Product: syz [ 112.702454][ T6677] vhci_hcd vhci_hcd.0: Device attached [ 112.703136][ T6016] usb 5-1: Manufacturer: syz [ 112.707098][ T6016] usb 5-1: SerialNumber: syz [ 112.731470][ T6016] usb 5-1: config 0 descriptor?? [ 112.759348][ T6677] netlink: 36 bytes leftover after parsing attributes in process `syz.1.114'. [ 112.958745][ T55] usb 39-1: new low-speed USB device number 2 using vhci_hcd [ 113.249247][ T6679] vhci_hcd: connection reset by peer [ 113.252705][ T1142] vhci_hcd: stop threads [ 113.254211][ T1142] vhci_hcd: release socket [ 113.255775][ T1142] vhci_hcd: disconnect device [ 113.753151][ T6690] netlink: 156 bytes leftover after parsing attributes in process `syz.2.119'. [ 115.388898][ T53] usb 5-1: USB disconnect, device number 4 [ 118.059206][ T55] vhci_hcd: vhci_device speed not set [ 118.256922][ T6747] netlink: 156 bytes leftover after parsing attributes in process `syz.3.127'. [ 120.621007][ T6778] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 120.623814][ T6778] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 120.628373][ T6778] vhci_hcd vhci_hcd.0: Device attached [ 120.928815][ T55] usb 42-1: SetAddress Request (2) to port 0 [ 120.932060][ T55] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd [ 120.951653][ T6778] netlink: 84 bytes leftover after parsing attributes in process `syz.2.131'. [ 121.007943][ T6789] netlink: 36 bytes leftover after parsing attributes in process `syz.1.134'. [ 121.058939][ T6779] vhci_hcd: connection reset by peer [ 121.061645][ T1176] vhci_hcd: stop threads [ 121.063139][ T1176] vhci_hcd: release socket [ 121.065148][ T1176] vhci_hcd: disconnect device [ 121.385758][ T10] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 121.404101][ T6798] netlink: 12 bytes leftover after parsing attributes in process `syz.1.137'. [ 121.562548][ T10] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 121.565711][ T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 121.572106][ T10] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 121.575130][ T10] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 121.578087][ T10] usb 8-1: Manufacturer: syz [ 121.578830][ T6802] 9pnet_fd: Insufficient options for proto=fd [ 121.587999][ T10] usb 8-1: config 0 descriptor?? [ 121.648541][ T10] rc_core: IR keymap rc-hauppauge not found [ 121.650648][ T10] Registered IR keymap rc-empty [ 121.655419][ T10] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 121.661866][ T10] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input7 [ 121.816733][ T6016] usb 8-1: USB disconnect, device number 3 [ 122.517180][ T5960] Bluetooth: unknown link type 128 [ 123.685155][ T6826] netlink: 36 bytes leftover after parsing attributes in process `syz.2.143'. [ 124.548956][ T5960] Bluetooth: hci0: command tx timeout [ 124.773747][ T6843] overlay: Unknown parameter 'subj_role' [ 126.058932][ T55] usb 42-1: device descriptor read/8, error -110 [ 126.081397][ T6847] siw: device registration error -23 [ 126.579086][ T55] usb usb42-port1: attempt power cycle [ 126.963208][ T53] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 127.146376][ T53] usb 6-1: Using ep0 maxpacket: 8 [ 127.194089][ T53] usb 6-1: config 1 interface 0 altsetting 199 bulk endpoint 0x1 has invalid maxpacket 1023 [ 127.197644][ T53] usb 6-1: config 1 interface 0 altsetting 199 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 127.206879][ T53] usb 6-1: config 1 interface 0 has no altsetting 0 [ 127.217213][ T53] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 127.231068][ T53] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.233717][ T53] usb 6-1: Product: 焢䯍♳璹怜巧읐鶮샮ᣑㅃ牪熺䐡뀊鎂笴ꠈ曷汜炠입상ઁ借ꈬꗠΌ賮칒荘ᝧ䨟螶샨袇ﲤ坻쫇Ꝩ焦뫊钹ꢭا湣튚櫯㦥듾㺕뉂䝡 [ 127.243020][ T53] usb 6-1: Manufacturer: ⠊ [ 127.245328][ T53] usb 6-1: SerialNumber: 襉ᚲ [ 127.260094][ T6852] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 127.274199][ T6852] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 127.571372][ T55] usb usb42-port1: unable to enumerate USB device [ 128.379623][ T53] usb 6-1: USB disconnect, device number 3 [ 128.729968][ T6877] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 128.732910][ T6877] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 128.740629][ T6877] vhci_hcd vhci_hcd.0: Device attached [ 129.128576][ T6752] usb 43-1: new low-speed USB device number 4 using vhci_hcd [ 129.266852][ T6878] vhci_hcd: connection reset by peer [ 129.271196][ T1146] vhci_hcd: stop threads [ 129.273094][ T1146] vhci_hcd: release socket [ 129.275554][ T1146] vhci_hcd: disconnect device [ 130.629463][ T6921] netlink: 12 bytes leftover after parsing attributes in process `syz.2.164'. [ 131.157155][ T6927] netlink: 156 bytes leftover after parsing attributes in process `syz.3.166'. [ 133.266795][ T6935] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9) [ 133.269816][ T6935] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 133.278201][ T6935] vhci_hcd vhci_hcd.0: Device attached [ 133.548619][ T34] usb 42-1: SetAddress Request (6) to port 0 [ 133.550911][ T34] usb 42-1: new SuperSpeed USB device number 6 using vhci_hcd [ 133.577122][ T6947] vhci_hcd: connection reset by peer [ 133.579320][ T6955] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 133.580298][ T1176] vhci_hcd: stop threads [ 133.581969][ T6955] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 133.584266][ T6955] vhci_hcd vhci_hcd.0: Device attached [ 133.591724][ T1176] vhci_hcd: release socket [ 133.595148][ T1176] vhci_hcd: disconnect device [ 133.939621][ T55] usb 39-1: new low-speed USB device number 3 using vhci_hcd [ 134.139581][ T6959] kvm: apic: phys broadcast and lowest prio [ 134.208606][ T6752] vhci_hcd: vhci_device speed not set [ 134.212136][ T6956] vhci_hcd: connection reset by peer [ 134.214516][ T6214] vhci_hcd: stop threads [ 134.216714][ T6214] vhci_hcd: release socket [ 134.218302][ T6214] vhci_hcd: disconnect device [ 134.705448][ T6977] FAULT_INJECTION: forcing a failure. [ 134.705448][ T6977] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 134.711241][ T6977] CPU: 3 UID: 0 PID: 6977 Comm: syz.2.180 Not tainted syzkaller #0 PREEMPT(full) [ 134.711262][ T6977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 134.711272][ T6977] Call Trace: [ 134.711291][ T6977] [ 134.711298][ T6977] dump_stack_lvl+0x16c/0x1f0 [ 134.711339][ T6977] should_fail_ex+0x512/0x640 [ 134.711362][ T6977] _copy_from_iter+0x29f/0x1720 [ 134.711379][ T6977] ? __pfx__copy_from_iter+0x10/0x10 [ 134.711393][ T6977] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 134.711415][ T6977] copy_page_from_iter+0xde/0x180 [ 134.711430][ T6977] tun_build_skb.constprop.0+0x2e8/0x1510 [ 134.711451][ T6977] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 134.711470][ T6977] ? __lock_acquire+0x622/0x1c90 [ 134.711495][ T6977] tun_get_user+0x149c/0x3cc0 [ 134.711515][ T6977] ? __pfx_tun_get_user+0x10/0x10 [ 134.711531][ T6977] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 134.711550][ T6977] ? find_held_lock+0x2b/0x80 [ 134.711563][ T6977] ? tun_get+0x191/0x370 [ 134.711588][ T6977] tun_chr_write_iter+0xdc/0x210 [ 134.711612][ T6977] vfs_write+0x7d3/0x11d0 [ 134.711635][ T6977] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 134.711662][ T6977] ? __pfx_vfs_write+0x10/0x10 [ 134.711683][ T6977] ? find_held_lock+0x2b/0x80 [ 134.711707][ T6977] ksys_write+0x12a/0x250 [ 134.711720][ T6977] ? __pfx_ksys_write+0x10/0x10 [ 134.711733][ T6977] ? rcu_is_watching+0x12/0xc0 [ 134.711748][ T6977] __do_fast_syscall_32+0x7c/0x300 [ 134.711761][ T6977] do_fast_syscall_32+0x32/0x80 [ 134.711772][ T6977] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 134.711786][ T6977] RIP: 0023:0xf70bd579 [ 134.711795][ T6977] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 134.711805][ T6977] RSP: 002b:00000000f54ad520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 134.711815][ T6977] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080001040 [ 134.711821][ T6977] RDX: 000000000000004e RSI: 00000000f7456ff4 RDI: 0000000000000000 [ 134.711827][ T6977] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 134.711832][ T6977] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 134.711838][ T6977] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 134.711850][ T6977] [ 135.021499][ T6984] netlink: 156 bytes leftover after parsing attributes in process `syz.2.181'. [ 135.288032][ T6968] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 135.504869][ T7018] syzkaller0: entered promiscuous mode [ 135.506673][ T7018] syzkaller0: entered allmulticast mode [ 135.732477][ T7020] evm: overlay not supported [ 135.736271][ T7020] FAULT_INJECTION: forcing a failure. [ 135.736271][ T7020] name failslab, interval 1, probability 0, space 0, times 0 [ 135.742681][ T7020] CPU: 3 UID: 0 PID: 7020 Comm: syz.2.183 Not tainted syzkaller #0 PREEMPT(full) [ 135.742703][ T7020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 135.742714][ T7020] Call Trace: [ 135.742719][ T7020] [ 135.742725][ T7020] dump_stack_lvl+0x16c/0x1f0 [ 135.742747][ T7020] should_fail_ex+0x512/0x640 [ 135.742768][ T7020] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 135.742790][ T7020] should_failslab+0xc2/0x120 [ 135.742816][ T7020] kmem_cache_alloc_noprof+0x75/0x6e0 [ 135.742834][ T7020] ? __lock_acquire+0xb8a/0x1c90 [ 135.742857][ T7020] ? getname_flags.part.0+0x4c/0x550 [ 135.742878][ T7020] ? getname_flags.part.0+0x4c/0x550 [ 135.742893][ T7020] getname_flags.part.0+0x4c/0x550 [ 135.742913][ T7020] getname_flags+0x93/0xf0 [ 135.742932][ T7020] do_sys_openat2+0xb8/0x1d0 [ 135.742949][ T7020] ? __pfx_do_sys_openat2+0x10/0x10 [ 135.742975][ T7020] __do_sys_openat2+0x1c0/0x2d0 [ 135.742992][ T7020] ? __pfx___do_sys_openat2+0x10/0x10 [ 135.743007][ T7020] ? ksys_write+0x1ac/0x250 [ 135.743028][ T7020] ? rcu_is_watching+0x12/0xc0 [ 135.743049][ T7020] __do_fast_syscall_32+0x7c/0x300 [ 135.743070][ T7020] do_fast_syscall_32+0x32/0x80 [ 135.743089][ T7020] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 135.743109][ T7020] RIP: 0023:0xf70bd579 [ 135.743122][ T7020] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 135.743136][ T7020] RSP: 002b:00000000f54ad55c EFLAGS: 00000296 ORIG_RAX: 00000000000001b5 [ 135.743150][ T7020] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800000c0 [ 135.743159][ T7020] RDX: 0000000080000140 RSI: 0000000000000018 RDI: 0000000000000000 [ 135.743167][ T7020] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 135.743176][ T7020] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 135.743185][ T7020] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 135.743205][ T7020] [ 136.043484][ T7028] FAULT_INJECTION: forcing a failure. [ 136.043484][ T7028] name failslab, interval 1, probability 0, space 0, times 0 [ 136.051830][ T7028] CPU: 1 UID: 0 PID: 7028 Comm: syz.3.186 Not tainted syzkaller #0 PREEMPT(full) [ 136.051854][ T7028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 136.051864][ T7028] Call Trace: [ 136.051869][ T7028] [ 136.051877][ T7028] dump_stack_lvl+0x16c/0x1f0 [ 136.051902][ T7028] should_fail_ex+0x512/0x640 [ 136.051921][ T7028] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 136.051946][ T7028] should_failslab+0xc2/0x120 [ 136.051970][ T7028] kmem_cache_alloc_node_noprof+0x78/0x770 [ 136.051987][ T7028] ? __alloc_skb+0x2b2/0x380 [ 136.052008][ T7028] ? __pfx_tcp_current_mss+0x10/0x10 [ 136.052036][ T7028] ? __alloc_skb+0x2b2/0x380 [ 136.052055][ T7028] __alloc_skb+0x2b2/0x380 [ 136.052076][ T7028] ? __pfx___alloc_skb+0x10/0x10 [ 136.052097][ T7028] ? post_alloc_hook+0x19e/0x220 [ 136.052120][ T7028] tcp_stream_alloc_skb+0x34/0x560 [ 136.052143][ T7028] tcp_sendmsg_locked+0x12d9/0x42e0 [ 136.052180][ T7028] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 136.052203][ T7028] ? do_raw_spin_lock+0x12c/0x2b0 [ 136.052222][ T7028] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 136.052245][ T7028] ? __local_bh_enable_ip+0xa4/0x120 [ 136.052268][ T7028] tcp_sendmsg+0x2e/0x50 [ 136.052285][ T7028] ? __pfx_tcp_sendmsg+0x10/0x10 [ 136.052303][ T7028] inet_sendmsg+0xb9/0x140 [ 136.052325][ T7028] ____sys_sendmsg+0x973/0xc70 [ 136.052344][ T7028] ? __pfx_____sys_sendmsg+0x10/0x10 [ 136.052359][ T7028] ? get_compat_msghdr+0x11a/0x170 [ 136.052384][ T7028] ? __pfx__kstrtoull+0x10/0x10 [ 136.052415][ T7028] ___sys_sendmsg+0x134/0x1d0 [ 136.052439][ T7028] ? __pfx____sys_sendmsg+0x10/0x10 [ 136.052458][ T7028] ? __lock_acquire+0x622/0x1c90 [ 136.052512][ T7028] __sys_sendmmsg+0x2f9/0x420 [ 136.052538][ T7028] ? __pfx___sys_sendmmsg+0x10/0x10 [ 136.052568][ T7028] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 136.052597][ T7028] ? fput+0x9b/0xd0 [ 136.052624][ T7028] ? ksys_write+0x1ac/0x250 [ 136.052650][ T7028] ? __pfx_ksys_write+0x10/0x10 [ 136.052675][ T7028] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 136.052699][ T7028] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 136.052718][ T7028] __do_fast_syscall_32+0x7c/0x300 [ 136.052738][ T7028] do_fast_syscall_32+0x32/0x80 [ 136.052757][ T7028] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 136.052778][ T7028] RIP: 0023:0xf7f44579 [ 136.052792][ T7028] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 136.052809][ T7028] RSP: 002b:00000000f543655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 136.052827][ T7028] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080 [ 136.052839][ T7028] RDX: 0000000000000001 RSI: 0000000000000040 RDI: 0000000000000000 [ 136.052848][ T7028] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 136.052856][ T7028] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 136.052874][ T7028] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 136.052898][ T7028] [ 137.455508][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.457951][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.804982][ T34] usb 42-1: device descriptor read/8, error -110 [ 139.088501][ T55] vhci_hcd: vhci_device speed not set [ 139.700758][ T34] usb usb42-port1: attempt power cycle [ 140.084826][ T7090] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 140.087332][ T7090] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 140.090460][ T7088] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 140.092696][ T7088] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 140.095371][ T7090] vhci_hcd vhci_hcd.0: Device attached [ 140.101521][ T7088] vhci_hcd vhci_hcd.0: Device attached [ 140.107135][ T7090] netlink: 36 bytes leftover after parsing attributes in process `syz.2.203'. [ 140.271939][ T5369] IPVS: starting estimator thread 0... [ 140.299077][ T34] usb usb42-port1: unable to enumerate USB device [ 140.369322][ T7102] IPVS: using max 45 ests per chain, 108000 per kthread [ 140.373493][ T10] usb 37-1: new low-speed USB device number 3 using vhci_hcd [ 140.429910][ T6073] usb 41-1: new low-speed USB device number 2 using vhci_hcd [ 140.779284][ T55] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 140.924888][ T7091] vhci_hcd: connection reset by peer [ 140.942996][ T93] vhci_hcd: stop threads [ 140.956561][ T93] vhci_hcd: release socket [ 140.979136][ T93] vhci_hcd: disconnect device [ 140.990586][ T55] usb 5-1: config 0 has no interfaces? [ 141.169280][ T55] usb 5-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c [ 141.172267][ T55] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.174876][ T55] usb 5-1: Product: syz [ 141.176252][ T55] usb 5-1: Manufacturer: syz [ 141.177792][ T55] usb 5-1: SerialNumber: syz [ 141.186782][ T55] usb 5-1: config 0 descriptor?? [ 141.532941][ T1176] IPVS: stop unused estimator thread 0... [ 143.188641][ T6098] usb 5-1: USB disconnect, device number 5 [ 143.192237][ T7093] vhci_hcd: connection reset by peer [ 143.195495][ T1176] vhci_hcd: stop threads [ 143.220117][ T1176] vhci_hcd: release socket [ 143.245509][ T1176] vhci_hcd: disconnect device [ 143.636079][ T7178] overlay: Unknown parameter 'subj_role' [ 143.968843][ T7187] siw: device registration error -23 [ 145.367866][ T7191] netlink: 8 bytes leftover after parsing attributes in process `syz.2.219'. [ 145.498515][ T10] vhci_hcd: vhci_device speed not set [ 145.828689][ T6073] vhci_hcd: vhci_device speed not set [ 146.033059][ T7206] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 146.035748][ T7206] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 146.040050][ T7206] vhci_hcd vhci_hcd.0: Device attached [ 146.045626][ T7206] netlink: 36 bytes leftover after parsing attributes in process `syz.0.218'. [ 146.489602][ T7218] syzkaller0: entered promiscuous mode [ 146.491711][ T7218] syzkaller0: entered allmulticast mode [ 146.508589][ T10] usb 37-1: device descriptor read/64, error -110 [ 146.630909][ T7207] vhci_hcd: connection closed [ 146.631199][ T93] vhci_hcd: stop threads [ 146.634355][ T93] vhci_hcd: release socket [ 146.640833][ T93] vhci_hcd: disconnect device [ 146.689258][ T10] vhci_hcd: vhci_device speed not set [ 147.426402][ T7235] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 147.429054][ T7235] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 147.432809][ T7235] vhci_hcd vhci_hcd.0: Device attached [ 147.439178][ T7235] fuse: Unknown parameter 'rootmoee' [ 147.441999][ T7235] process 'syz.3.227' launched '/dev/fd/11' with NULL argv: empty string added [ 148.576753][ T7232] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 148.579661][ T7232] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 148.579869][ T7232] vhci_hcd vhci_hcd.0: Device attached [ 148.589337][ T7239] vhci_hcd: connection closed [ 148.589557][ T764] vhci_hcd: stop threads [ 148.593688][ T764] vhci_hcd: release socket [ 148.595348][ T764] vhci_hcd: disconnect device [ 148.612084][ T7232] netlink: 36 bytes leftover after parsing attributes in process `syz.1.229'. [ 148.838567][ T6073] usb 39-1: new low-speed USB device number 4 using vhci_hcd [ 149.526040][ T7252] vhci_hcd: connection reset by peer [ 149.530250][ T6214] vhci_hcd: stop threads [ 149.531891][ T6214] vhci_hcd: release socket [ 149.533733][ T6214] vhci_hcd: disconnect device [ 149.552358][ T7283] netlink: 4 bytes leftover after parsing attributes in process `syz.0.239'. [ 149.629449][ T7285] netlink: 1 bytes leftover after parsing attributes in process `syz.2.240'. [ 151.049595][ T7289] netlink: 156 bytes leftover after parsing attributes in process `syz.2.241'. [ 151.560887][ T7326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.244'. [ 151.713232][ T7330] FAULT_INJECTION: forcing a failure. [ 151.713232][ T7330] name failslab, interval 1, probability 0, space 0, times 0 [ 151.718295][ T7330] CPU: 2 UID: 0 PID: 7330 Comm: syz.0.247 Not tainted syzkaller #0 PREEMPT(full) [ 151.718315][ T7330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 151.718323][ T7330] Call Trace: [ 151.718328][ T7330] [ 151.718333][ T7330] dump_stack_lvl+0x16c/0x1f0 [ 151.718353][ T7330] should_fail_ex+0x512/0x640 [ 151.718369][ T7330] ? fs_reclaim_acquire+0xae/0x150 [ 151.718390][ T7330] should_failslab+0xc2/0x120 [ 151.718427][ T7330] __kmalloc_noprof+0xdd/0x880 [ 151.718441][ T7330] ? tomoyo_encode2+0x100/0x3e0 [ 151.718463][ T7330] ? tomoyo_encode2+0x100/0x3e0 [ 151.718481][ T7330] tomoyo_encode2+0x100/0x3e0 [ 151.718506][ T7330] tomoyo_encode+0x29/0x50 [ 151.718524][ T7330] tomoyo_realpath_from_path+0x18f/0x6e0 [ 151.718545][ T7330] ? tomoyo_profile+0x47/0x60 [ 151.718559][ T7330] tomoyo_path_number_perm+0x245/0x580 [ 151.718575][ T7330] ? tomoyo_path_number_perm+0x237/0x580 [ 151.718593][ T7330] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 151.718629][ T7330] ? find_held_lock+0x2b/0x80 [ 151.718645][ T7330] ? hook_file_ioctl_common+0x145/0x410 [ 151.718667][ T7330] ? __fget_files+0x20e/0x3c0 [ 151.718686][ T7330] security_file_ioctl_compat+0x9b/0x240 [ 151.718706][ T7330] __ia32_compat_sys_ioctl+0xc3/0x370 [ 151.718722][ T7330] __do_fast_syscall_32+0x7c/0x300 [ 151.718739][ T7330] do_fast_syscall_32+0x32/0x80 [ 151.718753][ T7330] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 151.718769][ T7330] RIP: 0023:0xf706d579 [ 151.718779][ T7330] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 151.718792][ T7330] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 151.718804][ T7330] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80 [ 151.718812][ T7330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 151.718819][ T7330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 151.718826][ T7330] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 151.718834][ T7330] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 151.718852][ T7330] [ 151.816933][ T7330] ERROR: Out of memory at tomoyo_realpath_from_path. [ 152.111403][ T7355] FAULT_INJECTION: forcing a failure. [ 152.111403][ T7355] name failslab, interval 1, probability 0, space 0, times 0 [ 152.122344][ T7355] CPU: 3 UID: 0 PID: 7355 Comm: syz.2.250 Not tainted syzkaller #0 PREEMPT(full) [ 152.122362][ T7355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 152.122368][ T7355] Call Trace: [ 152.122371][ T7355] [ 152.122375][ T7355] dump_stack_lvl+0x16c/0x1f0 [ 152.122391][ T7355] should_fail_ex+0x512/0x640 [ 152.122403][ T7355] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 152.122417][ T7355] should_failslab+0xc2/0x120 [ 152.122433][ T7355] kmem_cache_alloc_noprof+0x75/0x6e0 [ 152.122444][ T7355] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 152.122461][ T7355] ? getname_flags.part.0+0x4c/0x550 [ 152.122474][ T7355] ? getname_flags.part.0+0x4c/0x550 [ 152.122482][ T7355] getname_flags.part.0+0x4c/0x550 [ 152.122493][ T7355] getname_flags+0x93/0xf0 [ 152.122505][ T7355] user_path_at+0x24/0x60 [ 152.122517][ T7355] __ia32_sys_mount+0x1fa/0x310 [ 152.122532][ T7355] ? __pfx___ia32_sys_mount+0x10/0x10 [ 152.122547][ T7355] ? rcu_is_watching+0x12/0xc0 [ 152.122561][ T7355] __do_fast_syscall_32+0x7c/0x300 [ 152.122575][ T7355] do_fast_syscall_32+0x32/0x80 [ 152.122586][ T7355] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 152.122598][ T7355] RIP: 0023:0xf70bd579 [ 152.122607][ T7355] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 152.122617][ T7355] RSP: 002b:00000000f548c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 152.122627][ T7355] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000000 [ 152.122633][ T7355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 152.122639][ T7355] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 152.122644][ T7355] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 152.122650][ T7355] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 152.122662][ T7355] [ 152.966701][ T7388] capability: warning: `syz.2.257' uses 32-bit capabilities (legacy support in use) [ 153.002733][ T7391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.258'. [ 153.007831][ T7391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.258'. [ 153.128828][ T7391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.258'. [ 153.134317][ T7391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.258'. [ 153.307275][ T7398] siw: device registration error -23 [ 153.389080][ T7404] siw: device registration error -23 [ 154.345057][ T7412] netlink: 28 bytes leftover after parsing attributes in process `syz.3.265'. [ 154.348506][ T6073] vhci_hcd: vhci_device speed not set [ 157.012760][ T7456] FAULT_INJECTION: forcing a failure. [ 157.012760][ T7456] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 157.020411][ T7456] CPU: 0 UID: 0 PID: 7456 Comm: syz.1.275 Not tainted syzkaller #0 PREEMPT(full) [ 157.020437][ T7456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 157.020443][ T7456] Call Trace: [ 157.020447][ T7456] [ 157.020451][ T7456] dump_stack_lvl+0x16c/0x1f0 [ 157.020470][ T7456] should_fail_ex+0x512/0x640 [ 157.020484][ T7456] _copy_to_user+0x32/0xd0 [ 157.020499][ T7456] simple_read_from_buffer+0xcb/0x170 [ 157.020512][ T7456] proc_fail_nth_read+0x197/0x240 [ 157.020527][ T7456] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 157.020541][ T7456] ? rw_verify_area+0xcf/0x6c0 [ 157.020553][ T7456] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 157.020567][ T7456] vfs_read+0x1e4/0xcf0 [ 157.020582][ T7456] ? __pfx_vfs_read+0x10/0x10 [ 157.020593][ T7456] ? find_held_lock+0x2b/0x80 [ 157.020609][ T7456] ? __fget_files+0x20e/0x3c0 [ 157.020625][ T7456] ksys_read+0x12a/0x250 [ 157.020637][ T7456] ? __pfx_ksys_read+0x10/0x10 [ 157.020651][ T7456] ? rcu_is_watching+0x12/0xc0 [ 157.020665][ T7456] __do_fast_syscall_32+0x7c/0x300 [ 157.020678][ T7456] do_fast_syscall_32+0x32/0x80 [ 157.020689][ T7456] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 157.020702][ T7456] RIP: 0023:0xf702d579 [ 157.020711][ T7456] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 157.020720][ T7456] RSP: 002b:00000000f541d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 157.020730][ T7456] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f541d620 [ 157.020736][ T7456] RDX: 000000000000000f RSI: 00000000f73c6ff4 RDI: 0000000000000000 [ 157.020742][ T7456] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 157.020747][ T7456] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 157.020753][ T7456] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 157.020777][ T7456] [ 157.618951][ T7475] FAULT_INJECTION: forcing a failure. [ 157.618951][ T7475] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 157.624179][ T7475] CPU: 1 UID: 0 PID: 7475 Comm: syz.1.280 Not tainted syzkaller #0 PREEMPT(full) [ 157.624194][ T7475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 157.624201][ T7475] Call Trace: [ 157.624204][ T7475] [ 157.624209][ T7475] dump_stack_lvl+0x16c/0x1f0 [ 157.624224][ T7475] should_fail_ex+0x512/0x640 [ 157.624238][ T7475] _copy_to_iter+0x29f/0x1710 [ 157.624254][ T7475] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 157.624267][ T7475] ? __pfx__copy_to_iter+0x10/0x10 [ 157.624280][ T7475] ? __pfx_woken_wake_function+0x10/0x10 [ 157.624297][ T7475] tty_read+0x26f/0x5d0 [ 157.624314][ T7475] ? __pfx_tty_read+0x10/0x10 [ 157.624331][ T7475] ? bpf_lsm_file_permission+0x9/0x10 [ 157.624345][ T7475] ? security_file_permission+0x71/0x210 [ 157.624360][ T7475] ? rw_verify_area+0xcf/0x6c0 [ 157.624373][ T7475] vfs_read+0x8bf/0xcf0 [ 157.624388][ T7475] ? __pfx_vfs_read+0x10/0x10 [ 157.624399][ T7475] ? find_held_lock+0x2b/0x80 [ 157.624424][ T7475] ksys_read+0x12a/0x250 [ 157.624436][ T7475] ? __pfx_ksys_read+0x10/0x10 [ 157.624450][ T7475] ? rcu_is_watching+0x12/0xc0 [ 157.624464][ T7475] __do_fast_syscall_32+0x7c/0x300 [ 157.624477][ T7475] do_fast_syscall_32+0x32/0x80 [ 157.624488][ T7475] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 157.624501][ T7475] RIP: 0023:0xf702d579 [ 157.624510][ T7475] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 157.624520][ T7475] RSP: 002b:00000000f53fc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000003 [ 157.624530][ T7475] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000e00 [ 157.624537][ T7475] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000 [ 157.624542][ T7475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 157.624548][ T7475] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 157.624553][ T7475] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 157.624566][ T7475] [ 158.850096][ T7493] FAULT_INJECTION: forcing a failure. [ 158.850096][ T7493] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 158.854524][ T7493] CPU: 1 UID: 0 PID: 7493 Comm: syz.3.285 Not tainted syzkaller #0 PREEMPT(full) [ 158.854537][ T7493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 158.854543][ T7493] Call Trace: [ 158.854548][ T7493] [ 158.854552][ T7493] dump_stack_lvl+0x16c/0x1f0 [ 158.854567][ T7493] should_fail_ex+0x512/0x640 [ 158.854581][ T7493] _copy_from_iter+0x29f/0x1720 [ 158.854597][ T7493] ? __pfx__copy_from_iter+0x10/0x10 [ 158.854610][ T7493] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 158.854631][ T7493] copy_page_from_iter+0xde/0x180 [ 158.854645][ T7493] tun_build_skb.constprop.0+0x2e8/0x1510 [ 158.854665][ T7493] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 158.854683][ T7493] ? __lock_acquire+0x622/0x1c90 [ 158.854707][ T7493] tun_get_user+0x149c/0x3cc0 [ 158.854727][ T7493] ? __pfx_tun_get_user+0x10/0x10 [ 158.854742][ T7493] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 158.854760][ T7493] ? find_held_lock+0x2b/0x80 [ 158.854771][ T7493] ? tun_get+0x191/0x370 [ 158.854787][ T7493] tun_chr_write_iter+0xdc/0x210 [ 158.854803][ T7493] vfs_write+0x7d3/0x11d0 [ 158.854817][ T7493] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 158.854832][ T7493] ? __pfx_vfs_write+0x10/0x10 [ 158.854844][ T7493] ? find_held_lock+0x2b/0x80 [ 158.854863][ T7493] ksys_write+0x12a/0x250 [ 158.854876][ T7493] ? __pfx_ksys_write+0x10/0x10 [ 158.854889][ T7493] ? rcu_is_watching+0x12/0xc0 [ 158.854904][ T7493] __do_fast_syscall_32+0x7c/0x300 [ 158.854917][ T7493] do_fast_syscall_32+0x32/0x80 [ 158.854929][ T7493] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 158.854942][ T7493] RIP: 0023:0xf7f44579 [ 158.854950][ T7493] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 158.854960][ T7493] RSP: 002b:00000000f5436520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 158.854970][ T7493] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000800007c0 [ 158.854976][ T7493] RDX: 000000000000006a RSI: 00000000f73d6ff4 RDI: 0000000000000000 [ 158.854981][ T7493] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 158.854987][ T7493] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 158.854992][ T7493] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 158.855005][ T7493] [ 159.659910][ T7510] overlay: Unknown parameter 'subj_role' [ 159.907852][ T7511] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 159.910695][ T7511] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 159.921089][ T7511] vhci_hcd vhci_hcd.0: Device attached [ 159.928856][ T7511] netlink: 36 bytes leftover after parsing attributes in process `syz.3.289'. [ 160.005254][ T1333] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 160.008051][ T7518] siw: device registration error -23 [ 160.160967][ T1333] usb 6-1: Using ep0 maxpacket: 32 [ 160.169678][ T1333] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 160.172887][ T1333] usb 6-1: config 0 has no interface number 0 [ 160.176614][ T1333] usb 6-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 160.179695][ T1333] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 160.182810][ T1333] usb 6-1: Product: syz [ 160.184265][ T1333] usb 6-1: Manufacturer: syz [ 160.185851][ T1333] usb 6-1: SerialNumber: syz [ 160.193918][ T1333] usb 6-1: config 0 descriptor?? [ 160.199830][ T1333] usb 6-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 160.203718][ T1333] usb 6-1: selecting invalid altsetting 1 [ 160.206195][ T1333] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 160.217000][ T1333] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 160.220867][ T1333] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 160.223906][ T1333] usb 6-1: media controller created [ 160.234275][ T1333] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 160.450648][ T7520] netlink: 772 bytes leftover after parsing attributes in process `syz.1.291'. [ 161.312475][ T1333] usb 6-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 161.315272][ T1333] zl10353_read_register: readreg error (reg=127, ret==-110) [ 161.319585][ T1333] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 161.340906][ T1333] usb 6-1: USB disconnect, device number 4 [ 161.347004][ T7512] vhci_hcd: connection closed [ 161.347159][ T1142] vhci_hcd: stop threads [ 161.352741][ T1142] vhci_hcd: release socket [ 161.354852][ T1142] vhci_hcd: disconnect device [ 163.063989][ T7553] siw: device registration error -23 [ 163.427262][ T7556] overlay: Unknown parameter 'subj_role' [ 164.303555][ T7560] FAULT_INJECTION: forcing a failure. [ 164.303555][ T7560] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.314909][ T7560] CPU: 0 UID: 0 PID: 7560 Comm: syz.1.302 Not tainted syzkaller #0 PREEMPT(full) [ 164.314924][ T7560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 164.314930][ T7560] Call Trace: [ 164.314934][ T7560] [ 164.314938][ T7560] dump_stack_lvl+0x16c/0x1f0 [ 164.314954][ T7560] should_fail_ex+0x512/0x640 [ 164.314968][ T7560] _copy_to_user+0x32/0xd0 [ 164.314982][ T7560] bpf_prog_test_run_raw_tp+0x53f/0x710 [ 164.315000][ T7560] ? __pfx_bpf_prog_test_run_raw_tp+0x10/0x10 [ 164.315016][ T7560] ? fput+0x9b/0xd0 [ 164.315031][ T7560] ? __bpf_prog_get+0x97/0x2a0 [ 164.315048][ T7560] ? __pfx_bpf_prog_test_run_raw_tp+0x10/0x10 [ 164.315062][ T7560] __sys_bpf+0x1035/0x4980 [ 164.315077][ T7560] ? __pfx___sys_bpf+0x10/0x10 [ 164.315088][ T7560] ? find_held_lock+0x2b/0x80 [ 164.315103][ T7560] ? find_held_lock+0x2b/0x80 [ 164.315117][ T7560] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 164.315137][ T7560] ? fput+0x9b/0xd0 [ 164.315151][ T7560] ? ksys_write+0x1ac/0x250 [ 164.315164][ T7560] ? __pfx_ksys_write+0x10/0x10 [ 164.315179][ T7560] __ia32_sys_bpf+0x76/0xe0 [ 164.315192][ T7560] __do_fast_syscall_32+0x7c/0x300 [ 164.315204][ T7560] do_fast_syscall_32+0x32/0x80 [ 164.315215][ T7560] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 164.315228][ T7560] RIP: 0023:0xf702d579 [ 164.315236][ T7560] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 164.315246][ T7560] RSP: 002b:00000000f541d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 164.315256][ T7560] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000000 [ 164.315262][ T7560] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000000 [ 164.315267][ T7560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 164.315273][ T7560] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 164.315278][ T7560] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 164.315291][ T7560] [ 164.424789][ T7564] netlink: 4 bytes leftover after parsing attributes in process `syz.2.304'. [ 164.494187][ T7564] hsr_slave_0 (unregistering): left promiscuous mode [ 165.052517][ T7566] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 165.054695][ T7566] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 165.057324][ T7566] vhci_hcd vhci_hcd.0: Device attached [ 165.151724][ T7566] netlink: 36 bytes leftover after parsing attributes in process `syz.0.303'. [ 165.190747][ T7578] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 165.193594][ T7578] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 165.196939][ T7578] vhci_hcd vhci_hcd.0: Device attached [ 165.248355][ T7578] netlink: 36 bytes leftover after parsing attributes in process `syz.1.306'. [ 165.274023][ T7579] vhci_hcd: connection closed [ 165.274443][ T764] vhci_hcd: stop threads [ 165.278256][ T764] vhci_hcd: release socket [ 165.280246][ T764] vhci_hcd: disconnect device [ 165.295667][ T843] usb 37-1: new low-speed USB device number 5 using vhci_hcd [ 165.299079][ T843] usb 37-1: enqueue for inactive port 0 [ 165.374403][ T843] vhci_hcd: vhci_device speed not set [ 165.462766][ T53] usb 39-1: new low-speed USB device number 5 using vhci_hcd [ 165.729609][ T7592] netlink: 12 bytes leftover after parsing attributes in process `syz.3.308'. [ 165.762550][ T7582] vhci_hcd: connection reset by peer [ 165.764700][ T93] vhci_hcd: stop threads [ 165.766266][ T93] vhci_hcd: release socket [ 165.769253][ T93] vhci_hcd: disconnect device [ 166.326262][ T7600] siw: device registration error -23 [ 167.203326][ T7602] netlink: 16 bytes leftover after parsing attributes in process `syz.3.311'. [ 167.228496][ T7602] bond0: entered promiscuous mode [ 167.235742][ T7602] bond_slave_0: entered promiscuous mode [ 167.239726][ T7602] bond_slave_1: entered promiscuous mode [ 167.385029][ T7602] bond0: left promiscuous mode [ 167.394576][ T7602] bond_slave_0: left promiscuous mode [ 167.396690][ T7602] bond_slave_1: left promiscuous mode [ 168.423226][ T7619] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 168.425466][ T7619] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 168.438469][ T7619] vhci_hcd vhci_hcd.0: Device attached [ 168.475025][ T7619] netlink: 36 bytes leftover after parsing attributes in process `syz.0.314'. [ 168.535152][ T7624] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 168.537326][ T7624] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 168.545230][ T7624] vhci_hcd vhci_hcd.0: Device attached [ 168.593302][ T7624] netlink: 36 bytes leftover after parsing attributes in process `syz.3.316'. [ 168.610967][ T7630] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 168.617262][ T7630] block device autoloading is deprecated and will be removed. [ 168.627198][ T7627] md: md2 stopped. [ 168.673759][ T7625] netlink: 16 bytes leftover after parsing attributes in process `syz.1.315'. [ 168.688618][ T6752] usb 37-1: new low-speed USB device number 6 using vhci_hcd [ 168.700932][ T7623] infiniband syz1: set active [ 168.703296][ T7623] infiniband syz1: added syz_tun [ 168.730179][ T7623] RDS/IB: syz1: added [ 168.732820][ T7623] smc: adding ib device syz1 with port count 1 [ 168.735266][ T7623] smc: ib device syz1 port 1 has no pnetid [ 168.816440][ T29] usb 43-1: new low-speed USB device number 5 using vhci_hcd [ 169.187810][ T7642] netlink: 12 bytes leftover after parsing attributes in process `syz.2.319'. [ 169.218160][ T7620] vhci_hcd: connection reset by peer [ 169.220201][ T61] vhci_hcd: stop threads [ 169.221728][ T61] vhci_hcd: release socket [ 169.223289][ T61] vhci_hcd: disconnect device [ 169.311699][ T7628] vhci_hcd: connection reset by peer [ 169.313667][ T61] vhci_hcd: stop threads [ 169.315182][ T61] vhci_hcd: release socket [ 169.316753][ T61] vhci_hcd: disconnect device [ 170.025965][ T7659] netlink: 12 bytes leftover after parsing attributes in process `syz.2.322'. [ 170.069312][ T7665] Bluetooth: MGMT ver 1.23 [ 170.363368][ T7666] netlink: 4 bytes leftover after parsing attributes in process `syz.0.325'. [ 170.450897][ T7676] FAULT_INJECTION: forcing a failure. [ 170.450897][ T7676] name failslab, interval 1, probability 0, space 0, times 0 [ 170.456468][ T7676] CPU: 3 UID: 0 PID: 7676 Comm: syz.1.329 Not tainted syzkaller #0 PREEMPT(full) [ 170.456489][ T7676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 170.456498][ T7676] Call Trace: [ 170.456504][ T7676] [ 170.456510][ T7676] dump_stack_lvl+0x16c/0x1f0 [ 170.456530][ T7676] should_fail_ex+0x512/0x640 [ 170.456548][ T7676] ? fs_reclaim_acquire+0xae/0x150 [ 170.456571][ T7676] should_failslab+0xc2/0x120 [ 170.456593][ T7676] __kmalloc_noprof+0xdd/0x880 [ 170.456610][ T7676] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 170.456636][ T7676] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 170.456656][ T7676] tomoyo_realpath_from_path+0xc2/0x6e0 [ 170.456679][ T7676] ? tomoyo_profile+0x47/0x60 [ 170.456695][ T7676] tomoyo_path_number_perm+0x245/0x580 [ 170.456713][ T7676] ? tomoyo_path_number_perm+0x237/0x580 [ 170.456733][ T7676] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 170.456791][ T7676] ? find_held_lock+0x2b/0x80 [ 170.456809][ T7676] ? hook_file_ioctl_common+0x145/0x410 [ 170.456834][ T7676] ? __fget_files+0x20e/0x3c0 [ 170.456856][ T7676] security_file_ioctl_compat+0x9b/0x240 [ 170.456878][ T7676] __ia32_compat_sys_ioctl+0xc3/0x370 [ 170.456897][ T7676] __do_fast_syscall_32+0x7c/0x300 [ 170.456915][ T7676] do_fast_syscall_32+0x32/0x80 [ 170.456931][ T7676] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 170.456949][ T7676] RIP: 0023:0xf702d579 [ 170.456962][ T7676] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 170.456976][ T7676] RSP: 002b:00000000f541d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 170.456991][ T7676] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000530b [ 170.457000][ T7676] RDX: 0000000080000480 RSI: 0000000000000000 RDI: 0000000000000000 [ 170.457009][ T7676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 170.457017][ T7676] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 170.457026][ T7676] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 170.457051][ T7676] [ 170.457399][ T7676] ERROR: Out of memory at tomoyo_realpath_from_path. [ 170.502725][ T53] vhci_hcd: vhci_device speed not set [ 170.885808][ T7683] netlink: 12 bytes leftover after parsing attributes in process `syz.1.330'. [ 170.899427][ T7692] FAULT_INJECTION: forcing a failure. [ 170.899427][ T7692] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 170.905534][ T7692] CPU: 3 UID: 0 PID: 7692 Comm: syz.3.332 Not tainted syzkaller #0 PREEMPT(full) [ 170.905548][ T7692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 170.905555][ T7692] Call Trace: [ 170.905558][ T7692] [ 170.905562][ T7692] dump_stack_lvl+0x16c/0x1f0 [ 170.905577][ T7692] should_fail_ex+0x512/0x640 [ 170.905592][ T7692] strncpy_from_user+0x3b/0x2e0 [ 170.905605][ T7692] getname_flags.part.0+0x8f/0x550 [ 170.905617][ T7692] getname_flags+0x93/0xf0 [ 170.905629][ T7692] do_sys_openat2+0xb8/0x1d0 [ 170.905639][ T7692] ? __pfx_do_sys_openat2+0x10/0x10 [ 170.905649][ T7692] ? __fget_files+0x20e/0x3c0 [ 170.905661][ T7692] ? handle_mm_fault+0x2a0/0xd10 [ 170.905674][ T7692] __ia32_compat_sys_open+0x146/0x1e0 [ 170.905685][ T7692] ? __pfx___ia32_compat_sys_open+0x10/0x10 [ 170.905698][ T7692] ? rcu_is_watching+0x12/0xc0 [ 170.905711][ T7692] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 170.905725][ T7692] __do_fast_syscall_32+0x7c/0x300 [ 170.905737][ T7692] do_fast_syscall_32+0x32/0x80 [ 170.905748][ T7692] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 170.905761][ T7692] RIP: 0023:0xf7f44579 [ 170.905769][ T7692] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 170.905779][ T7692] RSP: 002b:00000000f543655c EFLAGS: 00000296 ORIG_RAX: 0000000000000005 [ 170.905789][ T7692] RAX: ffffffffffffffda RBX: 00000000800000c0 RCX: 0000000000109281 [ 170.905795][ T7692] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 170.905801][ T7692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 170.905806][ T7692] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 170.905812][ T7692] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 170.905824][ T7692] [ 170.921521][ T7688] netlink: 4 bytes leftover after parsing attributes in process `syz.2.333'. [ 171.306388][ T7700] fuse: Unknown parameter 'W Koj w>k&afPcM?_iRU[{n' [ 171.404744][ T7703] netlink: 4 bytes leftover after parsing attributes in process `syz.0.335'. [ 173.659013][ T7768] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 173.662025][ T7768] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 173.665996][ T7768] vhci_hcd vhci_hcd.0: Device attached [ 173.689774][ T7768] netlink: 36 bytes leftover after parsing attributes in process `syz.0.346'. [ 173.882152][ T29] vhci_hcd: vhci_device speed not set [ 174.132019][ T7770] vhci_hcd: connection reset by peer [ 174.137495][ T1184] vhci_hcd: stop threads [ 174.139965][ T1184] vhci_hcd: release socket [ 174.143980][ T1184] vhci_hcd: disconnect device [ 174.208796][ T6752] vhci_hcd: vhci_device speed not set [ 174.313727][ T7791] vcan0: tx drop: invalid da for name 0x0000000000000001 [ 175.116965][ T7806] FAULT_INJECTION: forcing a failure. [ 175.116965][ T7806] name failslab, interval 1, probability 0, space 0, times 0 [ 175.121186][ T7806] CPU: 2 UID: 0 PID: 7806 Comm: syz.1.352 Not tainted syzkaller #0 PREEMPT(full) [ 175.121200][ T7806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 175.121206][ T7806] Call Trace: [ 175.121210][ T7806] [ 175.121215][ T7806] dump_stack_lvl+0x16c/0x1f0 [ 175.121230][ T7806] should_fail_ex+0x512/0x640 [ 175.121243][ T7806] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 175.121257][ T7806] should_failslab+0xc2/0x120 [ 175.121273][ T7806] kmem_cache_alloc_node_noprof+0x78/0x770 [ 175.121285][ T7806] ? __alloc_skb+0x2b2/0x380 [ 175.121301][ T7806] ? __alloc_skb+0x2b2/0x380 [ 175.121312][ T7806] __alloc_skb+0x2b2/0x380 [ 175.121325][ T7806] ? __pfx___alloc_skb+0x10/0x10 [ 175.121339][ T7806] ? __handle_mm_fault+0x5a8/0x2aa0 [ 175.121353][ T7806] alloc_skb_with_frags+0xe0/0x860 [ 175.121371][ T7806] sock_alloc_send_pskb+0x7f9/0x980 [ 175.121389][ T7806] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 175.121405][ T7806] ? __local_bh_enable_ip+0xa4/0x120 [ 175.121419][ T7806] j1939_sk_sendmsg+0x6bc/0x13d0 [ 175.121434][ T7806] ? __pfx_aa_sk_perm+0x10/0x10 [ 175.121451][ T7806] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 175.121462][ T7806] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 175.121476][ T7806] ____sys_sendmsg+0xa98/0xc70 [ 175.121487][ T7806] ? __pfx_____sys_sendmsg+0x10/0x10 [ 175.121496][ T7806] ? get_compat_msghdr+0x11a/0x170 [ 175.121512][ T7806] ? __pfx__kstrtoull+0x10/0x10 [ 175.121531][ T7806] ___sys_sendmsg+0x134/0x1d0 [ 175.121545][ T7806] ? __pfx____sys_sendmsg+0x10/0x10 [ 175.121557][ T7806] ? __lock_acquire+0x622/0x1c90 [ 175.121588][ T7806] __sys_sendmmsg+0x2f9/0x420 [ 175.121604][ T7806] ? __pfx___sys_sendmmsg+0x10/0x10 [ 175.121622][ T7806] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 175.121639][ T7806] ? fput+0x9b/0xd0 [ 175.121655][ T7806] ? ksys_write+0x1ac/0x250 [ 175.121667][ T7806] ? __pfx_ksys_write+0x10/0x10 [ 175.121682][ T7806] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 175.121696][ T7806] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 175.121709][ T7806] __do_fast_syscall_32+0x7c/0x300 [ 175.121724][ T7806] do_fast_syscall_32+0x32/0x80 [ 175.121735][ T7806] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 175.121748][ T7806] RIP: 0023:0xf702d579 [ 175.121756][ T7806] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 175.121765][ T7806] RSP: 002b:00000000f541d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 175.121776][ T7806] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000008000a200 [ 175.121782][ T7806] RDX: 00000000ffffff31 RSI: 0000000060000800 RDI: 0000000000000000 [ 175.121788][ T7806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 175.121793][ T7806] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 175.121814][ T7806] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 175.121827][ T7806] [ 176.746302][ T7832] netlink: 4 bytes leftover after parsing attributes in process `syz.0.358'. [ 177.233255][ T7847] FAULT_INJECTION: forcing a failure. [ 177.233255][ T7847] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 177.239359][ T7847] CPU: 3 UID: 0 PID: 7847 Comm: syz.1.363 Not tainted syzkaller #0 PREEMPT(full) [ 177.239374][ T7847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 177.239380][ T7847] Call Trace: [ 177.239384][ T7847] [ 177.239389][ T7847] dump_stack_lvl+0x16c/0x1f0 [ 177.239415][ T7847] should_fail_ex+0x512/0x640 [ 177.239432][ T7847] _copy_to_iter+0x463/0x1710 [ 177.239449][ T7847] ? __pfx__copy_to_iter+0x10/0x10 [ 177.239461][ T7847] ? m_stop+0x395/0x500 [ 177.239476][ T7847] ? get_gate_vma+0x94/0xb0 [ 177.239493][ T7847] ? m_stop+0x310/0x500 [ 177.239509][ T7847] seq_read_iter+0xd02/0x12d0 [ 177.239527][ T7847] seq_read+0x3a3/0x570 [ 177.239537][ T7847] ? __pfx_seq_read+0x10/0x10 [ 177.239556][ T7847] ? rw_verify_area+0xcf/0x6c0 [ 177.239568][ T7847] ? __pfx_seq_read+0x10/0x10 [ 177.239578][ T7847] vfs_read+0x1e4/0xcf0 [ 177.239594][ T7847] ? __pfx_vfs_read+0x10/0x10 [ 177.239605][ T7847] ? find_held_lock+0x2b/0x80 [ 177.239621][ T7847] ? __fget_files+0x20e/0x3c0 [ 177.239637][ T7847] ksys_read+0x12a/0x250 [ 177.239649][ T7847] ? __pfx_ksys_read+0x10/0x10 [ 177.239663][ T7847] ? rcu_is_watching+0x12/0xc0 [ 177.239677][ T7847] __do_fast_syscall_32+0x7c/0x300 [ 177.239690][ T7847] do_fast_syscall_32+0x32/0x80 [ 177.239702][ T7847] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 177.239714][ T7847] RIP: 0023:0xf702d579 [ 177.239722][ T7847] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 177.239732][ T7847] RSP: 002b:00000000f541d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000003 [ 177.239742][ T7847] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800020c0 [ 177.239748][ T7847] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000 [ 177.239753][ T7847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 177.239759][ T7847] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 177.239764][ T7847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 177.239777][ T7847] [ 177.691546][ T7863] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 177.693515][ T7863] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 177.697627][ T7863] vhci_hcd vhci_hcd.0: Device attached [ 177.717335][ T7863] netlink: 36 bytes leftover after parsing attributes in process `syz.0.367'. [ 177.727784][ T7864] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 177.729772][ T7864] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 177.790784][ T7864] vhci_hcd vhci_hcd.0: Device attached [ 177.963371][ T55] usb 37-1: new low-speed USB device number 7 using vhci_hcd [ 178.015735][ T5965] ------------[ cut here ]------------ [ 178.018202][ T5965] WARNING: CPU: 0 PID: 5965 at net/bluetooth/hci_conn.c:567 hci_conn_timeout+0x11a/0x210 [ 178.022296][ T5965] Modules linked in: [ 178.024336][ T5965] CPU: 0 UID: 0 PID: 5965 Comm: kworker/u33:7 Not tainted syzkaller #0 PREEMPT(full) [ 178.028291][ T5965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 178.033122][ T5965] Workqueue: hci1 hci_conn_timeout [ 178.035399][ T5965] RIP: 0010:hci_conn_timeout+0x11a/0x210 [ 178.037887][ T5965] Code: 00 e8 4a 7d 64 f7 4c 89 f1 4c 89 e2 48 c7 c6 60 81 d7 8c 48 c7 c7 70 0c 7e 90 e8 11 f6 7d fa e9 4d ff ff ff e8 27 7d 64 f7 90 <0f> 0b 90 e8 1e 7d 64 f7 48 8d bb f5 f6 ff ff 48 b8 00 00 00 00 00 [ 178.046563][ T5965] RSP: 0018:ffffc90003b37c20 EFLAGS: 00010293 [ 178.048951][ T5965] RAX: 0000000000000000 RBX: ffff8880132e4948 RCX: ffffffff8a5894cf [ 178.052337][ T5965] RDX: ffff888028064900 RSI: ffffffff8a589579 RDI: 0000000000000005 [ 178.055745][ T5965] RBP: 00000000ffffffff R08: 0000000000000005 R09: 0000000000000000 [ 178.059105][ T5965] R10: 00000000ffffffff R11: 0000000000002b81 R12: ffff8880132e4000 [ 178.062611][ T5965] R13: 0000000000000000 R14: ffffffff90829d34 R15: ffffc90003b37d00 [ 178.065621][ T5965] FS: 0000000000000000(0000) GS:ffff8880977fe000(0000) knlGS:0000000000000000 [ 178.069468][ T5965] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.072357][ T5965] CR2: 00000000f512e42c CR3: 0000000072623000 CR4: 0000000000352ef0 [ 178.075899][ T5965] Call Trace: [ 178.077398][ T5965] [ 178.078639][ T5965] process_one_work+0x9cf/0x1b70 [ 178.080584][ T5965] ? __pfx_process_one_work+0x10/0x10 [ 178.082843][ T5965] ? assign_work+0x1a0/0x250 [ 178.084813][ T5965] worker_thread+0x6c8/0xf10 [ 178.086729][ T5965] ? __kthread_parkme+0x19e/0x250 [ 178.088667][ T5965] ? __pfx_worker_thread+0x10/0x10 [ 178.090778][ T5965] kthread+0x3c5/0x780 [ 178.092645][ T5965] ? __pfx_kthread+0x10/0x10 [ 178.094643][ T5965] ? rcu_is_watching+0x12/0xc0 [ 178.096696][ T5965] ? __pfx_kthread+0x10/0x10 [ 178.098703][ T5965] ret_from_fork+0x675/0x7d0 [ 178.100681][ T5965] ? __pfx_kthread+0x10/0x10 [ 178.102887][ T5965] ret_from_fork_asm+0x1a/0x30 [ 178.105029][ T5965] [ 178.106422][ T5965] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 178.109551][ T5965] CPU: 0 UID: 0 PID: 5965 Comm: kworker/u33:7 Not tainted syzkaller #0 PREEMPT(full) [ 178.113672][ T5965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 178.118282][ T5965] Workqueue: hci1 hci_conn_timeout [ 178.120544][ T5965] Call Trace: [ 178.122037][ T5965] [ 178.123299][ T5965] dump_stack_lvl+0x3d/0x1f0 [ 178.125329][ T5965] vpanic+0x640/0x6f0 [ 178.127120][ T5965] ? hci_conn_timeout+0x11a/0x210 [ 178.129411][ T5965] panic+0xca/0xd0 [ 178.131100][ T5965] ? __pfx_panic+0x10/0x10 [ 178.133069][ T5965] ? check_panic_on_warn+0x1f/0xb0 [ 178.135164][ T5965] check_panic_on_warn+0xab/0xb0 [ 178.137084][ T5965] __warn+0xf6/0x3c0 [ 178.138634][ T5965] ? hci_conn_timeout+0x11a/0x210 [ 178.140614][ T5965] report_bug+0x3c3/0x580 [ 178.142336][ T5965] ? hci_conn_timeout+0x11a/0x210 [ 178.144439][ T5965] handle_bug+0x184/0x210 [ 178.146030][ T5965] exc_invalid_op+0x17/0x50 [ 178.147547][ T5965] asm_exc_invalid_op+0x1a/0x20 [ 178.149164][ T5965] RIP: 0010:hci_conn_timeout+0x11a/0x210 [ 178.151235][ T5965] Code: 00 e8 4a 7d 64 f7 4c 89 f1 4c 89 e2 48 c7 c6 60 81 d7 8c 48 c7 c7 70 0c 7e 90 e8 11 f6 7d fa e9 4d ff ff ff e8 27 7d 64 f7 90 <0f> 0b 90 e8 1e 7d 64 f7 48 8d bb f5 f6 ff ff 48 b8 00 00 00 00 00 [ 178.157482][ T5965] RSP: 0018:ffffc90003b37c20 EFLAGS: 00010293 [ 178.159483][ T5965] RAX: 0000000000000000 RBX: ffff8880132e4948 RCX: ffffffff8a5894cf [ 178.162126][ T5965] RDX: ffff888028064900 RSI: ffffffff8a589579 RDI: 0000000000000005 [ 178.164713][ T5965] RBP: 00000000ffffffff R08: 0000000000000005 R09: 0000000000000000 [ 178.167317][ T5965] R10: 00000000ffffffff R11: 0000000000002b81 R12: ffff8880132e4000 [ 178.169904][ T5965] R13: 0000000000000000 R14: ffffffff90829d34 R15: ffffc90003b37d00 [ 178.172536][ T5965] ? hci_conn_timeout+0x6f/0x210 [ 178.174184][ T5965] ? hci_conn_timeout+0x119/0x210 [ 178.175828][ T5965] process_one_work+0x9cf/0x1b70 [ 178.177471][ T5965] ? __pfx_process_one_work+0x10/0x10 [ 178.179411][ T5965] ? assign_work+0x1a0/0x250 [ 178.180986][ T5965] worker_thread+0x6c8/0xf10 [ 178.182560][ T5965] ? __kthread_parkme+0x19e/0x250 [ 178.184222][ T5965] ? __pfx_worker_thread+0x10/0x10 [ 178.185912][ T5965] kthread+0x3c5/0x780 [ 178.187268][ T5965] ? __pfx_kthread+0x10/0x10 [ 178.188805][ T5965] ? rcu_is_watching+0x12/0xc0 [ 178.190401][ T5965] ? __pfx_kthread+0x10/0x10 [ 178.191945][ T5965] ret_from_fork+0x675/0x7d0 [ 178.193470][ T5965] ? __pfx_kthread+0x10/0x10 [ 178.195009][ T5965] ret_from_fork_asm+0x1a/0x30 [ 178.196595][ T5965] [ 178.198345][ T5965] Kernel Offset: disabled [ 178.199767][ T5965] Rebooting in 86400 seconds..