last executing test programs: 4m23.619403365s ago: executing program 1 (id=1325): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000200)=0x2, 0x4) bind$inet(r0, &(0x7f0000000300)={0x2, 0x0, @loopback}, 0x10) 4m23.558299811s ago: executing program 1 (id=1332): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}]}], {0x14}}, 0x64}}, 0x0) 4m23.505507737s ago: executing program 1 (id=1335): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4048aec9, &(0x7f0000000000)={0x3, 0x2, 0x10001, 0x1, 0x1}) 4m23.40106951s ago: executing program 1 (id=1342): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000880)=0xfbf, 0x4) sendto$inet6(r0, 0x0, 0x0, 0xfffffefffbfbbfbe, &(0x7f0000000100)={0xa, 0x4e20, 0xfffffffe, @empty, 0x6}, 0x1c) 4m23.338357867s ago: executing program 1 (id=1345): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 4m23.299370198s ago: executing program 1 (id=1347): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000100)={0x6, 'veth0_to_bridge\x00', {}, 0x104}) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000a80)={0x0, 'veth0_vlan\x00', {0x4}, 0x1}) 4m8.250968892s ago: executing program 32 (id=1347): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000100)={0x6, 'veth0_to_bridge\x00', {}, 0x104}) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000a80)={0x0, 'veth0_vlan\x00', {0x4}, 0x1}) 2m24.77311022s ago: executing program 0 (id=4698): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000104000500010001"], 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x1, 0x0, 0x400}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x60000081}, 0x800) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {0x3, 0x0, 0x10}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x26088888) 2m24.703168753s ago: executing program 0 (id=4700): pipe(&(0x7f0000000140)={0xffffffffffffffff}) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000080), 0xfffffe13) close_range(r0, 0xffffffffffffffff, 0x0) 2m24.612884364s ago: executing program 0 (id=4702): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x2) 2m24.544831608s ago: executing program 0 (id=4706): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 2m24.480045833s ago: executing program 0 (id=4708): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x14, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000030000008500000086000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r2, 0x1}, 0xc) 2m24.232995296s ago: executing program 0 (id=4712): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = dup(r0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e23, 0xdb, @empty}}, 0xffb, 0x203, 0xffff18b6, 0x6, 0x330, 0x80000001, 0xdb}, 0x9c) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x6, 0x7d, 0x8, 0x9817b46, 0x0, 0x10, 0x9}, &(0x7f0000000140)=0x9c) 2m24.180034954s ago: executing program 33 (id=4712): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = dup(r0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e23, 0xdb, @empty}}, 0xffb, 0x203, 0xffff18b6, 0x6, 0x330, 0x80000001, 0xdb}, 0x9c) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x6, 0x7d, 0x8, 0x9817b46, 0x0, 0x10, 0x9}, &(0x7f0000000140)=0x9c) 7.465173642s ago: executing program 2 (id=6463): ppoll(0x0, 0x0, &(0x7f0000002640)={0x0, 0x3938700}, 0x0, 0x0) r0 = memfd_secret(0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r0, 0x0) ftruncate(r0, 0x51a9497) 7.031873515s ago: executing program 2 (id=6465): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140)) 2.836773897s ago: executing program 5 (id=6482): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x40015b0b, 0x0) 2.670232731s ago: executing program 3 (id=6483): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@bridge_newvlan={0x24, 0x70, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x2, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x4}}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x20040014) 2.360000698s ago: executing program 4 (id=6485): setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x43fa, 0x7}, 0x8) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)={0x1, [0x0]}, &(0x7f0000000000)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000001600)={r1, 0x7}, 0x8) 2.172203946s ago: executing program 4 (id=6486): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@mcast1, 0x1, 0x0, 0x0, 0x1, 0x0, 0xfffd}, 0x20) ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00', 0x4}) ioctl(r0, 0x8b1a, &(0x7f0000000040)) 1.414976598s ago: executing program 4 (id=6487): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000003"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc92b18236457ee3c8", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.414749314s ago: executing program 3 (id=6488): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c000280080001400000000014000180090001006cdbf80789f3f947dd000280080003"], 0xe4}}, 0x20050840) sendmsg$IPSET_CMD_DEL(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x34, 0xa, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x5}, @IPSET_ATTR_ADT={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4800}, 0x48080) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0) 1.413322371s ago: executing program 2 (id=6489): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)) ioctl$PPPIOCSACTIVE(r0, 0x40087446, &(0x7f00000007c0)={0x1, &(0x7f0000000080)=[{0x16, 0xd, 0x1, 0x2006}]}) write$cgroup_pid(r0, &(0x7f0000000040), 0x12) 1.351360535s ago: executing program 5 (id=6490): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @empty}, 0x20) syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0) recvmsg(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) 1.090396843s ago: executing program 5 (id=6491): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x100) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40) bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r0}, 0x8) 1.058777686s ago: executing program 4 (id=6492): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) r1 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x11e, 0x1, 0x0, 0x0) 1.00962912s ago: executing program 5 (id=6493): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x28, 0x1, 0x0) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0xfffffffffffffcb1, &(0x7f0000000240)={&(0x7f00000019c0)=@delchain={0x2c, 0x66, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x2c}}, 0x0) 1.008156461s ago: executing program 4 (id=6494): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x30, r1, 0x5, 0xfffffffc, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x2004c001}, 0x4800) 703.74925ms ago: executing program 4 (id=6495): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) 701.472005ms ago: executing program 3 (id=6496): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x34, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x12, 0x0, @opaque='\x00'/10}}}}}, 0x0) recvfrom(r0, &(0x7f00000000c0)=""/10, 0xa, 0x0, 0x0, 0x0) 624.954701ms ago: executing program 5 (id=6497): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') r0 = creat(&(0x7f0000000440)='./file0/file0\x00', 0x188) quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000200, 0x0, 0x0) 488.642253ms ago: executing program 3 (id=6498): r0 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0) 486.765333ms ago: executing program 5 (id=6499): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') fchdir(r0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x900, 0x12) 412.040626ms ago: executing program 2 (id=6500): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x1, 0x0) mknodat(r1, &(0x7f0000000140)='./file1\x00', 0x400, 0x2) 281.781633ms ago: executing program 3 (id=6501): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0xc, @empty}, 0x20) connect$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x9, @empty, 0x0, 0x3}, 0x20) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000100)=0x20) 281.380974ms ago: executing program 2 (id=6502): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, &(0x7f00000024c0)=ANY=[@ANYBLOB='quota']) r0 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x250942, 0x1cd) quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000901, 0xee00, 0x0) 108.30523ms ago: executing program 2 (id=6503): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x1c, r1, 0x305, 0x0, 0x0, {0x7}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0xf0}, 0x24044080) 0s ago: executing program 3 (id=6504): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000071000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c00018008000100000001000c0002"], 0x30}, 0x1, 0x0, 0x0, 0x44}, 0x0) kernel console output (not intermixed with test programs): idge_fdb_entry 39KB 47KB [ 191.118831][T14891] MPTCPv6 108KB 191KB [ 191.121707][T14891] ip6-frags 9KB 15KB [ 191.124702][T14891] fib6_node 111KB 144KB [ 191.129600][T14891] ip6_dst_cache 95KB 320KB [ 191.132539][T14891] mfc6_cache 6KB 8KB [ 191.140013][T14891] PINGv6 80KB 123KB [ 191.143623][T14891] RAWv6 101KB 185KB [ 191.147313][T14891] UDPLITEv6 87KB 126KB [ 191.150415][T14891] UDPv6 78KB 220KB [ 191.153360][T14891] tw_sock_TCPv6 29KB 47KB [ 191.156350][T14891] request_sock_TCPv6 10KB 15KB [ 191.159100][T14891] TCPv6 245KB 387KB [ 191.162083][T14891] nf_conntrack 40KB 63KB [ 191.166093][T14891] wg_peer 104KB 148KB [ 191.169276][T14891] allowedips_node 24KB 35KB [ 191.171903][T14891] t10_alua_lu_gp_cache 8KB 15KB [ 191.174638][T14891] scsi_sense_cache 52KB 56KB [ 191.178478][T14891] virtio_scsi_cmd 21KB 24KB [ 191.182395][T14891] bio-136 41KB 68KB [ 191.185763][T14891] io_kiocb 0KB 31KB [ 191.189128][T14891] bio-264 41KB 55KB [ 191.192073][T14891] mqueue_inode_cache 50KB 121KB [ 191.194563][T14891] f2fs_bio_post_read_ctx 30KB 31KB [ 191.197982][T14891] jfs_mp 14KB 15KB [ 191.200830][T14891] fuse_request 26KB 31KB [ 191.203833][T14891] cifs_small_rq 28KB 32KB [ 191.208548][T14891] cifs_request 67KB 67KB [ 191.211195][T14891] cifs_mpx_ids 8KB 15KB [ 191.214375][T14891] cifs_io_subrequest 42KB 47KB [ 191.217403][T14891] cifs_io_request 105KB 111KB [ 191.220624][T14891] nfs_commit_data 24KB 31KB [ 191.223761][T14891] nfs_write_data 38KB 63KB [ 191.226633][T14891] jbd2_inode 16KB 19KB [ 191.229392][T14891] ext4_system_zone 1KB 3KB [ 191.232055][T14891] ext4_io_end_vec 6KB 15KB [ 191.234905][T14891] kioctx 11KB 159KB [ 191.238051][T14891] aio_kiocb 19KB 54KB [ 191.240779][T14891] userfaultfd_ctx_cache 68KB 126KB [ 191.243934][T14891] dnotify_mark 33KB 35KB [ 191.247153][T14891] dnotify_struct 8KB 11KB [ 191.250145][T14891] fasync_cache 37KB 47KB [ 191.252921][T14891] zspage 144KB 173KB [ 191.255928][T14891] zs_handle 154KB 196KB [ 191.258721][T14891] pid_namespace 65KB 123KB [ 191.261648][T14891] kvm_gmem_inode_cache 15KB 31KB [ 191.264663][T14891] kvm_vcpu 125KB 281KB [ 191.267634][T14891] x86_emulator 83KB 221KB [ 191.270390][T14891] rpc_buffers 25KB 31KB [ 191.273126][T14891] rpc_tasks 8KB 15KB [ 191.276141][T14891] UNIX-STREAM 76KB 214KB [ 191.278977][T14891] UNIX 150KB 275KB [ 191.281608][T14891] ip4-frags 19KB 31KB [ 191.284191][T14891] mfc_cache 20KB 24KB [ 191.287102][T14891] UDP-Lite 21KB 31KB [ 191.289639][T14891] MPTCP 88KB 214KB [ 191.291821][T14891] tcp_bind2_bucket 17KB 32KB [ 191.293887][T14891] tcp_bind_bucket 21KB 32KB [ 191.295877][T14891] inet_peer 14KB 16KB [ 191.297901][T14891] xfrm_state 36KB 127KB [ 191.301086][T14891] ip_fib_trie 24KB 36KB [ 191.303338][T14891] ip_fib_alias 63KB 102KB [ 191.305659][T14891] rtable 32KB 56KB [ 191.307690][T14891] PING 71KB 126KB [ 191.310306][T14891] RAW 60KB 159KB [ 191.312369][T14891] UDP 121KB 286KB [ 191.314746][T14891] request_sock_TCP 39KB 61KB [ 191.316991][T14891] TCP 510KB 637KB [ 191.319117][T14891] hugetlbfs_inode_cache 23KB 125KB [ 191.321209][T14891] fscache_cookie_jar 17KB 30KB [ 191.323202][T14891] netfs_subrequest 50KB 54KB [ 191.325212][T14891] netfs_request 154KB 159KB [ 191.327398][T14891] bio-280 21KB 23KB [ 191.329670][T14891] ep_head 3KB 24KB [ 191.331789][T14891] eventpoll_pwq 10KB 35KB [ 191.333822][T14891] eventpoll_epi 45KB 66KB [ 191.336363][T14891] inotify_inode_mark 27KB 50KB [ 191.339013][T14891] sgpool-128 29KB 148KB [ 191.342000][T14891] sgpool-64 34KB 127KB [ 191.344053][T14891] sgpool-32 25KB 63KB [ 191.346242][T14891] sgpool-16 31KB 78KB [ 191.348611][T14891] sgpool-8 12KB 31KB [ 191.350624][T14891] bio_crypt_ctx 9KB 11KB [ 191.352729][T14891] bio_integrity_data 7KB 8KB [ 191.354909][T14891] request_queue 226KB 247KB [ 191.357086][T14891] blkdev_ioc 21KB 47KB [ 191.359142][T14891] bio-200 57KB 85KB [ 191.361248][T14891] biovec-max 714KB 773KB [ 191.363220][T14891] biovec-128 55KB 95KB [ 191.365322][T14891] biovec-64 25KB 63KB [ 191.367387][T14891] biovec-16 21KB 46KB [ 191.370780][T14891] mm_slot 9KB 11KB [ 191.372825][T14891] ksm_mm_slot 3KB 4KB [ 191.374951][T14891] uid_cache 26KB 46KB [ 191.379576][T14891] iommu_iova_magazine 991KB 1039KB [ 191.383021][T14891] iommu_iova 177KB 180KB [ 191.385623][T14891] dmaengine-unmap-256 26KB 30KB [ 191.388009][T14891] dmaengine-unmap-128 14KB 30KB [ 191.390746][T14891] dmaengine-unmap-16 7KB 8KB [ 191.392807][T14891] dmaengine-unmap-2 3KB 4KB [ 191.394751][T14891] QIPCRTR 46KB 93KB [ 191.396797][T14891] audit_buffer 33KB 46KB [ 191.398743][T14891] skbuff_ext_cache 9KB 32KB [ 191.400875][T14891] skbuff_small_head 2139KB 2315KB [ 191.403228][T14891] skbuff_fclone_cache 185KB 218KB [ 191.406044][T14891] skbuff_head_cache 1403KB 1445KB [ 191.408880][T14891] configfs_dir_cache 29KB 32KB [ 191.410869][T14891] file_lease_cache 19KB 23KB [ 191.413011][T14891] file_lock_cache 21KB 63KB [ 191.415097][T14891] file_lock_ctx 37KB 43KB [ 191.417680][T14891] fsnotify_inode_mark_connector 22KB 47KB [ 191.420026][T14891] posix_timers_cache 48KB 64KB [ 191.422114][T14891] taskstats 82KB 159KB [ 191.424739][T14891] mem_cgroup_per_node 90KB 123KB [ 191.427483][T14891] mem_cgroup 119KB 149KB [ 191.429485][T14891] proc_dir_entry 631KB 687KB [ 191.431420][T14891] pde_opener 6KB 15KB [ 191.433467][T14891] seq_file 27KB 70KB [ 191.435463][T14891] sigqueue 14KB 43KB [ 191.437419][T14891] shmem_inode_cache 8026KB 8388KB [ 191.439375][T14891] kernfs_iattrs_cache 46KB 46KB [ 191.441578][T14891] kernfs_node_cache 26268KB 26276KB [ 191.443924][T14891] mnt_cache 87KB 126KB [ 191.446687][T14891] filp 406KB 622KB [ 191.448679][T14891] names_cache 399KB 440KB [ 191.450629][T14891] net_namespace 76KB 172KB [ 191.452613][T14891] ima_iint_cache 25KB 63KB [ 191.454608][T14891] lsm_inode_cache 1421KB 1897KB [ 191.457019][T14891] lsm_file_cache 117KB 212KB [ 191.459382][T14891] key_jar 24KB 70KB [ 191.461745][T14891] uts_namespace 78KB 123KB [ 191.463799][T14891] nsproxy 12KB 31KB [ 191.466171][T14891] vm_area_struct 1206KB 1359KB [ 191.468142][T14891] fs_cache 39KB 72KB [ 191.470426][T14891] files_cache 166KB 270KB [ 191.472473][T14891] signal_cache 911KB 1941KB [ 191.474431][T14891] sighand_cache 1158KB 2435KB [ 191.476911][T14891] task_struct 4998KB 5264KB [ 191.479252][T14891] cred 147KB 344KB [ 191.481299][T14891] anon_vma_chain 374KB 444KB [ 191.483292][T14891] anon_vma 400KB 565KB [ 191.485371][T14891] pid 147KB 414KB [ 191.487346][T14891] Acpi-Operand 195KB 328KB [ 191.489521][T14891] Acpi-ParseExt 21KB 39KB [ 191.491956][T14891] Acpi-Parse 12KB 27KB [ 191.494627][T14891] Acpi-State 10KB 27KB [ 191.497492][T14891] Acpi-Namespace 35KB 48KB [ 191.500156][T14891] shared_policy_node 14KB 16KB [ 191.503324][T14891] numa_policy 14KB 16KB [ 191.506712][T14891] perf_event 15KB 31KB [ 191.509386][T14891] trace_event_file 540KB 540KB [ 191.512032][T14891] ftrace_event_field 1026KB 1027KB [ 191.514655][T14891] pool_workqueue 1927KB 2000KB [ 191.517699][T14891] task_group 91KB 108KB [ 191.521188][T14891] maple_node 810KB 1528KB [ 191.524298][T14891] mm_struct 431KB 581KB [ 191.527741][T14891] vmap_area 970KB 1366KB [ 191.530160][T14891] debug_objects_cache 1996KB 3660KB [ 191.532715][T14891] page->ptl 217KB 255KB [ 191.535877][T14891] kmalloc-cg-8k 1568KB 1664KB [ 191.538766][T14891] kmalloc-cg-4k 13136KB 13568KB [ 191.541432][T14891] kmalloc-cg-2k 8640KB 9280KB [ 191.544760][T14891] kmalloc-cg-1k 2508KB 2784KB [ 191.547751][T14891] kmalloc-cg-512 1263KB 1312KB [ 191.550359][T14891] kmalloc-cg-256 395KB 440KB [ 191.553020][T14891] kmalloc-cg-128 240KB 272KB [ 191.555690][T14891] kmalloc-cg-64 54KB 80KB [ 191.558556][T14891] kmalloc-cg-32 50KB 196KB [ 191.561319][T14891] kmalloc-cg-16 7KB 16KB [ 191.564040][T14891] kmalloc-cg-8 20KB 36KB [ 191.567617][T14891] kmalloc-cg-192 56KB 72KB [ 191.570566][T14891] kmalloc-cg-96 68KB 84KB [ 191.573188][T14891] kmalloc-8k 5760KB 6016KB [ 191.576293][T14891] kmalloc-4k 25176KB 25472KB [ 191.579216][T14891] kmalloc-2k 12312KB 13088KB [ 191.582059][T14891] kmalloc-1k 7844KB 8064KB [ 191.584706][T14891] kmalloc-512 10196KB 11296KB [ 191.588182][T14891] kmalloc-256 4505KB 5008KB [ 191.590756][T14891] kmalloc-128 1533KB 1892KB [ 191.594027][T14891] kmalloc-64 3074KB 3284KB [ 191.597131][T14891] kmalloc-32 1607KB 1888KB [ 191.599590][T14891] kmalloc-16 434KB 468KB [ 191.601985][T14891] kmalloc-8 454KB 500KB [ 191.604365][T14891] kmalloc-192 1507KB 1836KB [ 191.607108][T14891] kmalloc-96 1692KB 1772KB [ 191.610157][T14891] kmem_cache_node 213KB 220KB [ 191.613184][T14891] kmem_cache 177KB 226KB [ 191.615850][T14891] oom-kill:constraint=CONSTRAINT_MEMORY_POLICY,nodemask=0,cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz2,task=syz.2.4097,pid=14891,uid=0 [ 191.623236][T14891] Out of memory (oom_kill_allocating_task): Killed process 14891 (syz.2.4097) total-vm:104184kB, anon-rss:216kB, file-rss:22872kB, shmem-rss:11480kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 192.907216][T15032] input: syz1 as /devices/virtual/input/input15 [ 192.947411][T15034] input: syz1 as /devices/virtual/input/input16 [ 192.961207][T15036] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4166'. [ 193.245795][T15058] dvmrp0: entered allmulticast mode [ 194.085445][ T5943] Bluetooth: hci4: command 0x0406 tx timeout [ 194.129099][T15065] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 196.338454][T15140] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4214'. [ 196.971346][T15176] pimreg: entered allmulticast mode [ 196.980152][T15176] pimreg: left allmulticast mode [ 198.005438][ T1325] kernel read not supported for file /dsp1 (pid: 1325 comm: kworker/3:2) [ 198.110420][T15219] netlink: 'syz.3.4250': attribute type 1 has an invalid length. [ 198.113409][T15219] netlink: 'syz.3.4250': attribute type 2 has an invalid length. [ 198.116357][T15219] netlink: 'syz.3.4250': attribute type 1 has an invalid length. [ 198.119138][T15219] netlink: 'syz.3.4250': attribute type 3 has an invalid length. [ 198.121651][T15219] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4250'. [ 198.159534][T15222] pimreg0: renamed from lo [ 198.979184][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.495407][ T1325] kernel read not supported for file /dsp1 (pid: 1325 comm: kworker/3:2) [ 200.921352][T15347] ip6erspan0: tun_chr_ioctl cmd 1074025672 [ 200.924222][T15347] ip6erspan0: ignored: set checksum disabled [ 201.466953][T15373] netlink: 'syz.3.4319': attribute type 9 has an invalid length. [ 202.062030][T15401] bridge: RTM_NEWNEIGH with invalid state 0x8 [ 202.069395][T15402] binder: 15400:15402 ioctl c0306201 80000080 returned -14 [ 202.154048][T15404] bond0: entered promiscuous mode [ 202.157838][T15404] batadv0: entered promiscuous mode [ 202.162114][T15404] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 202.167530][T15404] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network [ 202.173493][T15404] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 203.176162][T15448] netlink: 'syz.3.4349': attribute type 30 has an invalid length. [ 203.257081][ T5983] kernel read not supported for file /dsp (pid: 5983 comm: kworker/2:3) [ 203.764782][T15477] Bluetooth: MGMT ver 1.23 [ 205.401580][ T40] audit: type=1800 audit(2000000059.319:128): pid=15521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4383" name="file1" dev="tmpfs" ino=5665 res=0 errno=0 [ 207.717169][T15589] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4414'. [ 207.795324][ T1022] kernel read not supported for file /dsp1 (pid: 1022 comm: kworker/0:2) [ 208.206229][T15609] input: syz0 as /devices/virtual/input/input18 [ 208.832189][ T50] kernel write not supported for file /video8 (pid: 50 comm: kworker/2:1) [ 208.987943][T15661] 9p: Invalid uid '0x00000000ffffffff' [ 210.891982][T15701] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4464'. [ 210.919662][T15703] netlink: 52 bytes leftover after parsing attributes in process `syz.0.4463'. [ 211.147705][T15729] netlink: 'syz.0.4477': attribute type 21 has an invalid length. [ 211.150217][T15729] netlink: 128 bytes leftover after parsing attributes in process `syz.0.4477'. [ 211.153236][T15729] netlink: 3 bytes leftover after parsing attributes in process `syz.0.4477'. [ 211.358000][T15749] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 212.514278][T15826] binder: BINDER_SET_CONTEXT_MGR already set [ 212.516930][T15826] binder: 15825:15826 ioctl 4018620d 80000040 returned -16 [ 212.870218][T15851] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4533'. [ 212.874366][T15851] hsr_slave_0: left promiscuous mode [ 212.877707][T15851] hsr_slave_1: left promiscuous mode [ 212.917054][T15855] netlink: 'syz.2.4535': attribute type 7 has an invalid length. [ 212.919560][T15855] netem: change failed [ 213.084834][T15869] netlink: 168 bytes leftover after parsing attributes in process `syz.3.4543'. [ 213.170843][T15878] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4547'. [ 213.174075][T15878] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4547'. [ 213.179205][T15878] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4547'. [ 213.182236][T15878] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4547'. [ 213.244865][T15884] netlink: 'syz.2.4549': attribute type 1 has an invalid length. [ 213.250338][T15884] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4549'. [ 213.254181][T15884] netlink: 'syz.2.4549': attribute type 1 has an invalid length. [ 213.257847][T15884] netlink: 'syz.2.4549': attribute type 8 has an invalid length. [ 213.261958][T15884] netlink: 582 bytes leftover after parsing attributes in process `syz.2.4549'. [ 213.267155][T15884] netlink: 1 bytes leftover after parsing attributes in process `syz.2.4549'. [ 213.505397][ T50] usb 8-1: new low-speed USB device number 8 using dummy_hcd [ 213.656712][ T50] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 213.659112][ T50] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 213.662717][ T50] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 213.666974][ T50] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 213.670504][ T50] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 213.676079][ T50] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 213.679937][ T50] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 213.683586][ T50] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 213.687549][ T50] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 213.691071][ T50] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 213.695816][ T50] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 213.698397][ T50] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 213.702002][ T50] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 213.705856][ T50] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 213.709521][ T50] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 213.716496][ T50] usb 8-1: string descriptor 0 read error: -22 [ 213.718538][ T50] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 213.721486][ T50] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.728377][ T50] adutux 8-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 213.938309][ T50] usb 8-1: USB disconnect, device number 8 [ 215.653611][T15965] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4586'. [ 215.791195][T15971] erspan0: entered promiscuous mode [ 216.645603][ T63] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 216.645856][ T5943] Bluetooth: hci2: command 0x1003 tx timeout [ 216.687485][ T5296] block nbd1: Receive control failed (result -32) [ 216.916758][T16025] loop5: detected capacity change from 0 to 7 [ 216.931012][ C2] blk_print_req_error: 75 callbacks suppressed [ 216.931034][ C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 216.936043][ C2] buffer_io_error: 75 callbacks suppressed [ 216.936053][ C2] Buffer I/O error on dev loop5, logical block 0, async page read [ 216.942683][ C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 216.946392][ C2] Buffer I/O error on dev loop5, logical block 0, async page read [ 216.949769][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 216.952846][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 216.965548][ C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 216.968808][ C2] Buffer I/O error on dev loop5, logical block 0, async page read [ 216.971534][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 216.974782][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 216.978769][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 216.981785][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 216.984437][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 216.987583][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 216.990540][T10400] ldm_validate_partition_table(): Disk read failed. [ 217.027757][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 217.030760][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 217.033687][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 217.036750][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 217.039931][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 217.042953][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 217.046625][T10400] Dev loop5: unable to read RDB block 0 [ 217.048741][T10400] loop5: unable to read partition table [ 217.050621][T10400] loop5: partition table beyond EOD, truncated [ 217.058080][T16025] ldm_validate_partition_table(): Disk read failed. [ 217.060551][T16025] Dev loop5: unable to read RDB block 0 [ 217.062624][T16025] loop5: unable to read partition table [ 217.064640][T16025] loop5: partition table beyond EOD, truncated [ 217.072797][T16025] loop_reread_partitions: partition scan of loop5 () failed (rc=-5) [ 217.180479][ T6027] kernel write not supported for file /uinput (pid: 6027 comm: kworker/0:5) [ 217.265842][ T1325] kernel write not supported for file /uinput (pid: 1325 comm: kworker/3:2) [ 217.283375][T16043] netlink: 'syz.3.4622': attribute type 1 has an invalid length. [ 217.287181][T16043] netlink: 'syz.3.4622': attribute type 2 has an invalid length. [ 217.290468][T16043] netlink: 'syz.3.4622': attribute type 1 has an invalid length. [ 218.196163][ T50] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 218.382207][ T50] usb 5-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 218.388082][ T50] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 218.394368][ T50] usb 5-1: Product: syz [ 218.399296][ T50] usb 5-1: Manufacturer: syz [ 218.401891][ T50] usb 5-1: SerialNumber: syz [ 218.674422][ T50] rtl8150 5-1:1.0: couldn't reset the device [ 218.677674][ T50] rtl8150 5-1:1.0: probe with driver rtl8150 failed with error -5 [ 218.689078][ T50] usb 5-1: USB disconnect, device number 11 [ 220.167672][ T50] kernel read not supported for file /dsp1 (pid: 50 comm: kworker/2:1) [ 220.306304][T16163] __nla_validate_parse: 1 callbacks suppressed [ 220.306323][T16163] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4678'. [ 221.150834][T16191] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.4690'. [ 221.213889][ T40] audit: type=1326 audit(2000000075.129:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16195 comm="syz.0.4693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 221.233045][ T40] audit: type=1326 audit(2000000075.129:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16195 comm="syz.0.4693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 221.248488][ T40] audit: type=1326 audit(2000000075.139:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16195 comm="syz.0.4693" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 221.256568][ T40] audit: type=1326 audit(2000000075.139:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16195 comm="syz.0.4693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 221.263347][ T40] audit: type=1326 audit(2000000075.139:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16195 comm="syz.0.4693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 221.270965][ T40] audit: type=1326 audit(2000000075.139:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16195 comm="syz.0.4693" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 221.278218][ T40] audit: type=1326 audit(2000000075.139:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16195 comm="syz.0.4693" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702ef88 code=0x7ffc0000 [ 221.285109][ T40] audit: type=1326 audit(2000000075.139:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16195 comm="syz.0.4693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 221.293081][ T40] audit: type=1326 audit(2000000075.139:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16195 comm="syz.0.4693" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702ef88 code=0x7ffc0000 [ 221.300204][ T40] audit: type=1326 audit(2000000075.139:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16195 comm="syz.0.4693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 221.349093][T16207] misc userio: Begin command sent, but we're already running [ 221.455343][ T1325] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 221.491178][ T63] Bluetooth: hci2: sending frame failed (-49) [ 221.493313][T16220] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input20 [ 221.495044][ T5296] Bluetooth: hci2: Opcode 0x1003 failed: -49 [ 221.625328][ T1325] usb 8-1: Using ep0 maxpacket: 8 [ 221.629201][ T1325] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 221.632907][ T1325] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 221.637056][ T1325] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 221.641487][ T1325] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 221.647245][ T1325] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 221.650361][ T1325] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.820634][ T12] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.867596][ T12] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.882148][ T1325] usb 8-1: GET_CAPABILITIES returned 0 [ 221.884583][ T1325] usbtmc 8-1:16.0: can't read capabilities [ 221.929473][ T12] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.012389][ T12] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.012511][T16247] support for the xor transformation has been removed. [ 222.090187][ T1325] usb 8-1: USB disconnect, device number 9 [ 222.156539][ T12] batman_adv: batadv0: Interface deactivated: gretap1 [ 222.211722][ T12] batman_adv: batadv0: Removing interface: gretap1 [ 222.318647][ T12] bond0 (unregistering): Released all slaves [ 222.324725][ T12] bond1 (unregistering): Released all slaves [ 222.338043][ T12] bond2 (unregistering): Released all slaves [ 222.449821][ T12] tipc: Disabling bearer [ 222.474176][ T12] tipc: Disabling bearer [ 222.477016][ T12] tipc: Left network mode [ 222.596269][ T12] IPVS: stopping backup sync thread 6602 ... [ 222.616088][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 222.620769][ T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 222.631505][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 222.638311][ T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 222.642887][ T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 222.898448][T16260] chnl_net:caif_netlink_parms(): no params data found [ 222.966471][ T12] hsr_slave_0: left promiscuous mode [ 222.975514][ T12] hsr_slave_1: left promiscuous mode [ 222.978575][ T12] veth1_macvtap: left promiscuous mode [ 222.980972][ T12] veth0_macvtap: left promiscuous mode [ 222.981995][T16282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4727'. [ 222.982975][ T12] veth1_vlan: left promiscuous mode [ 222.988794][ T12] veth0_vlan: left promiscuous mode [ 222.990779][T16282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4727'. [ 223.342317][T16260] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.344960][T16260] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.347628][T16260] bridge_slave_0: entered allmulticast mode [ 223.350729][T16260] bridge_slave_0: entered promiscuous mode [ 223.355494][T16260] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.358399][T16260] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.361487][T16260] bridge_slave_1: entered allmulticast mode [ 223.365084][T16260] bridge_slave_1: entered promiscuous mode [ 223.417403][T16260] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 223.426913][T16260] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 223.457390][T16260] team0: Port device team_slave_0 added [ 223.464514][T16260] team0: Port device team_slave_1 added [ 223.500345][T16260] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 223.503415][T16260] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 223.515317][T16260] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 223.522421][T16260] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 223.525935][T16260] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 223.542996][T16260] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 223.592645][T16260] hsr_slave_0: entered promiscuous mode [ 223.596778][T16260] hsr_slave_1: entered promiscuous mode [ 223.695882][ T12] IPVS: stop unused estimator thread 0... [ 223.707839][T16260] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 223.713873][T16260] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 223.718703][T16260] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 223.722981][T16260] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 223.737939][T16260] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.740306][T16260] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.742873][T16260] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.745315][T16260] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.782448][T16260] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.793285][ T70] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.796607][ T70] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.810867][T16260] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.819619][ T659] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.822432][ T659] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.826675][ T659] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.830104][ T659] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.885857][T16260] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.949850][T16334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4739'. [ 223.953937][T16334] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4739'. [ 223.959417][T16334] netlink: 'syz.4.4739': attribute type 18 has an invalid length. [ 223.962432][T16334] netlink: 'syz.4.4739': attribute type 15 has an invalid length. [ 224.034852][T16260] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 224.227820][T16260] veth0_vlan: entered promiscuous mode [ 224.239349][T16260] veth1_vlan: entered promiscuous mode [ 224.262906][T16260] veth0_macvtap: entered promiscuous mode [ 224.269043][T16260] veth1_macvtap: entered promiscuous mode [ 224.279972][T16260] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 224.289176][T16260] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 224.295075][ T1190] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.298516][ T1190] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.303006][ T1190] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.306873][ T1190] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.392273][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.397888][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.432966][ T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.439042][ T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.547902][T16385] vlan2: entered allmulticast mode [ 224.550116][T16385] veth0_to_bond: entered allmulticast mode [ 224.735437][ T63] Bluetooth: hci0: command tx timeout [ 225.019345][T16426] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4775'. [ 225.022343][T16426] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4775'. [ 225.075600][T16430] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4777'. [ 225.356298][T14626] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 225.515398][T14626] usb 8-1: Using ep0 maxpacket: 32 [ 225.519952][T14626] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 225.526713][T14626] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 225.531099][T14626] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 225.534943][T14626] usb 8-1: Product: syz [ 225.536946][T14626] usb 8-1: Manufacturer: syz [ 225.539083][T14626] usb 8-1: SerialNumber: syz [ 225.543768][T14626] usb 8-1: config 0 descriptor?? [ 225.546975][T16434] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 225.553279][T14626] hub 8-1:0.0: bad descriptor, ignoring hub [ 225.556150][T14626] hub 8-1:0.0: probe with driver hub failed with error -5 [ 225.906058][T16474] overlayfs: failed to clone lowerpath [ 226.490562][T16514] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 226.528616][T16517] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4817'. [ 226.807085][ T63] Bluetooth: hci0: command tx timeout [ 227.093085][T16546] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4831'. [ 227.150371][T16548] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4832'. [ 227.663041][T16437] kernel read not supported for file /video37 (pid: 16437 comm: kworker/2:5) [ 228.430477][T16594] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4853'. [ 228.895497][ T63] Bluetooth: hci0: command tx timeout [ 229.232594][ T6465] usb 8-1: USB disconnect, device number 10 [ 229.476734][ T6465] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 229.924579][ T6465] kernel read not supported for file /dsp (pid: 6465 comm: kworker/2:4) [ 230.967420][ T63] Bluetooth: hci0: command tx timeout [ 240.394026][T16723] loop6: detected capacity change from 0 to 524287999 [ 240.397967][T16723] buffer_io_error: 25 callbacks suppressed [ 240.397979][T16723] Buffer I/O error on dev loop6, logical block 0, async page read [ 240.402503][T16723] Buffer I/O error on dev loop6, logical block 0, async page read [ 240.415375][T16723] Buffer I/O error on dev loop6, logical block 0, async page read [ 240.417960][T16723] Buffer I/O error on dev loop6, logical block 0, async page read [ 240.420546][T16723] Buffer I/O error on dev loop6, logical block 0, async page read [ 240.423053][T16723] Buffer I/O error on dev loop6, logical block 0, async page read [ 240.427244][T16723] Buffer I/O error on dev loop6, logical block 0, async page read [ 240.430031][T16723] Buffer I/O error on dev loop6, logical block 0, async page read [ 240.432448][T16723] ldm_validate_partition_table(): Disk read failed. [ 240.434497][T16723] Buffer I/O error on dev loop6, logical block 0, async page read [ 240.437380][T16723] Buffer I/O error on dev loop6, logical block 0, async page read [ 240.440243][T16723] Dev loop6: unable to read RDB block 0 [ 240.442136][T16723] loop6: unable to read partition table [ 240.444063][T16723] loop_reread_partitions: partition scan of loop6 (3 x) failed (rc=-5) [ 240.520051][T16725] ldm_validate_partition_table(): Disk read failed. [ 240.522323][T16725] Dev loop6: unable to read RDB block 0 [ 240.524322][T16725] loop6: unable to read partition table [ 240.526591][T16725] loop_reread_partitions: partition scan of loop6 (3 x) failed (rc=-5) [ 240.554733][T16735] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4888'. [ 240.559335][T16735] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4888'. [ 241.389063][ T40] kauditd_printk_skb: 209 callbacks suppressed [ 241.389075][ T40] audit: type=1326 audit(2000000351.316:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16787 comm="syz.5.4912" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 241.405108][ T40] audit: type=1326 audit(2000000351.326:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16787 comm="syz.5.4912" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd5f6c code=0x7ffc0000 [ 241.414317][ T40] audit: type=1326 audit(2000000351.326:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16787 comm="syz.5.4912" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd5f6c code=0x7ffc0000 [ 241.421436][ T40] audit: type=1326 audit(2000000351.326:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16787 comm="syz.5.4912" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 241.428917][ T40] audit: type=1326 audit(2000000351.326:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16787 comm="syz.5.4912" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 241.436532][ T40] audit: type=1326 audit(2000000351.326:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16787 comm="syz.5.4912" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 241.443776][ T40] audit: type=1326 audit(2000000351.326:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16787 comm="syz.5.4912" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd5f6c code=0x7ffc0000 [ 241.451704][ T40] audit: type=1326 audit(2000000351.326:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16787 comm="syz.5.4912" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 241.459358][ T40] audit: type=1326 audit(2000000351.326:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16787 comm="syz.5.4912" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 241.466938][ T40] audit: type=1326 audit(2000000351.326:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16787 comm="syz.5.4912" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 241.675212][T16807] ip6_vti0 speed is unknown, defaulting to 1000 [ 241.682821][T16807] ip6_vti0 speed is unknown, defaulting to 1000 [ 241.687340][T16807] ip6_vti0 speed is unknown, defaulting to 1000 [ 241.778015][T16807] infiniband syz2: set down [ 241.781849][ T5947] ip6_vti0 speed is unknown, defaulting to 1000 [ 241.784723][T16807] infiniband syz2: added ip6_vti0 [ 241.817340][T16807] RDS/IB: syz2: added [ 241.819435][T16807] smc: adding ib device syz2 with port count 1 [ 241.821976][T16807] smc: ib device syz2 port 1 has no pnetid [ 241.827529][ T5947] ip6_vti0 speed is unknown, defaulting to 1000 [ 241.833270][T16807] ip6_vti0 speed is unknown, defaulting to 1000 [ 241.939524][T16807] ip6_vti0 speed is unknown, defaulting to 1000 [ 242.026154][T16807] ip6_vti0 speed is unknown, defaulting to 1000 [ 242.094977][T16821] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4925'. [ 242.112759][T16807] ip6_vti0 speed is unknown, defaulting to 1000 [ 242.193327][T14626] hid_parser_main: 30 callbacks suppressed [ 242.193341][T14626] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 242.197698][T14626] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 242.200062][T14626] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 242.202404][T14626] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 242.204818][T14626] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 242.207815][T14626] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 242.210383][T14626] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 242.212783][T14626] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 242.215169][T14626] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 242.217995][T14626] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 242.222883][T14626] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [Zw[ba|\rn)A#6oү?aIs5hV3(; [ 242.222883][T14626] ѝP$zɷX$w[SRezxuSrl[5l'ZCz2] on tDKY縣Ϫ򞿹,UOp{"ixA[ewÒ}ZXA [ 242.268614][T16826] fido_id[16826]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 242.310903][T16834] netlink: 332 bytes leftover after parsing attributes in process `syz.4.4931'. [ 242.314459][T16834] netlink: 'syz.4.4931': attribute type 9 has an invalid length. [ 242.317760][T16834] netlink: 108 bytes leftover after parsing attributes in process `syz.4.4931'. [ 242.321286][T16834] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4931'. [ 242.383527][T16844] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4936'. [ 242.387872][T16844] netlink: 148 bytes leftover after parsing attributes in process `syz.3.4936'. [ 242.884408][T16880] netlink: 211856 bytes leftover after parsing attributes in process `syz.5.4954'. [ 243.807778][T16946] kvm: kvm [16945]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x186) = 0x7 [ 244.150537][T16967] netlink: 212336 bytes leftover after parsing attributes in process `syz.4.4992'. [ 244.244475][T16975] : renamed from vlan0 (while UP) [ 244.251857][T16977] netlink: 'syz.2.4997': attribute type 2 has an invalid length. [ 244.892060][T17023] ptrace attach of "/syz-executor exec"[5942] was attempted by ""[17023] [ 246.153540][T17101] loop4: detected capacity change from 0 to 7 [ 246.159343][ C0] blk_print_req_error: 25 callbacks suppressed [ 246.159355][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x880700 phys_seg 1 prio class 2 [ 246.166454][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 246.169866][ C0] buffer_io_error: 24 callbacks suppressed [ 246.169879][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 246.230743][T17105] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 246.237007][T17105] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 246.237614][T16715] Buffer I/O error on dev loop4, logical block 0, async page read [ 246.242087][T17105] overlayfs: failed to set uuid (1389/file0, err=-13); falling back to uuid=null. [ 246.244225][T16715] Buffer I/O error on dev loop4, logical block 0, async page read [ 246.251603][T16715] Buffer I/O error on dev loop4, logical block 0, async page read [ 246.254518][T16715] Buffer I/O error on dev loop4, logical block 0, async page read [ 246.447729][T17118] __nla_validate_parse: 2 callbacks suppressed [ 246.447747][T17118] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5064'. [ 246.491548][T17121] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5065'. [ 246.497352][T17121] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5065'. [ 246.951191][T17136] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5072'. [ 247.845866][T17162] block nbd2: server does not support multiple connections per device. [ 247.852274][T17162] block nbd2: shutting down sockets [ 248.234536][T17182] devpts: Bad value for 'max' [ 248.727634][T17204] program syz.5.5104 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 248.758725][T17208] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5106'. [ 248.761644][T17208] netlink: 'syz.5.5106': attribute type 5 has an invalid length. [ 249.037732][T17224] mkiss: ax0: crc mode is auto. [ 249.824469][T17270] input: syz1 as /devices/virtual/input/input21 [ 249.901334][T17276] overlay: filesystem on ./bus not supported as upperdir [ 250.108760][T17302] bridge0: port 3(veth0_to_bridge) entered blocking state [ 250.111313][T17302] bridge0: port 3(veth0_to_bridge) entered disabled state [ 250.113986][T17302] veth0_to_bridge: entered allmulticast mode [ 250.119368][T17302] veth0_to_bridge: entered promiscuous mode [ 250.121454][T17302] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 250.126312][T17302] bridge0: port 3(veth0_to_bridge) entered blocking state [ 250.128871][T17302] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 250.212303][ T40] kauditd_printk_skb: 126 callbacks suppressed [ 250.212316][ T40] audit: type=1326 audit(2000000360.136:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17287 comm="syz.4.5140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f6c code=0x7ffc0000 [ 250.223622][ T40] audit: type=1326 audit(2000000360.136:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17287 comm="syz.4.5140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f6c code=0x7ffc0000 [ 250.233047][ T40] audit: type=1326 audit(2000000360.136:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17287 comm="syz.4.5140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f6c code=0x7ffc0000 [ 250.241986][ T40] audit: type=1326 audit(2000000360.136:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17287 comm="syz.4.5140" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f08f6c code=0x7ffc0000 [ 250.252293][ T40] audit: type=1326 audit(2000000360.136:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17287 comm="syz.4.5140" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7f08f6c code=0x7ffc0000 [ 250.272602][ T29] hid_parser_main: 6 callbacks suppressed [ 250.272615][ T29] hid-generic 0000:0000:0002.0007: unknown main item tag 0x0 [ 250.277986][ T29] hid-generic 0000:0000:0002.0007: unknown main item tag 0x0 [ 250.285995][ T29] hid-generic 0000:0000:0002.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 250.317029][T17321] fido_id[17321]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 250.415468][ T1022] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 250.566942][ T1022] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 250.570658][ T1022] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 250.573935][ T1022] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 250.577926][ T1022] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.584952][T17310] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 250.591208][ T1022] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 250.903361][ T1022] usb 10-1: USB disconnect, device number 2 [ 251.185981][T14626] kernel read not supported for file /dsp1 (pid: 14626 comm: kworker/3:5) [ 251.240974][T17368] input: syz1 as /devices/virtual/input/input22 [ 251.460411][T17390] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5187'. [ 251.464386][T17390] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5187'. [ 251.846566][T17425] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5202'. [ 251.850072][T17425] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5202'. [ 251.851634][T17427] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 251.855620][T17425] netlink: 'syz.2.5202': attribute type 13 has an invalid length. [ 251.855899][T17427] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 251.859156][T17425] netlink: 'syz.2.5202': attribute type 14 has an invalid length. [ 251.862250][T17427] vhci_hcd vhci_hcd.0: Device attached [ 252.105353][ T6027] usb 47-1: new low-speed USB device number 2 using vhci_hcd [ 252.135360][ T29] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 252.286546][ T29] usb 10-1: config 0 has no interfaces? [ 252.289869][ T29] usb 10-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72 [ 252.293094][ T29] usb 10-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0 [ 252.296594][ T29] usb 10-1: Manufacturer: syz [ 252.299547][ T29] usb 10-1: config 0 descriptor?? [ 252.726330][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 252.732212][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 252.737777][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 252.743373][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 252.748875][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 252.754258][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 252.759633][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 252.765052][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 252.770379][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 252.775742][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 253.300879][ T39] usb 10-1: USB disconnect, device number 3 [ 253.304189][T17428] vhci_hcd: connection closed [ 253.307227][ T167] vhci_hcd vhci_hcd.5: stop threads [ 253.312501][ T167] vhci_hcd vhci_hcd.5: release socket [ 253.315391][ T167] vhci_hcd vhci_hcd.5: disconnect device [ 253.335404][ T40] audit: type=1326 audit(2000000363.256:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17439 comm="syz.2.5208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 253.355715][ T40] audit: type=1326 audit(2000000363.256:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17439 comm="syz.2.5208" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef88 code=0x7ffc0000 [ 253.364833][ T40] audit: type=1326 audit(2000000363.256:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17439 comm="syz.2.5208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 253.379158][ T40] audit: type=1326 audit(2000000363.256:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17439 comm="syz.2.5208" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef88 code=0x7ffc0000 [ 253.381343][ T6027] vhci_hcd vhci_hcd.5: vhci_device speed not set [ 253.389460][ T40] audit: type=1326 audit(2000000363.256:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17439 comm="syz.2.5208" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709ef88 code=0x7ffc0000 [ 253.510559][T17446] misc userio: Can't change port type on an already running userio instance [ 253.771056][T17453] loop9: detected capacity change from 0 to 7 [ 253.776250][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 253.779526][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 253.783942][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 253.787038][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 253.789880][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 253.794491][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 253.797738][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 253.800985][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 253.803946][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 253.807209][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 253.812601][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 253.812620][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 253.812814][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 253.812829][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 253.812929][T17312] ldm_validate_partition_table(): Disk read failed. [ 253.813004][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 253.813018][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 253.813442][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 253.813456][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 253.813692][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 253.813713][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 253.814178][T17312] Dev loop9: unable to read RDB block 0 [ 253.815358][T17312] loop9: unable to read partition table [ 253.854495][T17312] loop9: partition table beyond EOD, truncated [ 253.962694][T17453] ldm_validate_partition_table(): Disk read failed. [ 253.969013][T17453] Dev loop9: unable to read RDB block 0 [ 253.972065][T17453] loop9: unable to read partition table [ 253.974691][T17453] loop9: partition table beyond EOD, truncated [ 253.977355][T17453] loop_reread_partitions: partition scan of loop9 () failed (rc=-5) [ 254.115637][T17472] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5222'. [ 254.118942][T17472] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5222'. [ 254.126876][T17472] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5222'. [ 254.135458][T17472] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5222'. [ 255.520267][T17520] netlink: 'syz.2.5243': attribute type 5 has an invalid length. [ 255.690400][T17533] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5248'. [ 256.175329][ T39] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 256.345383][ T39] usb 10-1: Using ep0 maxpacket: 8 [ 256.352121][ T39] usb 10-1: config index 0 descriptor too short (expected 301, got 45) [ 256.354815][ T39] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 256.359752][ T39] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 256.363988][ T39] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 256.368460][ T39] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 256.376979][ T39] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 256.379948][ T39] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.608309][T17576] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5267'. [ 256.691267][T17583] input: syz1 as /devices/virtual/input/input28 [ 256.774618][T17587] trusted_key: encrypted_key: keyword 'upw' not recognized [ 256.806789][ T39] usb 10-1: USB disconnect, device number 4 [ 257.455971][T17620] pimreg: tun_chr_ioctl cmd 1074025678 [ 257.457831][T17620] pimreg: group set to 768 [ 257.604393][T17628] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5289'. [ 257.735355][ C0] net_ratelimit: 26325 callbacks suppressed [ 257.735371][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 257.741384][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 257.745694][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 257.750487][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 257.754959][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 257.759188][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 257.763566][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 257.768268][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 257.772231][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 257.776187][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 258.016445][T17648] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 258.019616][T17648] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 258.023637][T17648] overlayfs: failed to set uuid (1411/file0, err=-13); falling back to uuid=null. [ 258.054398][T17650] syz.5.5298: vmalloc error: size 1937339183, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 258.059918][T17650] CPU: 3 UID: 0 PID: 17650 Comm: syz.5.5298 Tainted: G L syzkaller #0 PREEMPT(full) [ 258.059937][T17650] Tainted: [L]=SOFTLOCKUP [ 258.059942][T17650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 258.059949][T17650] Call Trace: [ 258.059954][T17650] [ 258.059959][T17650] dump_stack_lvl+0x100/0x190 [ 258.059981][T17650] warn_alloc.cold+0x95/0x1c1 [ 258.060001][T17650] ? __pfx_warn_alloc+0x10/0x10 [ 258.060076][T17650] __vmalloc_node_range_noprof+0x1252/0x1530 [ 258.060100][T17650] ? lock_acquire+0x1cf/0x380 [ 258.060117][T17650] ? ip_set_sockfn_get+0x18e/0xd20 [ 258.060150][T17650] ? __lock_acquire+0x4a5/0x2630 [ 258.060169][T17650] ? __mutex_lock+0x26a/0x1b90 [ 258.060182][T17650] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 258.060198][T17650] ? find_held_lock+0x2b/0x80 [ 258.060214][T17650] ? rcu_is_watching+0x12/0xc0 [ 258.060235][T17650] ? ip_set_sockfn_get+0x18e/0xd20 [ 258.060252][T17650] __vmalloc_node_noprof+0xad/0xf0 [ 258.060268][T17650] ? ip_set_sockfn_get+0x18e/0xd20 [ 258.060286][T17650] ip_set_sockfn_get+0x18e/0xd20 [ 258.060304][T17650] ? __pfx_ip_set_sockfn_get+0x10/0x10 [ 258.060322][T17650] ? nf_sockopt_find.isra.0+0x222/0x290 [ 258.060338][T17650] nf_getsockopt+0x7c/0xe0 [ 258.060352][T17650] ip_getsockopt+0x192/0x1e0 [ 258.060368][T17650] ? __pfx_ip_getsockopt+0x10/0x10 [ 258.060387][T17650] raw_getsockopt+0x4d/0x1f0 [ 258.060401][T17650] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 258.060419][T17650] do_sock_getsockopt+0x259/0x3d0 [ 258.060434][T17650] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 258.060455][T17650] __sys_getsockopt+0x133/0x1d0 [ 258.060477][T17650] ? __ia32_sys_getsockopt+0xbc/0x160 [ 258.060495][T17650] __ia32_sys_getsockopt+0xbc/0x160 [ 258.060512][T17650] ? __do_fast_syscall_32+0x94/0x8c0 [ 258.060526][T17650] ? lockdep_hardirqs_on+0x78/0x100 [ 258.060538][T17650] __do_fast_syscall_32+0xe3/0x8c0 [ 258.060553][T17650] do_fast_syscall_32+0x32/0x70 [ 258.060566][T17650] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 258.060581][T17650] RIP: 0023:0xf7fd5f6c [ 258.060592][T17650] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 258.060603][T17650] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 000000000000016d [ 258.060615][T17650] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000 [ 258.060622][T17650] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000080000040 [ 258.060629][T17650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 258.060635][T17650] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 258.060641][T17650] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 258.060656][T17650] [ 258.060697][T17650] Mem-Info: [ 258.167038][T17650] active_anon:1853 inactive_anon:682 isolated_anon:0 [ 258.167038][T17650] active_file:5982 inactive_file:7210 isolated_file:0 [ 258.167038][T17650] unevictable:1768 dirty:397 writeback:0 [ 258.167038][T17650] slab_reclaimable:6091 slab_unreclaimable:59848 [ 258.167038][T17650] mapped:22771 shmem:1805 pagetables:1758 [ 258.167038][T17650] sec_pagetables:310 bounce:0 [ 258.167038][T17650] kernel_misc_reclaimable:0 [ 258.167038][T17650] free:71641 free_pcp:15403 free_cma:0 [ 258.197663][T17650] Node 0 active_anon:0kB inactive_anon:144kB active_file:0kB inactive_file:4kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2064kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8076kB pagetables:1656kB sec_pagetables:1184kB all_unreclaimable? yes Balloon:0kB [ 258.211429][T17650] Node 1 active_anon:7412kB inactive_anon:2584kB active_file:23928kB inactive_file:28836kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:89020kB dirty:1584kB writeback:0kB shmem:3684kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6008kB pagetables:4976kB sec_pagetables:56kB all_unreclaimable? no Balloon:0kB [ 258.230757][T17650] Node 0 DMA free:2712kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:28kB local_pcp:0kB free_cma:0kB [ 258.246971][T17650] lowmem_reserve[]: 0 285 285 285 285 [ 258.249406][T17650] Node 0 DMA32 free:27256kB boost:12288kB min:25356kB low:28620kB high:31884kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:136kB active_file:0kB inactive_file:4kB unevictable:3536kB writepending:4kB zspages:2248kB present:1032196kB managed:292492kB mlocked:0kB bounce:0kB free_pcp:1048kB local_pcp:272kB free_cma:0kB [ 258.263998][T17650] lowmem_reserve[]: 0 0 0 0 0 [ 258.269175][T17650] Node 1 DMA32 free:257792kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:7512kB inactive_anon:2584kB active_file:24028kB inactive_file:28836kB unevictable:3536kB writepending:1584kB zspages:3324kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:61180kB local_pcp:19676kB free_cma:0kB [ 258.285003][T17650] lowmem_reserve[]: 0 0 0 0 0 [ 258.287579][T17650] Node 0 DMA: 134*4kB (UM) 40*8kB (UM) 18*16kB (UM) 17*32kB (UM) 2*64kB (UM) 1*128kB (M) 3*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2712kB [ 258.293790][T17650] Node 0 DMA32: 1108*4kB (UME) 507*8kB (UME) 153*16kB (UME) 216*32kB (UME) 45*64kB (UME) 9*128kB (UME) 7*256kB (ME) 1*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 27256kB [ 258.301387][T17650] Node 1 DMA32: 1294*4kB (UM) 1953*8kB (UME) 2214*16kB (UM) 224*32kB (UME) 96*64kB (UME) 190*128kB (UME) 129*256kB (UE) 87*512kB (U) 75*1024kB (U) 4*2048kB (UM) 0*4096kB = 256416kB [ 258.309735][T17650] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 258.315031][T17650] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 258.320758][T17650] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 258.325324][T17650] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 258.330483][T17650] 16056 total pagecache pages [ 258.332782][T17650] 1038 pages in swap cache [ 258.334837][T17650] Free swap = 101392kB [ 258.337958][T17650] Total swap = 124996kB [ 258.339806][T17650] 524155 pages RAM [ 258.341466][T17650] 0 pages HighMem/MovableOnly [ 258.343626][T17650] 210139 pages reserved [ 258.346176][T17650] 0 pages cma reserved [ 258.771510][ T60] Bluetooth: hci2: Frame reassembly failed (-84) [ 260.105654][T17723] erspan0: entered promiscuous mode [ 260.419261][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.815421][ T63] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 260.818289][ T5296] Bluetooth: hci2: command 0x1003 tx timeout [ 262.731307][T17775] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 262.745482][ C0] net_ratelimit: 26816 callbacks suppressed [ 262.745502][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 262.752548][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 262.757856][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 262.762071][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 262.767404][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 262.771827][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 262.776359][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 262.781480][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 262.785463][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 262.789647][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 263.558731][T17792] binder: 17791:17792 ioctl 400454ca 0 returned -22 [ 263.743037][T17794] input: syz0 as /devices/virtual/input/input29 [ 263.866723][T17796] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5362'. [ 266.423342][ T1190] Bluetooth: hci2: Frame reassembly failed (-84) [ 266.427204][T17882] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 266.755199][T17886] netlink: 'syz.3.5405': attribute type 1 has an invalid length. [ 266.758045][T17886] netlink: 'syz.3.5405': attribute type 2 has an invalid length. [ 266.760633][T17886] netlink: 'syz.3.5405': attribute type 1 has an invalid length. [ 267.375437][ T60] wlan1: Trigger new scan to find an IBSS to join [ 267.755273][ C0] net_ratelimit: 28428 callbacks suppressed [ 267.755286][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 267.761038][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 267.765002][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 267.768806][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 267.772591][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 267.776673][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 267.780715][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 267.784568][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 267.788427][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 267.792251][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 268.495405][ T63] Bluetooth: hci2: command 0x1003 tx timeout [ 268.499066][ T5296] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 269.939461][T17956] usb usb9: usbfs: process 17956 (syz.5.5439) did not claim interface 37 before use [ 270.407198][ T659] wlan1: Trigger new scan to find an IBSS to join [ 271.880033][T17987] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5452'. [ 272.622878][T18008] batadv_slave_1: entered promiscuous mode [ 272.638822][T18005] batadv_slave_1: left promiscuous mode [ 272.765304][ C0] net_ratelimit: 23600 callbacks suppressed [ 272.765330][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 272.771700][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 272.777990][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 272.782910][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 272.787834][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 272.793216][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 272.798503][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 272.803745][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 272.810102][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 272.815559][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 272.936130][T18020] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration [ 273.206357][ T5296] Bluetooth: hci0: command tx timeout [ 273.554868][T18040] sp0: Synchronizing with TNC [ 273.633834][T18043] netlink: 27 bytes leftover after parsing attributes in process `syz.5.5479'. [ 274.337927][ T1240] wlan1: Trigger new scan to find an IBSS to join [ 275.220730][T18088] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5500'. [ 275.224730][T18088] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5500'. [ 275.244941][ T70] wlan1: Creating new IBSS network, BSSID 5e:69:cd:1c:2e:02 [ 275.536695][T18097] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5505'. [ 275.664768][T18102] binder: 18101:18102 ioctl 4018620d 0 returned -22 [ 276.090067][T18116] netlink: 'syz.2.5514': attribute type 33 has an invalid length. [ 276.093884][T18116] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5514'. [ 276.109141][T18116] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5514'. [ 276.202977][T18116] bond0: (slave dummy0): Releasing backup interface [ 276.925172][T18147] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5529'. [ 277.012369][T18151] bond1: invalid ARP target 0.0.0.0 specified for addition [ 277.014951][T18151] bond1: option arp_ip_target: invalid value (0) [ 277.052026][T18151] bond1 (unregistering): Released all slaves [ 277.775312][ C0] net_ratelimit: 17619 callbacks suppressed [ 277.775330][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 277.784343][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 277.790049][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 277.795518][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 277.801586][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 277.807345][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 277.812642][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 277.818880][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 277.825313][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 277.830725][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 278.169952][T18188] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input30 [ 278.358143][T18195] netlink: 'syz.3.5551': attribute type 16 has an invalid length. [ 278.360834][T18195] netlink: 'syz.3.5551': attribute type 17 has an invalid length. [ 278.399517][T18195] 8021q: adding VLAN 0 to HW filter on device bond0 [ 278.403239][T18195] 8021q: adding VLAN 0 to HW filter on device team0 [ 279.106654][T18230] Bluetooth: MGMT ver 1.23 [ 279.397123][T18251] netlink: 'syz.2.5579': attribute type 9 has an invalid length. [ 279.400048][T18251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5579'. [ 279.415054][T18251] hsr0: entered promiscuous mode [ 279.433456][T18251] macvlan2: entered promiscuous mode [ 279.435447][T18251] macvlan2: entered allmulticast mode [ 279.437363][T18251] hsr0: entered allmulticast mode [ 279.439161][T18251] hsr_slave_0: entered allmulticast mode [ 279.441152][T18251] hsr_slave_1: entered allmulticast mode [ 279.518486][T18253] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 279.520755][T18253] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 279.544800][T18253] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 279.546948][T18253] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 279.568193][T18253] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 279.570358][T18253] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 279.592756][T18253] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 279.594727][T18253] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 279.741388][T18253] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 279.947558][T18266] netlink: 'syz.5.5582': attribute type 7 has an invalid length. [ 280.459888][ T659] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 280.463810][ T659] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 280.466981][ T659] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 280.758030][ T659] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 281.526035][ T63] Bluetooth: hci3: command 0x0406 tx timeout [ 281.610100][ T63] Bluetooth: hci0: command 0x0c1a tx timeout [ 281.612755][ T63] Bluetooth: hci4: command 0x0406 tx timeout [ 281.615755][ T5296] Bluetooth: hci1: command 0x0406 tx timeout [ 282.517539][T18315] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5604'. [ 282.785464][ C0] net_ratelimit: 23215 callbacks suppressed [ 282.785485][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 282.793517][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 282.797887][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 282.802299][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 282.807053][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 282.811767][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 282.815933][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 282.820067][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 282.825181][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 282.830582][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 283.605418][ T5943] Bluetooth: hci3: command 0x0406 tx timeout [ 283.687984][ T5943] Bluetooth: hci4: command 0x0406 tx timeout [ 283.690325][ T63] Bluetooth: hci1: command 0x0406 tx timeout [ 283.692800][ T5296] Bluetooth: hci0: command 0x0c1a tx timeout [ 283.836757][ T1325] kernel read not supported for file /vcs (pid: 1325 comm: kworker/3:2) [ 284.013857][ T40] kauditd_printk_skb: 231 callbacks suppressed [ 284.013870][ T40] audit: type=1326 audit(2000000393.936:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.5.5624" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 284.025736][ T40] audit: type=1326 audit(2000000393.936:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.5.5624" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 284.032851][ T40] audit: type=1326 audit(2000000393.936:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.5.5624" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 284.055122][ T40] audit: type=1326 audit(2000000393.936:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.5.5624" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 284.069967][ T40] audit: type=1326 audit(2000000393.936:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.5.5624" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 284.085708][ T40] audit: type=1326 audit(2000000393.936:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.5.5624" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 284.096704][ T40] audit: type=1326 audit(2000000393.936:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.5.5624" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 284.108277][ T40] audit: type=1326 audit(2000000393.936:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.5.5624" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 284.115357][ T40] audit: type=1326 audit(2000000393.936:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.5.5624" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 284.132763][ T40] audit: type=1326 audit(2000000393.936:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.5.5624" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 284.213831][T18365] tipc: New replicast peer: 255.255.255.255 [ 284.217334][T18365] tipc: Enabled bearer , priority 10 [ 284.551773][T18373] dvmrp1: tun_chr_ioctl cmd 1074025677 [ 284.553720][T18373] dvmrp1: linktype set to 804 [ 285.335880][ T50] tipc: Node number set to 4278190081 [ 285.765348][ T5943] Bluetooth: hci0: command 0x0c1a tx timeout [ 287.795301][ C0] net_ratelimit: 23484 callbacks suppressed [ 287.795324][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 287.803012][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 287.809370][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 287.814853][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 287.821458][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 287.827360][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 287.832702][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 287.839591][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 287.844968][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 287.850580][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 287.877375][T18469] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5660'. [ 290.033174][T18548] can0: slcan on ttyS3. [ 290.290312][T18548] can0 (unregistered): slcan off ttyS3. [ 290.780689][T18581] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5706'. [ 290.785180][T18581] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5706'. [ 292.805563][ C0] net_ratelimit: 15616 callbacks suppressed [ 292.805585][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 292.813535][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 292.819393][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 292.824682][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 292.830820][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 292.836213][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 292.841158][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 292.846432][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 292.851525][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 292.857149][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 293.637731][T18649] netlink: 'syz.4.5734': attribute type 1 has an invalid length. [ 293.761667][T18650] ip6_vti0 speed is unknown, defaulting to 1000 [ 293.884559][T18665] Failed to get privilege flags for destination (handle=0x2:0x0) [ 294.092102][T18673] overlayfs: upper fs does not support tmpfile. [ 294.835925][ T1325] kernel read not supported for file /dsp1 (pid: 1325 comm: kworker/3:2) [ 295.069432][ T40] kauditd_printk_skb: 2486 callbacks suppressed [ 295.069450][ T40] audit: type=1326 audit(2000000404.996:3221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18703 comm="syz.5.5761" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 295.082178][ T40] audit: type=1326 audit(2000000404.996:3222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18703 comm="syz.5.5761" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd5f6c code=0x7ffc0000 [ 295.093315][ T40] audit: type=1326 audit(2000000404.996:3223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18703 comm="syz.5.5761" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd5f6c code=0x7ffc0000 [ 295.102381][ T40] audit: type=1326 audit(2000000405.016:3224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18703 comm="syz.5.5761" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 295.111017][ T40] audit: type=1326 audit(2000000405.016:3225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18703 comm="syz.5.5761" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 295.121143][ T40] audit: type=1326 audit(2000000405.016:3226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18703 comm="syz.5.5761" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 295.130861][ T40] audit: type=1326 audit(2000000405.016:3227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18703 comm="syz.5.5761" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 295.140566][ T40] audit: type=1326 audit(2000000405.016:3228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18703 comm="syz.5.5761" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 295.150516][ T40] audit: type=1326 audit(2000000405.016:3229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18703 comm="syz.5.5761" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 295.160601][ T40] audit: type=1326 audit(2000000405.016:3230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18703 comm="syz.5.5761" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd5f88 code=0x7ffc0000 [ 295.633850][ T5943] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 296.098699][T18730] vivid-000: disconnect [ 296.103239][T18726] vivid-000: reconnect [ 297.315693][T18753] Invalid ELF header magic: != ELF [ 297.494695][T18759] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5784'. [ 297.648197][T18763] sp0: Synchronizing with TNC [ 297.673029][T18763] [U] [ 297.815390][ C0] net_ratelimit: 18715 callbacks suppressed [ 297.815405][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 297.823775][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 297.828205][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 297.833321][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 297.838887][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 297.843065][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 297.847693][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 297.852459][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 297.856554][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 297.860757][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 298.935381][ T50] usb 10-1: new full-speed USB device number 5 using dummy_hcd [ 299.089346][ T50] usb 10-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 299.092341][ T50] usb 10-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 299.095124][ T50] usb 10-1: Product: syz [ 299.097471][ T50] usb 10-1: Manufacturer: syz [ 299.099471][ T50] usb 10-1: SerialNumber: syz [ 299.107004][ T50] usb 10-1: config 0 descriptor?? [ 299.329094][ T50] usb 10-1: USB disconnect, device number 5 [ 299.903109][T18820] sctp: [Deprecated]: syz.5.5810 (pid 18820) Use of int in maxseg socket option. [ 299.903109][T18820] Use struct sctp_assoc_value instead [ 300.452930][T18835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5818'. [ 300.816941][T18858] ref_ctr_offset mismatch. inode: 0x1f35 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x300000018 [ 301.137658][T18873] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5834'. [ 301.471481][T18900] macvtap2: entered promiscuous mode [ 301.473390][T18900] macvtap2: entered allmulticast mode [ 301.478544][T18900] veth1: entered allmulticast mode [ 301.480261][T18900] veth1: entered promiscuous mode [ 301.482629][T18900] team0: Device macvtap2 failed to register rx_handler [ 301.489605][T18900] veth1: left allmulticast mode [ 301.495445][T18900] veth1: left promiscuous mode [ 301.592865][T18902] batadv_slave_1: entered promiscuous mode [ 301.594946][T18905] batadv_slave_1: left promiscuous mode [ 302.083336][T18935] ip6_vti0 speed is unknown, defaulting to 1000 [ 302.674015][T18958] comedi comedi3: comedi_test: 10 microvolt, 2046 microsecond waveform attached [ 302.825305][ C0] net_ratelimit: 27451 callbacks suppressed [ 302.825322][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 302.833960][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 302.839285][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 302.844390][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 302.850934][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 302.856463][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 302.863623][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 302.869314][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 302.875109][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 302.880794][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 304.804195][T19014] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5897'. [ 304.812500][T19014] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5897'. [ 305.115142][T19034] mkiss: ax0: crc mode is auto. [ 306.170067][T19054] netlink: 'syz.4.5915': attribute type 12 has an invalid length. [ 307.162801][T19090] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5932'. [ 307.166996][T19090] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5932'. [ 307.365690][T19104] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5939'. [ 307.368619][T19104] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5939'. [ 307.835592][ C0] net_ratelimit: 23134 callbacks suppressed [ 307.835614][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 307.844209][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 307.850235][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 307.856184][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 307.861676][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 307.868253][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 307.873605][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 307.879689][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 307.885518][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 307.891061][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 311.178914][T19233] netlink: 'syz.2.5995': attribute type 4 has an invalid length. [ 311.478390][T19245] debugfs: 'ttyS3' already exists in 'caif_serial' [ 311.566131][ T50] kernel read not supported for file /dsp (pid: 50 comm: kworker/2:1) [ 312.845291][ C0] net_ratelimit: 23433 callbacks suppressed [ 312.845304][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 312.853564][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 312.859172][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 312.864599][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 312.871236][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 312.876949][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 312.882457][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 312.888672][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 312.894740][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 312.899644][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 313.116510][T19296] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6019'. [ 313.146989][T19296] netlink: 72 bytes leftover after parsing attributes in process `syz.2.6019'. [ 313.591133][T19306] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6023'. [ 314.037591][T19322] tun0: tun_chr_ioctl cmd 1074025676 [ 314.043863][T19322] tun0: owner set to 0 [ 314.793823][T19352] loop5: detected capacity change from 0 to 7 [ 315.006805][T19352] Dev loop5: unable to read RDB block 7 [ 315.009326][T19352] loop5: unable to read partition table [ 315.012490][T19352] loop5: partition table beyond EOD, truncated [ 315.020280][T19352] loop_reread_partitions: partition scan of loop5 (Wý* %4FLQk݊5) failed (rc=-5) [ 315.128242][T19362] loop8: detected capacity change from 0 to 7 [ 315.133377][T19362] loop8: [POWERTEC] [ 315.872496][T19390] nr0: tun_chr_ioctl cmd 21731 [ 315.974731][T19397] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6063'. [ 316.219040][T19404] macvlan0: entered promiscuous mode [ 316.243350][T19404] netlink: 'syz.2.6066': attribute type 1 has an invalid length. [ 316.247334][T19404] netlink: 'syz.2.6066': attribute type 2 has an invalid length. [ 317.095374][T19423] nbd2: detected capacity change from 0 to 63 [ 317.125778][ T5943] block nbd2: Receive control failed (result -104) [ 317.128440][ T63] block nbd2: Receive control failed (result -32) [ 317.133314][ T5296] block nbd2: Receive control failed (result -32) [ 317.355327][ T1325] usb 10-1: new high-speed USB device number 6 using dummy_hcd [ 317.515584][ T1325] usb 10-1: Using ep0 maxpacket: 32 [ 317.519864][ T1325] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 12336, setting to 1024 [ 317.523396][ T1325] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 317.529245][ T1325] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 317.532211][ T1325] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 317.534771][ T1325] usb 10-1: Product: syz [ 317.536435][ T1325] usb 10-1: Manufacturer: syz [ 317.538011][ T1325] usb 10-1: SerialNumber: syz [ 317.540719][ T1325] usb 10-1: config 0 descriptor?? [ 317.542881][T19451] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 317.754578][ T1325] usb 10-1: USB disconnect, device number 6 [ 317.762085][T19468] sctp: [Deprecated]: syz.4.6092 (pid 19468) Use of int in maxseg socket option. [ 317.762085][T19468] Use struct sctp_assoc_value instead [ 317.855288][ C0] net_ratelimit: 23774 callbacks suppressed [ 317.855301][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 317.861168][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 317.865384][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 317.869342][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 317.873232][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 317.877304][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 317.881369][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 317.885546][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 317.889525][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 317.893676][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 318.674423][T19493] binder: 19492:19493 ioctl c0306201 80000640 returned -22 [ 319.129467][ T39] kernel write not supported for file /input/mouse0 (pid: 39 comm: kworker/3:1) [ 319.397569][T19525] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.6118'. [ 319.701661][T19542] can0: slcan on ttyS3. [ 320.049055][T19548] mkiss: ax0: crc mode is auto. [ 320.107199][T19542] can0 (unregistered): slcan off ttyS3. [ 321.853749][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.191798][ T5296] Bluetooth: hci4: unexpected event for opcode 0x0c03 [ 322.197856][ T5296] Bluetooth: hci4: unexpected event for opcode 0x1003 [ 322.865372][ C0] net_ratelimit: 23161 callbacks suppressed [ 322.865390][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 322.871632][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 322.875701][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 322.880076][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 322.884520][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 322.888544][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 322.893061][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 322.898139][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 322.902395][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 322.907211][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 323.172656][T19635] Attempt to restore checkpoint with obsolete wellknown handles [ 323.281539][T19642] loop4: detected capacity change from 0 to 7 [ 323.284974][ C3] blk_print_req_error: 25 callbacks suppressed [ 323.284987][ C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 323.290453][ C3] buffer_io_error: 25 callbacks suppressed [ 323.290464][ C3] Buffer I/O error on dev loop4, logical block 0, async page read [ 323.295641][ C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 323.299217][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 323.302506][ C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 323.305636][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 323.308853][ C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 323.312018][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 323.315048][ C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 323.318187][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 323.324711][ C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 323.327829][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 323.330566][ C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 323.333735][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 323.341555][T19642] ldm_validate_partition_table(): Disk read failed. [ 323.343933][ C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 323.347109][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 323.350714][ C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 323.353925][ C3] Buffer I/O error on dev loop4, logical block 0, async page read [ 323.371290][ C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 323.374426][ C3] Buffer I/O error on dev loop4, logical block 0, async page read [ 323.378313][T19642] Dev loop4: unable to read RDB block 0 [ 323.381049][T19642] loop4: unable to read partition table [ 323.383609][T19642] loop4: partition table beyond EOD, truncated [ 323.386387][T19642] loop_reread_partitions: partition scan of loop4 (Cj̖P=ý?}X %֐ȵ4FLQk݊5) failed (rc=-5) [ 323.400797][T19647] netlink: 71 bytes leftover after parsing attributes in process `syz.5.6168'. [ 323.739830][ T5346] ldm_validate_partition_table(): Disk read failed. [ 323.743555][ T5346] Dev loop4: unable to read RDB block 0 [ 323.747399][ T5346] loop4: unable to read partition table [ 323.750272][ T5346] loop4: partition table beyond EOD, truncated [ 324.179557][T19650] syz.4.6169 uses obsolete (PF_INET,SOCK_PACKET) [ 324.541344][T19660] input: syz1 as /devices/virtual/input/input32 [ 324.636460][T19662] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6175'. [ 325.478281][T19686] netlink: 56 bytes leftover after parsing attributes in process `syz.2.6187'. [ 325.673720][T19689] veth1_macvtap: left promiscuous mode [ 325.678927][T19689] macsec0: entered allmulticast mode [ 325.698489][T19689] veth1_macvtap: entered promiscuous mode [ 325.701011][T19689] veth1_macvtap: entered allmulticast mode [ 325.709389][T19689] macsec0: left allmulticast mode [ 325.711941][T19689] veth1_macvtap: left allmulticast mode [ 326.248885][ T5296] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 326.252872][ T5296] Bluetooth: hci4: Injecting HCI hardware error event [ 326.259799][ T5296] Bluetooth: hci4: hardware error 0x00 [ 327.676781][T19735] netlink: 'syz.2.6207': attribute type 6 has an invalid length. [ 327.875366][ C3] net_ratelimit: 46433 callbacks suppressed [ 327.875380][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 327.875511][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 327.877525][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 327.881986][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 327.885699][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 327.891606][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 327.895595][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 327.900078][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 327.903800][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 327.909552][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 328.328119][ T5296] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 328.640929][ T50] usb 10-1: new high-speed USB device number 7 using dummy_hcd [ 328.845585][ T50] usb 10-1: Using ep0 maxpacket: 16 [ 328.864707][ T50] usb 10-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0 [ 328.878695][ T50] usb 10-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0 [ 328.899458][ T50] usb 10-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 328.918870][ T50] usb 10-1: config 1 interface 0 has no altsetting 0 [ 328.943329][ T50] usb 10-1: New USB device found, idVendor=0521, idProduct=b1a8, bcdDevice= 0.40 [ 328.962764][ T50] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.985426][ T50] usb 10-1: Product: syz [ 328.988330][ T50] usb 10-1: Manufacturer: syz [ 328.990489][ T50] usb 10-1: SerialNumber: syz [ 329.324919][ T50] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 255 proto 1 vid 0x0521 pid 0xB1A8 [ 329.452048][T19757] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6217'. [ 329.542565][ T50] usb 10-1: USB disconnect, device number 7 [ 329.562208][ T50] usblp0: removed [ 329.992512][T19763] blkio.reset_stats is deprecated [ 330.960659][ T40] kauditd_printk_skb: 265 callbacks suppressed [ 330.960670][ T40] audit: type=1326 audit(2000000440.886:3496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19777 comm="syz.4.6228" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f08f6c code=0x0 [ 332.548316][T19803] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6238'. [ 332.552440][T19803] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6238'. [ 332.557269][T19803] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6238'. [ 332.885372][ C0] net_ratelimit: 46379 callbacks suppressed [ 332.885387][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 332.885496][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 332.887711][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 332.892035][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 332.896825][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 332.901285][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 332.905051][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 332.910066][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 332.913970][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 332.920092][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 333.823026][ T40] audit: type=1326 audit(2000000443.736:3497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19817 comm="syz.4.6245" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f6c code=0x7fc00000 [ 337.885623][T19888] input: syz1 as /devices/virtual/input/input33 [ 337.895300][ C3] net_ratelimit: 51529 callbacks suppressed [ 337.895313][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 337.895440][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 337.898051][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 337.901594][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 337.906700][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 337.910229][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 337.915085][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 337.919179][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 337.923853][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 337.928150][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 341.319794][T19906] mkiss: ax0: crc mode is auto. [ 342.602567][T19937] netlink: 62967 bytes leftover after parsing attributes in process `syz.4.6296'. [ 342.905292][ C3] net_ratelimit: 51962 callbacks suppressed [ 342.905307][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 342.905417][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 342.907372][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 342.912226][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 342.916472][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 342.920146][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 342.923971][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 342.928207][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 342.933298][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 342.938083][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 342.999890][T19950] block nbd3: Unsupported socket: should be TCP or UNIX. [ 343.685485][ T6465] usb 10-1: new high-speed USB device number 8 using dummy_hcd [ 343.835428][ T6465] usb 10-1: Using ep0 maxpacket: 8 [ 343.839253][ T6465] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 343.853763][ T6465] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 343.860382][ T6465] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 343.863587][ T6465] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 343.902676][ T6465] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 343.916211][ T6465] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.150010][ T6465] usb 10-1: GET_CAPABILITIES returned 0 [ 344.152317][ T6465] usbtmc 10-1:16.0: can't read capabilities [ 344.371935][T19960] usb 10-1: usbtmc_ioctl_clear_out_halt returned -32 [ 344.384026][ T6465] usb 10-1: USB disconnect, device number 8 [ 345.051807][T19997] kvm: kvm [19996]: vcpu128, guest rIP: 0xfff0 Unhandled RDMSR(0x40000076) [ 346.152312][T20026] overlayfs: upper fs does not support file handles, falling back to index=off. [ 346.179122][T20026] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 347.508781][ T35] block nbd2: Connection timed out, retrying (0/3 alive) [ 347.512487][ T35] block nbd2: Connection timed out, retrying (0/3 alive) [ 347.514651][ T35] block nbd2: Connection timed out, retrying (0/3 alive) [ 347.523356][ T35] block nbd2: Connection timed out, retrying (0/3 alive) [ 347.532084][ T35] block nbd2: Dead connection, failed to find a fallback [ 347.534721][ T35] block nbd2: shutting down sockets [ 347.542841][ T35] blk_print_req_error: 30 callbacks suppressed [ 347.542852][ T35] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 347.554257][ T35] buffer_io_error: 30 callbacks suppressed [ 347.554267][ T35] Buffer I/O error on dev nbd2, logical block 3, async page read [ 347.565183][ T35] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 347.573963][ T35] Buffer I/O error on dev nbd2, logical block 2, async page read [ 347.585208][ T35] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 347.598794][ T35] Buffer I/O error on dev nbd2, logical block 1, async page read [ 347.601841][ T35] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 347.604910][ T35] Buffer I/O error on dev nbd2, logical block 0, async page read [ 347.618899][T17312] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 347.623626][T17312] Buffer I/O error on dev nbd2, logical block 0, async page read [ 347.661147][T17312] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 347.665132][T17312] Buffer I/O error on dev nbd2, logical block 1, async page read [ 347.698457][T17312] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 347.714154][T17312] Buffer I/O error on dev nbd2, logical block 2, async page read [ 347.723894][T17312] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 347.733952][T17312] Buffer I/O error on dev nbd2, logical block 3, async page read [ 347.755668][T17312] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 347.758945][T17312] Buffer I/O error on dev nbd2, logical block 0, async page read [ 347.761521][T17312] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 347.764626][T17312] Buffer I/O error on dev nbd2, logical block 1, async page read [ 347.771565][T17312] ldm_validate_partition_table(): Disk read failed. [ 347.774011][T17312] Dev nbd2: unable to read RDB block 0 [ 347.778011][T17312] nbd2: unable to read partition table [ 347.791386][T17312] ldm_validate_partition_table(): Disk read failed. [ 347.794094][T17312] Dev nbd2: unable to read RDB block 0 [ 347.798786][T17312] nbd2: unable to read partition table [ 347.915283][ C0] net_ratelimit: 59402 callbacks suppressed [ 347.915288][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.915297][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 347.915472][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.917349][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.920981][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.924756][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.928474][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 347.932144][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.935848][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 347.939587][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.958092][ T6465] kernel read not supported for file /dsp1 (pid: 6465 comm: kworker/2:4) [ 349.795135][T20121] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6384'. [ 350.217657][T20134] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6389'. [ 350.220794][T20134] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6389'. [ 350.223809][T20134] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6389'. [ 351.037926][T20146] vivid-004: disconnect [ 351.040374][T20145] vivid-004: reconnect [ 351.096409][T20148] binder: 20147:20148 ioctl c0306201 80000480 returned -22 [ 352.343616][T20177] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6409'. [ 352.727524][T20182] evm: overlay not supported [ 352.925322][ C3] net_ratelimit: 44750 callbacks suppressed [ 352.925336][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.925449][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.927393][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.931461][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 352.935532][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.941292][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.944933][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.949931][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 352.953494][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.959209][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 353.158283][T20185] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6412'. [ 353.491976][ T50] kernel write not supported for file /vcsa (pid: 50 comm: kworker/2:1) [ 354.109471][T20201] macvlan3: entered promiscuous mode [ 354.121722][T20201] bridge0: entered promiscuous mode [ 354.909972][T20210] Falling back ldisc for ttyS3. [ 356.228512][T20256] IPVS: sync thread started: state = MASTER, mcast_ifn = ip_vti0, syncid = 4, id = 0 [ 357.935306][ C3] net_ratelimit: 53092 callbacks suppressed [ 357.935308][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.935320][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.935507][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.937424][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 357.941746][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.946128][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.949966][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.954021][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 357.958122][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.962663][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 358.569168][T20309] CUSE: info not properly terminated [ 362.945300][ C3] net_ratelimit: 55486 callbacks suppressed [ 362.945315][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.945354][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.947351][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.951891][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 362.957176][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.960711][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.965844][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.970045][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 362.974990][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.979583][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 363.575316][ T6465] usb 10-1: new high-speed USB device number 9 using dummy_hcd [ 363.735412][ T6465] usb 10-1: Using ep0 maxpacket: 8 [ 363.739967][ T6465] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 363.743727][ T6465] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 363.748989][ T6465] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 363.752582][ T6465] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 363.760331][ T6465] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 363.763589][ T6465] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.981925][ T6465] usb 10-1: GET_CAPABILITIES returned 0 [ 363.983843][ T6465] usbtmc 10-1:16.0: can't read capabilities [ 364.187900][ T6465] usb 10-1: USB disconnect, device number 9 [ 364.726690][T20379] netlink: 'syz.3.6488': attribute type 9 has an invalid length. [ 364.729399][T20379] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.6488'. [ 365.368645][T20393] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6493'. [ 366.211384][T20413] [ 366.212542][T20413] ====================================================== [ 366.215410][T20413] WARNING: possible circular locking dependency detected [ 366.218286][T20413] syzkaller #0 Tainted: G L [ 366.220946][T20413] ------------------------------------------------------ [ 366.224461][T20413] syz.5.6499/20413 is trying to acquire lock: [ 366.227381][T20413] ffffffff8e9aa7e0 (fs_reclaim){+.+.}-{0:0}, at: __kmalloc_node_track_caller_noprof+0xb5/0x850 [ 366.231595][T20413] [ 366.231595][T20413] but task is already holding lock: [ 366.234668][T20413] ffffffff8e978428 (slab_mutex){+.+.}-{4:4}, at: __kmem_cache_create_args+0x44/0x420 [ 366.238893][T20413] [ 366.238893][T20413] which lock already depends on the new lock. [ 366.238893][T20413] [ 366.243666][T20413] [ 366.243666][T20413] the existing dependency chain (in reverse order) is: [ 366.247303][T20413] [ 366.247303][T20413] -> #8 (slab_mutex){+.+.}-{4:4}: [ 366.250504][T20413] __mutex_lock+0x1a2/0x1b90 [ 366.252943][T20413] kmem_cache_destroy+0x59/0x180 [ 366.255459][T20413] p9_client_destroy+0x20c/0x3a0 [ 366.257858][T20413] v9fs_session_close+0x49/0x2d0 [ 366.260140][T20413] v9fs_kill_super+0x4d/0xa0 [ 366.262349][T20413] deactivate_locked_super+0xc1/0x1b0 [ 366.265157][T20413] deactivate_super+0xe7/0x110 [ 366.267670][T20413] cleanup_mnt+0x21f/0x450 [ 366.269813][T20413] task_work_run+0x150/0x240 [ 366.271966][T20413] exit_to_user_mode_loop+0x100/0x4a0 [ 366.274438][T20413] __do_fast_syscall_32+0x578/0x8c0 [ 366.277197][T20413] do_fast_syscall_32+0x32/0x70 [ 366.280000][T20413] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 366.282915][T20413] [ 366.282915][T20413] -> #7 (cpu_hotplug_lock){++++}-{0:0}: [ 366.286065][T20413] cpus_read_lock+0x42/0x170 [ 366.288261][T20413] static_key_disable+0x12/0x20 [ 366.290590][T20413] __inet_hash_connect+0x1378/0x1e40 [ 366.293494][T20413] tcp_v4_connect+0xeb0/0x1b40 [ 366.295878][T20413] __inet_stream_connect+0x208/0xfa0 [ 366.298328][T20413] inet_stream_connect+0x57/0xa0 [ 366.300604][T20413] __sys_connect_file+0x141/0x1a0 [ 366.302975][T20413] __sys_connect+0x141/0x170 [ 366.305686][T20413] __ia32_compat_sys_socketcall+0x45e/0x770 [ 366.308706][T20413] __do_fast_syscall_32+0xe3/0x8c0 [ 366.311205][T20413] do_fast_syscall_32+0x32/0x70 [ 366.313387][T20413] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 366.316235][T20413] [ 366.316235][T20413] -> #6 (sk_lock-AF_INET){+.+.}-{0:0}: [ 366.319717][T20413] lock_sock_nested+0x41/0xf0 [ 366.322220][T20413] inet_shutdown+0x67/0x410 [ 366.324333][T20413] nbd_mark_nsock_dead+0xae/0x5c0 [ 366.326674][T20413] sock_shutdown+0x16b/0x200 [ 366.328860][T20413] nbd_config_put+0x1eb/0x750 [ 366.331075][T20413] nbd_release+0xb7/0x190 [ 366.333376][T20413] blkdev_put_whole+0xb0/0xf0 [ 366.335809][T20413] bdev_release+0x47f/0x6d0 [ 366.337950][T20413] blkdev_release+0x15/0x20 [ 366.340047][T20413] __fput+0x3ff/0xb40 [ 366.342159][T20413] task_work_run+0x150/0x240 [ 366.344692][T20413] exit_to_user_mode_loop+0x100/0x4a0 [ 366.347171][T20413] __do_fast_syscall_32+0x578/0x8c0 [ 366.349550][T20413] do_fast_syscall_32+0x32/0x70 [ 366.351847][T20413] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 366.355111][T20413] [ 366.355111][T20413] -> #5 (&nsock->tx_lock){+.+.}-{4:4}: [ 366.358297][T20413] __mutex_lock+0x1a2/0x1b90 [ 366.360455][T20413] nbd_queue_rq+0x428/0x1080 [ 366.362675][T20413] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 366.365442][T20413] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 366.368608][T20413] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 366.371312][T20413] blk_mq_run_hw_queue+0x23c/0x670 [ 366.373605][T20413] blk_mq_dispatch_list+0x51d/0x1360 [ 366.376039][T20413] blk_mq_flush_plug_list+0x130/0x600 [ 366.378596][T20413] __blk_flush_plug+0x2c4/0x4b0 [ 366.381007][T20413] __submit_bio+0x584/0x6c0 [ 366.383146][T20413] submit_bio_noacct_nocheck+0x562/0xc10 [ 366.385657][T20413] submit_bio_noacct+0xd17/0x2010 [ 366.388015][T20413] submit_bh_wbc+0x59c/0x770 [ 366.390404][T20413] block_read_full_folio+0x264/0x8e0 [ 366.393018][T20413] filemap_read_folio+0xfc/0x3b0 [ 366.395282][T20413] do_read_cache_folio+0x2d7/0x6b0 [ 366.397505][T20413] read_part_sector+0xd1/0x370 [ 366.399671][T20413] adfspart_check_ICS+0x93/0x910 [ 366.402078][T20413] bdev_disk_changed+0x7f8/0xc80 [ 366.404689][T20413] blkdev_get_whole+0x187/0x290 [ 366.406983][T20413] bdev_open+0x2c7/0xe40 [ 366.408959][T20413] blkdev_open+0x34e/0x4f0 [ 366.410958][T20413] do_dentry_open+0x6d8/0x1660 [ 366.413193][T20413] vfs_open+0x82/0x3f0 [ 366.415263][T20413] path_openat+0x208c/0x31a0 [ 366.417561][T20413] do_file_open+0x20e/0x430 [ 366.419667][T20413] do_sys_openat2+0x10d/0x1e0 [ 366.421832][T20413] __x64_sys_openat+0x12d/0x210 [ 366.424261][T20413] do_syscall_64+0x106/0xf80 [ 366.426523][T20413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.429369][T20413] [ 366.429369][T20413] -> #4 (&cmd->lock){+.+.}-{4:4}: [ 366.432567][T20413] __mutex_lock+0x1a2/0x1b90 [ 366.434665][T20413] nbd_queue_rq+0xba/0x1080 [ 366.436835][T20413] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 366.439556][T20413] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 366.442488][T20413] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 366.445136][T20413] blk_mq_run_hw_queue+0x23c/0x670 [ 366.447452][T20413] blk_mq_dispatch_list+0x51d/0x1360 [ 366.450084][T20413] blk_mq_flush_plug_list+0x130/0x600 [ 366.453008][T20413] __blk_flush_plug+0x2c4/0x4b0 [ 366.455420][T20413] __submit_bio+0x584/0x6c0 [ 366.457533][T20413] submit_bio_noacct_nocheck+0x562/0xc10 [ 366.460100][T20413] submit_bio_noacct+0xd17/0x2010 [ 366.462475][T20413] submit_bh_wbc+0x59c/0x770 [ 366.464840][T20413] block_read_full_folio+0x264/0x8e0 [ 366.467794][T20413] filemap_read_folio+0xfc/0x3b0 [ 366.470291][T20413] do_read_cache_folio+0x2d7/0x6b0 [ 366.472629][T20413] read_part_sector+0xd1/0x370 [ 366.474873][T20413] adfspart_check_ICS+0x93/0x910 [ 366.477160][T20413] bdev_disk_changed+0x7f8/0xc80 [ 366.479475][T20413] blkdev_get_whole+0x187/0x290 [ 366.482136][T20413] bdev_open+0x2c7/0xe40 [ 366.484375][T20413] blkdev_open+0x34e/0x4f0 [ 366.486476][T20413] do_dentry_open+0x6d8/0x1660 [ 366.488716][T20413] vfs_open+0x82/0x3f0 [ 366.490621][T20413] path_openat+0x208c/0x31a0 [ 366.492875][T20413] do_file_open+0x20e/0x430 [ 366.495289][T20413] do_sys_openat2+0x10d/0x1e0 [ 366.497618][T20413] __x64_sys_openat+0x12d/0x210 [ 366.499880][T20413] do_syscall_64+0x106/0xf80 [ 366.501987][T20413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.504861][T20413] [ 366.504861][T20413] -> #3 (set->srcu){.+.+}-{0:0}: [ 366.508192][T20413] __synchronize_srcu+0xa2/0x300 [ 366.510605][T20413] blk_mq_quiesce_queue+0x149/0x1c0 [ 366.513016][T20413] elevator_switch+0x17b/0x7e0 [ 366.515185][T20413] elevator_change+0x352/0x530 [ 366.517561][T20413] elevator_set_default+0x29e/0x360 [ 366.520271][T20413] blk_register_queue+0x412/0x590 [ 366.522707][T20413] __add_disk+0x73f/0xe40 [ 366.524764][T20413] add_disk_fwnode+0x118/0x5c0 [ 366.527010][T20413] nbd_dev_add+0x77a/0xb10 [ 366.529257][T20413] nbd_init+0x291/0x2b0 [ 366.531723][T20413] do_one_initcall+0x11d/0x760 [ 366.534217][T20413] kernel_init_freeable+0x6e5/0x7a0 [ 366.536558][T20413] kernel_init+0x1f/0x1e0 [ 366.538601][T20413] ret_from_fork+0x754/0xd80 [ 366.540757][T20413] ret_from_fork_asm+0x1a/0x30 [ 366.543134][T20413] [ 366.543134][T20413] -> #2 (&q->elevator_lock){+.+.}-{4:4}: [ 366.546789][T20413] __mutex_lock+0x1a2/0x1b90 [ 366.549016][T20413] elevator_change+0x1bc/0x530 [ 366.551220][T20413] elevator_set_none+0x92/0xf0 [ 366.553565][T20413] blk_mq_update_nr_hw_queues+0x4c1/0x15f0 [ 366.556634][T20413] nbd_start_device+0x1a6/0xbd0 [ 366.559040][T20413] nbd_genl_connect+0xff2/0x1a40 [ 366.561319][T20413] genl_family_rcv_msg_doit+0x214/0x300 [ 366.563885][T20413] genl_rcv_msg+0x560/0x800 [ 366.566072][T20413] netlink_rcv_skb+0x159/0x420 [ 366.568712][T20413] genl_rcv+0x28/0x40 [ 366.570928][T20413] netlink_unicast+0x5aa/0x870 [ 366.573152][T20413] netlink_sendmsg+0x8b0/0xda0 [ 366.575358][T20413] ____sys_sendmsg+0x9e1/0xb70 [ 366.577535][T20413] ___sys_sendmsg+0x190/0x1e0 [ 366.579850][T20413] __sys_sendmsg+0x170/0x220 [ 366.582100][T20413] __do_fast_syscall_32+0xe3/0x8c0 [ 366.584741][T20413] do_fast_syscall_32+0x32/0x70 [ 366.587133][T20413] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 366.590014][T20413] [ 366.590014][T20413] -> #1 (&q->q_usage_counter(io)#51){++++}-{0:0}: [ 366.593642][T20413] blk_alloc_queue+0x610/0x790 [ 366.596255][T20413] blk_mq_alloc_queue+0x174/0x290 [ 366.598865][T20413] __blk_mq_alloc_disk+0x29/0x120 [ 366.601211][T20413] nbd_dev_add+0x492/0xb10 [ 366.603288][T20413] nbd_init+0x291/0x2b0 [ 366.605259][T20413] do_one_initcall+0x11d/0x760 [ 366.607454][T20413] kernel_init_freeable+0x6e5/0x7a0 [ 366.610229][T20413] kernel_init+0x1f/0x1e0 [ 366.612625][T20413] ret_from_fork+0x754/0xd80 [ 366.614811][T20413] ret_from_fork_asm+0x1a/0x30 [ 366.617034][T20413] [ 366.617034][T20413] -> #0 (fs_reclaim){+.+.}-{0:0}: [ 366.620119][T20413] __lock_acquire+0x14b8/0x2630 [ 366.622740][T20413] lock_acquire+0x1cf/0x380 [ 366.625119][T20413] fs_reclaim_acquire+0xc4/0x100 [ 366.627391][T20413] __kmalloc_node_track_caller_noprof+0xb5/0x850 [ 366.630218][T20413] kstrdup+0x51/0xe0 [ 366.632224][T20413] kstrdup_const+0x63/0x80 [ 366.634611][T20413] __kmem_cache_create_args+0x118/0x420 [ 366.637378][T20413] bioset_init+0x5ee/0x8a0 [ 366.639439][T20413] mddev_init+0x17c/0x820 [ 366.641524][T20413] md_alloc+0xc7/0x10a0 [ 366.643505][T20413] md_probe+0x73/0xf0 [ 366.645555][T20413] blk_probe_dev+0x149/0x1e0 [ 366.648069][T20413] blk_request_module+0x16/0xc0 [ 366.650658][T20413] blkdev_get_no_open+0x9b/0xf0 [ 366.652925][T20413] bdev_file_open_by_dev+0x70/0x210 [ 366.655248][T20413] swsusp_check+0x72/0x470 [ 366.657380][T20413] software_resume+0x6f/0x330 [ 366.659866][T20413] resume_store+0x248/0x460 [ 366.662306][T20413] kobj_attr_store+0x58/0x80 [ 366.664507][T20413] sysfs_kf_write+0xf2/0x150 [ 366.666627][T20413] kernfs_fop_write_iter+0x3e0/0x5f0 [ 366.669145][T20413] vfs_write+0x6ac/0x1070 [ 366.671430][T20413] ksys_write+0x12a/0x250 [ 366.673811][T20413] __do_fast_syscall_32+0xe3/0x8c0 [ 366.676201][T20413] do_fast_syscall_32+0x32/0x70 [ 366.678415][T20413] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 366.681314][T20413] [ 366.681314][T20413] other info that might help us debug this: [ 366.681314][T20413] [ 366.685834][T20413] Chain exists of: [ 366.685834][T20413] fs_reclaim --> cpu_hotplug_lock --> slab_mutex [ 366.685834][T20413] [ 366.690456][T20413] Possible unsafe locking scenario: [ 366.690456][T20413] [ 366.693282][T20413] CPU0 CPU1 [ 366.695473][T20413] ---- ---- [ 366.697933][T20413] lock(slab_mutex); [ 366.699976][T20413] lock(cpu_hotplug_lock); [ 366.702945][T20413] lock(slab_mutex); [ 366.705628][T20413] lock(fs_reclaim); [ 366.707374][T20413] [ 366.707374][T20413] *** DEADLOCK *** [ 366.707374][T20413] [ 366.710780][T20413] 9 locks held by syz.5.6499/20413: [ 366.713474][T20413] #0: ffff88801340fcf8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380 [ 366.717789][T20413] #1: ffff888024c84420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 366.721591][T20413] #2: ffff888013750488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 366.725652][T20413] #3: ffff88801cbe84b8 (kn->active#113){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 366.730442][T20413] #4: ffffffff8e6a4208 (system_transition_mutex){+.+.}-{4:4}, at: software_resume+0x65/0x330 [ 366.734889][T20413] #5: ffffffff8f301da8 (major_names_lock){+.+.}-{4:4}, at: blk_probe_dev+0x28/0x1e0 [ 366.738788][T20413] #6: ffffffff90149e08 (disks_mutex){+.+.}-{4:4}, at: md_alloc+0x3e/0x10a0 [ 366.742831][T20413] #7: ffffffff8f2e6f88 (bio_slab_lock){+.+.}-{4:4}, at: bioset_init+0x2ad/0x8a0 [ 366.747283][T20413] #8: ffffffff8e978428 (slab_mutex){+.+.}-{4:4}, at: __kmem_cache_create_args+0x44/0x420 [ 366.751467][T20413] [ 366.751467][T20413] stack backtrace: [ 366.754088][T20413] CPU: 2 UID: 0 PID: 20413 Comm: syz.5.6499 Tainted: G L syzkaller #0 PREEMPT(full) [ 366.754116][T20413] Tainted: [L]=SOFTLOCKUP [ 366.754123][T20413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 366.754133][T20413] Call Trace: [ 366.754140][T20413] [ 366.754147][T20413] dump_stack_lvl+0x100/0x190 [ 366.754183][T20413] print_circular_bug.cold+0x178/0x1c7 [ 366.754212][T20413] check_noncircular+0x146/0x160 [ 366.754237][T20413] __lock_acquire+0x14b8/0x2630 [ 366.754262][T20413] lock_acquire+0x1cf/0x380 [ 366.754283][T20413] ? __kmalloc_node_track_caller_noprof+0xb5/0x850 [ 366.754312][T20413] ? __pfx_vsnprintf+0x10/0x10 [ 366.754336][T20413] ? __pfx___mutex_lock+0x10/0x10 [ 366.754356][T20413] fs_reclaim_acquire+0xc4/0x100 [ 366.754374][T20413] ? __kmalloc_node_track_caller_noprof+0xb5/0x850 [ 366.754402][T20413] __kmalloc_node_track_caller_noprof+0xb5/0x850 [ 366.754429][T20413] ? kstrdup_const+0x63/0x80 [ 366.754446][T20413] kstrdup+0x51/0xe0 [ 366.754461][T20413] kstrdup_const+0x63/0x80 [ 366.754477][T20413] __kmem_cache_create_args+0x118/0x420 [ 366.754502][T20413] bioset_init+0x5ee/0x8a0 [ 366.754523][T20413] ? __pfx_bioset_init+0x10/0x10 [ 366.754542][T20413] ? kasan_save_track+0x14/0x30 [ 366.754557][T20413] ? __kasan_kmalloc+0xaa/0xb0 [ 366.754572][T20413] ? percpu_ref_init+0x244/0x3f0 [ 366.754590][T20413] mddev_init+0x17c/0x820 [ 366.754616][T20413] md_alloc+0xc7/0x10a0 [ 366.754634][T20413] md_probe+0x73/0xf0 [ 366.754649][T20413] ? __pfx_md_probe+0x10/0x10 [ 366.754665][T20413] blk_probe_dev+0x149/0x1e0 [ 366.754693][T20413] blk_request_module+0x16/0xc0 [ 366.754713][T20413] blkdev_get_no_open+0x9b/0xf0 [ 366.754739][T20413] bdev_file_open_by_dev+0x70/0x210 [ 366.754765][T20413] swsusp_check+0x72/0x470 [ 366.754786][T20413] software_resume+0x6f/0x330 [ 366.754814][T20413] resume_store+0x248/0x460 [ 366.754840][T20413] ? __pfx_resume_store+0x10/0x10 [ 366.754869][T20413] ? find_held_lock+0x2b/0x80 [ 366.754886][T20413] ? sysfs_file_kobj+0xe4/0x290 [ 366.754909][T20413] ? sysfs_file_kobj+0xe4/0x290 [ 366.754929][T20413] ? __pfx_resume_store+0x10/0x10 [ 366.754955][T20413] kobj_attr_store+0x58/0x80 [ 366.754975][T20413] ? __pfx_kobj_attr_store+0x10/0x10 [ 366.754993][T20413] sysfs_kf_write+0xf2/0x150 [ 366.755015][T20413] kernfs_fop_write_iter+0x3e0/0x5f0 [ 366.755041][T20413] ? __pfx_sysfs_kf_write+0x10/0x10 [ 366.755065][T20413] vfs_write+0x6ac/0x1070 [ 366.755084][T20413] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 366.755105][T20413] ? __pfx_vfs_write+0x10/0x10 [ 366.755128][T20413] ksys_write+0x12a/0x250 [ 366.755145][T20413] ? __pfx_ksys_write+0x10/0x10 [ 366.755171][T20413] __do_fast_syscall_32+0xe3/0x8c0 [ 366.755193][T20413] do_fast_syscall_32+0x32/0x70 [ 366.755211][T20413] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 366.755234][T20413] RIP: 0023:0xf7fd5f6c [ 366.755249][T20413] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 366.755267][T20413] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 366.755286][T20413] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040 [ 366.755298][T20413] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000 [ 366.755308][T20413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 366.755319][T20413] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 366.755330][T20413] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 366.755346][T20413] [ 367.757980][T20413] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 367.761016][T20413] block device autoloading is deprecated and will be removed. [ 367.767022][T20413] PM: Image not found (code -5) SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 367.955372][ C3] net_ratelimit: 64036 callbacks suppressed [ 367.955386][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.955443][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.957536][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.961435][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.965014][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.968713][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 367.972420][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.976327][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 367.979934][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.983655][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 370.062990][ T46] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.140378][ T46] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.242652][ T46] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.327896][ T46] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 371.177938][ T46] bond0 (unregistering): Released all slaves [ 371.182740][ T46] bond1 (unregistering): Released all slaves [ 371.190909][ T46] bond2 (unregistering): Released all slaves [ 371.893093][ T46] IPVS: stopping master sync thread 9321 ... [ 372.872340][ T46] batadv0: left promiscuous mode [ 372.965310][ C3] net_ratelimit: 96033 callbacks suppressed [ 372.965326][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.965352][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.967555][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.972452][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:8e:af:3d:e9:86:3a, vlan:0) [ 372.976211][ C3] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.981751][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 372.985488][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.990471][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.994405][ C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.999414][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 373.017646][ T46] veth1_vlan: left allmulticast mode [ 373.020052][ T46] veth1_macvtap: left promiscuous mode [ 373.022307][ T46] veth0_macvtap: left promiscuous mode [ 373.024596][ T46] veth1_vlan: left promiscuous mode [ 373.027619][ T46] veth0_vlan: left promiscuous mode [ 373.109929][ T46] pim6reg99999999 (unregistering): left allmulticast mode [ 373.742826][ T46] IPVS: stop unused estimator thread 0... [ 374.063855][ T46] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 374.068272][ T46] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.148952][ T46] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 374.152749][ T46] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.222354][ T46] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 374.228719][ T46] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.337020][ T46] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 374.341573][ T46] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.433971][ T46] veth0_to_bridge: left allmulticast mode [ 374.437198][ T46] veth0_to_bridge: left promiscuous mode [ 374.439347][ T46] bridge0: port 3(veth0_to_bridge) entered disabled state [ 374.442951][ T46] bridge_slave_1: left allmulticast mode [ 374.445496][ T46] bridge_slave_1: left promiscuous mode [ 374.447897][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 374.452082][ T46] bridge_slave_0: left allmulticast mode [ 374.454363][ T46] bridge_slave_0: left promiscuous mode [ 374.456837][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 374.556359][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 374.561958][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 374.567329][ T46] bond0 (unregistering): Released all slaves [ 374.572495][ T46] bond1 (unregistering): Released all slaves [ 374.690249][ T46] IPVS: stopping master sync thread 20256 ... [ 374.992323][ T46] hsr_slave_0: left promiscuous mode [ 374.995202][ T46] hsr_slave_1: left promiscuous mode [ 374.998248][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 375.002060][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 375.006447][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 375.009821][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 375.043681][ T46] veth1_macvtap: left promiscuous mode [ 375.046368][ T46] veth0_macvtap: left promiscuous mode [ 375.049005][ T46] veth1_vlan: left promiscuous mode [ 375.051598][ T46] veth0_vlan: left promiscuous mode [ 375.180311][ T46] team0 (unregistering): Port device team_slave_1 removed [ 375.187278][ T46] team0 (unregistering): Port device team_slave_0 removed