last executing test programs: 3m54.603858975s ago: executing program 2 (id=1383): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006000000"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) close(r0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) symlink(0x0, &(0x7f0000000000)='./file0\x00') write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 3m53.119938527s ago: executing program 0 (id=1389): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00", @ANYRES32], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) r2 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200)) r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x1ff, 0x1501) ioctl$USBDEVFS_SETCONFIGURATION(r3, 0x80045505, 0x0) 3m52.87813825s ago: executing program 2 (id=1393): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close(r2) 3m52.820787901s ago: executing program 0 (id=1395): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) 3m52.670701003s ago: executing program 2 (id=1396): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x1, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000) 3m52.461784106s ago: executing program 2 (id=1400): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_emit_ethernet(0x56, &(0x7f00000002c0)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x20, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2c}, @remote, {[@hopopts={0x2f, 0x3, '\x00', [@enc_lim={0x4, 0x1, 0x7f}, @enc_lim, @ra={0x5, 0x2, 0x453}, @pad1, @ra={0x5, 0x2, 0x18}, @ra={0x5, 0x2, 0x80}, @enc_lim={0x4, 0x1, 0x3}]}]}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) mkdir(&(0x7f0000000280)='./file0\x00', 0x55) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) socket$inet(0x2, 0x80000, 0x5) sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r6, 0x1, 0x0, 0xfffffffd, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @private=0xa010102}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x54}}, 0x0) 3m52.267118459s ago: executing program 0 (id=1401): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="c00e020023000b02d25a80d0bcb924f93045fc60040f12", 0x17}], 0x1}, 0x4010) r0 = socket$kcm(0x10, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) 3m52.117075881s ago: executing program 0 (id=1403): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006000000"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) close(r0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) symlink(0x0, &(0x7f0000000000)='./file0\x00') write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 3m51.359846302s ago: executing program 2 (id=1405): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="6220dd"], 0x8) 3m50.939128178s ago: executing program 2 (id=1407): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) 3m50.539874995s ago: executing program 32 (id=1407): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) 3m50.515003125s ago: executing program 0 (id=1409): pipe(0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4, 0x0, 0x3}}, 0x2e) syz_emit_ethernet(0xa0, &(0x7f0000000580)={@random="99177fa500", @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x6a, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x6a, 0x0, @opaque="9e1c22de87bd520228c94b6784412da92ae3da45235cdaed2e17d543f28c76d49ba3500e15155c8cd741f5db0fc412fa1fc155ba1af0e5b2d98af8b3c93b36305c57716f80ed7c1fd2f5acdd0f2db805609e6d6ac0c3d48fe48f69929ea9f63c540a"}}}}}}, 0x0) 3m50.468869016s ago: executing program 0 (id=1411): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000002c0)={'rose0\x00', 0x1}) bind$rose(r0, &(0x7f0000000240)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default]}, 0x40) 3m50.091392451s ago: executing program 33 (id=1411): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000002c0)={'rose0\x00', 0x1}) bind$rose(r0, &(0x7f0000000240)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default]}, 0x40) 2m39.630630473s ago: executing program 4 (id=1789): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_emit_ethernet(0x56, &(0x7f00000002c0)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x20, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2c}, @remote, {[@hopopts={0x2f, 0x3, '\x00', [@enc_lim={0x4, 0x1, 0x7f}, @enc_lim, @ra={0x5, 0x2, 0x453}, @pad1, @ra={0x5, 0x2, 0x18}, @ra={0x5, 0x2, 0x80}, @enc_lim={0x4, 0x1, 0x3}]}]}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) socket$inet(0x2, 0x80000, 0x5) sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r6, 0x1, 0x0, 0xfffffffd, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @private=0xa010102}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x54}}, 0x0) sendmsg$TIPC_NL_NODE_GET(r5, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000440)={0x1cc, r6, 0x773801c0b00a3c9e, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x74ce21e5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8c3}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x240000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}]}, @TIPC_NLA_BEARER={0x50, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x5, @ipv4={'\x00', '\xff\xff', @local}, 0x5}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1d7, @mcast2, 0xc}}}}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x81}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xb}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xe}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc2}]}, @TIPC_NLA_PUBL={0x4}, @TIPC_NLA_SOCK={0xd0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x82}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xa1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff8000}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x81}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}]}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3c2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xffffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xc00}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x10}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8000000000000000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}]}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x140}, 0x0) 2m38.581968838s ago: executing program 4 (id=1795): r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2000001, 0x12, r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$IP_VS_SO_GET_VERSION(r1, 0x0, 0x480, &(0x7f0000001080), &(0x7f00000010c0)=0x40) 2m38.39401213s ago: executing program 4 (id=1799): r0 = socket(0x10, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) r1 = socket(0x10, 0x3, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0xffffffffffffffdb, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=@newtfilter={0x70, 0x28, 0xd27, 0x1003ffd, 0x0, {0x0, 0x0, 0x0, r2, {0xd, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_sample={0x30, 0x12, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xfb, 0x34}}]}, 0x70}, 0x1, 0x0, 0x0, 0x810}, 0x200008c0) 2m38.198285243s ago: executing program 4 (id=1802): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_emit_ethernet(0x56, &(0x7f00000002c0)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x20, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2c}, @remote, {[@hopopts={0x2f, 0x3, '\x00', [@enc_lim={0x4, 0x1, 0x7f}, @enc_lim, @ra={0x5, 0x2, 0x453}, @pad1, @ra={0x5, 0x2, 0x18}, @ra={0x5, 0x2, 0x80}, @enc_lim={0x4, 0x1, 0x3}]}]}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) mkdir(&(0x7f0000000280)='./file0\x00', 0x55) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) socket$inet(0x2, 0x80000, 0x5) sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r6, 0x1, 0x0, 0xfffffffd, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @private=0xa010102}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x54}}, 0x0) sendmsg$TIPC_NL_NODE_GET(r5, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000440)={0x1cc, r6, 0x773801c0b00a3c9e, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x74ce21e5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8c3}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x240000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}]}, @TIPC_NLA_BEARER={0x50, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x5, @ipv4={'\x00', '\xff\xff', @local}, 0x5}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1d7, @mcast2, 0xc}}}}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x81}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xb}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xe}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc2}]}, @TIPC_NLA_PUBL={0x4}, @TIPC_NLA_SOCK={0xd0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x82}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xa1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff8000}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x81}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}]}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3c2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xffffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xc00}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x10}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8000000000000000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}]}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x140}, 0x0) 2m37.08603136s ago: executing program 4 (id=1807): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, 0x0, 0x15) socket$nl_xfrm(0x10, 0x3, 0x6) dup(0xffffffffffffffff) gettid() timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) pipe2(&(0x7f0000008140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r2, r1, 0x0, 0xa66) 2m35.826355758s ago: executing program 3 (id=1815): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r3 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000009480)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xb, 0x7}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014) 2m35.68596443s ago: executing program 3 (id=1818): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_emit_ethernet(0x56, &(0x7f00000002c0)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x20, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2c}, @remote, {[@hopopts={0x2f, 0x3, '\x00', [@enc_lim={0x4, 0x1, 0x7f}, @enc_lim, @ra={0x5, 0x2, 0x453}, @pad1, @ra={0x5, 0x2, 0x18}, @ra={0x5, 0x2, 0x80}, @enc_lim={0x4, 0x1, 0x3}]}]}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) mkdir(&(0x7f0000000280)='./file0\x00', 0x55) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) socket$inet(0x2, 0x80000, 0x5) sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r6, 0x1, 0x0, 0xfffffffd, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @private=0xa010102}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x54}}, 0x0) sendmsg$TIPC_NL_NODE_GET(r5, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000440)={0x1cc, r6, 0x773801c0b00a3c9e, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x74ce21e5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8c3}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x240000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}]}, @TIPC_NLA_BEARER={0x50, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x5, @ipv4={'\x00', '\xff\xff', @local}, 0x5}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1d7, @mcast2, 0xc}}}}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x81}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xb}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xe}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc2}]}, @TIPC_NLA_PUBL={0x4}, @TIPC_NLA_SOCK={0xd0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x82}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xa1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff8000}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x81}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}]}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3c2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xffffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xc00}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x10}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8000000000000000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}]}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x140}, 0x0) 2m34.683671925s ago: executing program 3 (id=1822): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) setrlimit(0x9, &(0x7f0000000000)) io_setup(0x2004, 0x0) 2m34.493768347s ago: executing program 3 (id=1827): r0 = socket(0x10, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) r1 = socket(0x10, 0x3, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0xffffffffffffffdb, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=@newtfilter={0x70, 0x28, 0xd27, 0x1003ffd, 0x0, {0x0, 0x0, 0x0, r2, {0xd, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_sample={0x30, 0x12, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xfb, 0x34}}]}, 0x70}, 0x1, 0x0, 0x0, 0x810}, 0x200008c0) 2m34.33383371s ago: executing program 3 (id=1829): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r3 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000009480)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xb, 0x7}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014) 2m33.466803443s ago: executing program 4 (id=1832): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006000000"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) close(r0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) symlink(0x0, &(0x7f0000000000)='./file0\x00') write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 2m33.341979805s ago: executing program 3 (id=1834): syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000240)='./file0\x00', 0x18000, &(0x7f0000002f40)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES16=0x0, @ANYRESDEC, @ANYRES16, @ANYRES32], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1") r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x18) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) close_range(r2, 0xffffffffffffffff, 0x200000000000000) 2m18.402543383s ago: executing program 34 (id=1832): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006000000"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) close(r0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) symlink(0x0, &(0x7f0000000000)='./file0\x00') write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 2m18.211245896s ago: executing program 35 (id=1834): syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000240)='./file0\x00', 0x18000, &(0x7f0000002f40)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES16=0x0, @ANYRESDEC, @ANYRES16, @ANYRES32], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1") r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x18) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) close_range(r2, 0xffffffffffffffff, 0x200000000000000) 1.765178613s ago: executing program 1 (id=2820): setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000300)={r1, 0x4, 0x1, 0x3, 0x8, 0x72, 0x1, 0x2, {0x0, @in6={{0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, '\x00', 0x2e}, 0x8}}, 0xa, 0x8, 0x0, 0x8, 0xffff}}, &(0x7f0000000200)=0xb0) 1.598864745s ago: executing program 1 (id=2822): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, 0x0, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000400)={'wg2\x00', 0x0}) bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000180)=0xeac0, 0x4) 1.536066867s ago: executing program 1 (id=2824): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0) 1.373711449s ago: executing program 1 (id=2825): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendto$inet6(r0, &(0x7f0000000440)="a6e2976b5c", 0x5, 0x24040055, 0x0, 0x0) recvmsg(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)=""/243, 0x11000}], 0x1}, 0x142) 1.193696312s ago: executing program 6 (id=2826): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f00000000c0)={0x18, 0x0, {0x4, @multicast, 'bond0\x00'}}, 0x1e) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @local, 'bridge_slave_1\x00'}}) 1.086725483s ago: executing program 6 (id=2827): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000001940)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_WPAN_PHY(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x1c, r0, 0x7d243a6ea807936d, 0x12, 0x25dfdbf8, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48891}, 0x880) sendmsg$NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440), 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="0000dd00", @ANYRES16=r0, @ANYBLOB="010026bd7000ffdbdf251b00000010002e800c0004000203aaaaaaaaaaaa"], 0x24}, 0x1, 0x0, 0x0, 0x8000800}, 0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000200), r1) 787.186938ms ago: executing program 6 (id=2828): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b70300000000080085000000330000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x28) 735.798109ms ago: executing program 6 (id=2829): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, 0x0) 686.324849ms ago: executing program 5 (id=2830): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000180)={'vxcan1\x00', 0x0}) bind$can_raw(r2, &(0x7f0000000200)={0x1d, r3}, 0x10) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x20, {0x0, 0x0, 0x0, r3, {0x1, 0x6}, {0xffff}, {0x1}}}, 0x24}}, 0x0) 646.67156ms ago: executing program 6 (id=2831): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) 564.507521ms ago: executing program 6 (id=2832): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) recvfrom(r0, 0x0, 0xfffffd98, 0x2, 0x0, 0x2e) syz_emit_ethernet(0x0, 0x0, 0x0) sendmsg$802154_raw(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)="11212ead", 0x4}, 0x1, 0x0, 0x0, 0x24008011}, 0x8080) 486.821852ms ago: executing program 5 (id=2833): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x2020, 0x0, 0x0) ioctl$SIOCGSTAMPNS(0xffffffffffffffff, 0x8907, 0x0) sendmsg$802154_raw(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)="1121e5", 0x3}, 0x1, 0x0, 0x0, 0x24008011}, 0x0) 382.946824ms ago: executing program 5 (id=2834): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0xfffffffc, 0xff, 0x80000000}, 0x1c) socket$inet(0x2, 0x6, 0x5) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_ethernet(0x82, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffff8eff80ec0031088a"], 0x0) 382.591304ms ago: executing program 1 (id=2835): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x7ffffffff000) 339.441174ms ago: executing program 1 (id=2836): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x3, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0x4000000}, 0x1c) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, 0x0, 0x0) 210.303756ms ago: executing program 5 (id=2837): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b7030000000008008500000033000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x28) 90.843518ms ago: executing program 5 (id=2838): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRES32, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00"], 0x44}, 0x1, 0x2}, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) r0 = socket$key(0xf, 0x3, 0x2) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x0, 0x0}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000240)=ANY=[], 0xfe33) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, 0x0, 0x4000000) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r3, &(0x7f0000000340)={0x1d, 0x0, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) r4 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)="81b641f1f3843704b6", 0x9}], 0x1}, 0x48005) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) setsockopt$SO_J1939_FILTER(r3, 0x6b, 0x1, &(0x7f0000000180)=[{0x0, 0x3, {0x1}, {0x0, 0xff}, 0x1, 0x7f}, {0x2, 0xffffffffffffffdf, {0x2, 0x1}, {0x1, 0x0, 0x5}, 0x2, 0x1}, {0x1, 0x0, {0x0, 0x0, 0x2}, {0x0, 0xff, 0x1}, 0xfe}], 0x60) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r5, {0xfffd, 0x10}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x840) 0s ago: executing program 5 (id=2839): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_emit_ethernet(0x56, &(0x7f00000002c0)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x20, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2c}, @remote, {[@hopopts={0x2f, 0x3, '\x00', [@enc_lim={0x4, 0x1, 0x7f}, @enc_lim, @ra={0x5, 0x2, 0x453}, @pad1, @ra={0x5, 0x2, 0x18}, @ra={0x5, 0x2, 0x80}, @enc_lim={0x4, 0x1, 0x3}]}]}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) mkdir(&(0x7f0000000280)='./file0\x00', 0x55) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) socket$inet(0x2, 0x80000, 0x5) sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r6, 0x1, 0x0, 0xfffffffd, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @private=0xa010102}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x54}}, 0x0) sendmsg$TIPC_NL_NODE_GET(r5, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000440)={0x1cc, r6, 0x773801c0b00a3c9e, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x74ce21e5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8c3}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x240000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}]}, @TIPC_NLA_BEARER={0x50, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x5, @ipv4={'\x00', '\xff\xff', @local}, 0x5}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1d7, @mcast2, 0xc}}}}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x81}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xb}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xe}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc2}]}, @TIPC_NLA_PUBL={0x4}, @TIPC_NLA_SOCK={0xd0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x82}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xa1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff8000}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x81}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x100}]}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3c2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xffffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xf}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xc00}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x10}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8000000000000000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}]}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x140}, 0x0) kernel console output (not intermixed with test programs): t: type=1326 audit(2000000100.530:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7500 comm="syz.2.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 258.863816][ T7505] 9pnet_virtio: no channels available for device 127.0.0.1 [ 258.865801][ T26] audit: type=1326 audit(2000000100.560:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7500 comm="syz.2.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 258.930441][ T26] audit: type=1326 audit(2000000100.560:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7500 comm="syz.2.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 258.953589][ T26] audit: type=1326 audit(2000000100.560:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7500 comm="syz.2.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 258.988847][ T26] audit: type=1326 audit(2000000100.560:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7500 comm="syz.2.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 259.022958][ T26] audit: type=1326 audit(2000000100.560:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7500 comm="syz.2.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 259.066844][ T26] audit: type=1326 audit(2000000100.560:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7500 comm="syz.2.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 259.090508][ T26] audit: type=1326 audit(2000000100.560:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7500 comm="syz.2.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 259.113937][ T26] audit: type=1326 audit(2000000100.560:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7500 comm="syz.2.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 259.155272][ T26] audit: type=1326 audit(2000000100.560:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7500 comm="syz.2.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 260.090580][ T7513] loop2: detected capacity change from 0 to 128 [ 260.130895][ T7513] FAT-fs (loop2): Invalid FSINFO signature: 0x00615252, 0x61417272 (sector = 1) [ 260.423465][ T7517] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1090'. [ 260.437044][ T7524] loop4: detected capacity change from 0 to 1024 [ 261.605954][ T7531] loop2: detected capacity change from 0 to 512 [ 261.615990][ T7531] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 261.674910][ T7531] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 261.747811][ T7531] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.1095: invalid block [ 261.773667][ T7536] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1096'. [ 261.787938][ T7531] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1095: invalid indirect mapped block 4294967295 (level 1) [ 261.826518][ T7531] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1095: invalid indirect mapped block 4294967295 (level 1) [ 261.957662][ T7538] xfrm0 speed is unknown, defaulting to 1000 [ 262.084319][ T7531] EXT4-fs (loop2): 2 truncates cleaned up [ 262.285814][ T7531] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 262.617037][ T4256] EXT4-fs (loop2): unmounting filesystem. [ 263.977398][ T7560] 9pnet: Could not find request transport: t [ 264.777451][ T7582] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1110'. [ 264.818306][ T7580] overlayfs: failed to resolve './file0': -2 [ 265.107535][ T26] kauditd_printk_skb: 32 callbacks suppressed [ 265.107570][ T26] audit: type=1326 audit(2000000106.830:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 265.585855][ T26] audit: type=1326 audit(2000000107.250:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 265.922569][ T26] audit: type=1326 audit(2000000107.260:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 266.099517][ T26] audit: type=1326 audit(2000000107.280:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 266.296261][ T26] audit: type=1326 audit(2000000107.280:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 266.320580][ T26] audit: type=1326 audit(2000000107.280:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 266.355081][ T26] audit: type=1326 audit(2000000107.290:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 266.385616][ T26] audit: type=1326 audit(2000000107.290:1253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 267.202977][ T26] audit: type=1326 audit(2000000107.290:1254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 267.328949][ T26] audit: type=1326 audit(2000000107.300:1255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd68598d290 code=0x7ffc0000 [ 267.595777][ T7609] 9pnet: Could not find request transport: t [ 267.865982][ T7617] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1122'. [ 268.287831][ T7627] bridge: RTM_NEWNEIGH with invalid ether address [ 269.716871][ T7640] loop2: detected capacity change from 0 to 512 [ 270.425816][ T26] kauditd_printk_skb: 8 callbacks suppressed [ 270.425869][ T26] audit: type=1326 audit(2000000112.110:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 271.344111][ T7640] EXT4-fs warning (device loop2): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop2. [ 271.641051][ T26] audit: type=1326 audit(2000000112.120:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 271.675691][ T26] audit: type=1326 audit(2000000112.130:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 271.705758][ T26] audit: type=1326 audit(2000000112.130:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 271.786047][ T7646] overlayfs: conflicting options: metacopy=on,redirect_dir=follow [ 271.794578][ T26] audit: type=1326 audit(2000000112.140:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 271.829185][ T26] audit: type=1326 audit(2000000112.140:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 271.935700][ T26] audit: type=1326 audit(2000000112.140:1270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 271.971365][ T26] audit: type=1326 audit(2000000113.030:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 272.010545][ T26] audit: type=1326 audit(2000000113.030:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 272.097602][ T7655] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1134'. [ 272.187005][ T26] audit: type=1326 audit(2000000113.030:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 273.165235][ T7666] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 273.226604][ T7671] random: crng reseeded on system resumption [ 273.895656][ T7666] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 273.973711][ T7666] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 273.997329][ T7664] 9pnet: Could not find request transport: rd [ 274.053728][ T7666] device bridge_slave_0 left promiscuous mode [ 274.060827][ T7666] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.071547][ T7666] device bridge_slave_1 left promiscuous mode [ 274.079197][ T7666] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.133015][ T7666] bond0: (slave bond_slave_0): Releasing backup interface [ 274.162244][ T7666] device bond_slave_0 left promiscuous mode [ 274.383227][ T7666] bond0: (slave bond_slave_1): Releasing backup interface [ 274.412614][ T7666] device bond_slave_1 left promiscuous mode [ 274.543035][ T7666] team0: Port device team_slave_0 removed [ 274.665217][ T7666] team0: Port device team_slave_1 removed [ 274.676356][ T7666] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 274.695714][ T7666] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 274.717353][ T7666] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 274.734827][ T7666] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 274.746651][ T7666] infiniband syz1: set active [ 274.770974][ T7672] team0: Mode changed to "loadbalance" [ 274.872424][ T7674] netlink: 1544 bytes leftover after parsing attributes in process `syz.2.1138'. [ 275.150574][ T7690] loop3: detected capacity change from 0 to 512 [ 275.221156][ T7690] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 275.230370][ T7690] ext4 filesystem being mounted at /241/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 275.998335][ T7698] loop0: detected capacity change from 0 to 512 [ 276.032292][ T7698] EXT4-fs: Ignoring removed mblk_io_submit option [ 276.050368][ T7698] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 276.101200][ T7698] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 276.142952][ T7698] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 276.194137][ T7698] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a043c01c, mo2=0102] [ 276.227200][ T7698] System zones: 0-2, 18-18, 34-34 [ 276.248310][ T7698] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 276.324496][ T7698] EXT4-fs (loop0): 1 truncate cleaned up [ 276.330258][ T7698] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 276.683750][ T6741] xfrm0 speed is unknown, defaulting to 1000 [ 276.691500][ T7688] xfrm0 speed is unknown, defaulting to 1000 [ 276.897210][ T7705] loop2: detected capacity change from 0 to 1024 [ 276.918702][ T4262] EXT4-fs (loop3): unmounting filesystem. [ 277.207072][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 277.225298][ T7712] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1148'. [ 277.582042][ T7714] 9pnet: Could not find request transport: rd [ 277.766334][ T26] kauditd_printk_skb: 31 callbacks suppressed [ 277.766347][ T26] audit: type=1326 audit(2000000119.480:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 277.855371][ T26] audit: type=1326 audit(2000000119.480:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 277.887208][ T26] audit: type=1326 audit(2000000119.480:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 277.919033][ T26] audit: type=1326 audit(2000000119.480:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 277.952188][ T26] audit: type=1326 audit(2000000119.480:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 279.293827][ T26] audit: type=1326 audit(2000000119.480:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 279.326024][ T26] audit: type=1326 audit(2000000119.480:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 279.589488][ T7729] xfrm0 speed is unknown, defaulting to 1000 [ 279.915278][ T7733] loop4: detected capacity change from 0 to 512 [ 280.008953][ T26] audit: type=1326 audit(2000000119.490:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 280.034942][ T7733] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 280.179079][ T7733] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec099, mo2=0002] [ 280.187828][ T7733] System zones: 1-12 [ 280.211901][ T7733] EXT4-fs (loop4): 1 truncate cleaned up [ 280.218216][ T7733] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 280.233572][ T26] audit: type=1326 audit(2000000119.490:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 280.275102][ T26] audit: type=1326 audit(2000000119.490:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.3.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3ca538d290 code=0x7ffc0000 [ 281.637349][ T4260] EXT4-fs (loop4): unmounting filesystem. [ 282.572940][ T7760] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1164'. [ 282.664067][ T7762] loop4: detected capacity change from 0 to 1024 [ 282.813176][ T26] kauditd_printk_skb: 8 callbacks suppressed [ 282.813190][ T26] audit: type=1326 audit(2000000124.530:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.1.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 282.944100][ T26] audit: type=1326 audit(2000000124.560:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.1.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 282.971107][ T26] audit: type=1326 audit(2000000124.560:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.1.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 282.993724][ T26] audit: type=1326 audit(2000000124.560:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.1.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 283.016402][ T26] audit: type=1326 audit(2000000124.560:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.1.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 283.118724][ T26] audit: type=1326 audit(2000000124.560:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.1.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 283.704424][ T26] audit: type=1326 audit(2000000124.560:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.1.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 283.726818][ C0] vkms_vblank_simulate: vblank timer overrun [ 283.871307][ T26] audit: type=1326 audit(2000000124.560:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.1.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 283.893740][ C0] vkms_vblank_simulate: vblank timer overrun [ 283.960317][ T7784] xfrm0 speed is unknown, defaulting to 1000 [ 284.099338][ T26] audit: type=1326 audit(2000000124.560:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.1.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 284.121851][ T26] audit: type=1326 audit(2000000124.560:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.1.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 284.158529][ T7773] 9pnet: Could not find request transport: t [ 284.188891][ T7750] loop3: detected capacity change from 0 to 40427 [ 284.203881][ T7750] F2FS-fs (loop3): invalid crc value [ 284.245022][ T7750] F2FS-fs (loop3): Found nat_bits in checkpoint [ 284.358674][ T7750] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 284.847693][ T7804] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1177'. [ 285.168465][ T7816] loop1: detected capacity change from 0 to 1024 [ 286.382359][ T7828] 9pnet: Could not find request transport: t [ 286.649445][ T7839] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1190'. [ 286.750951][ T7843] loop2: detected capacity change from 0 to 512 [ 287.093244][ T7843] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 287.103250][ T7843] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 287.946111][ T7855] tipc: Failed to remove unknown binding: 66,1,1/0:3260635033/3260635035 [ 288.009100][ T7855] loop1: detected capacity change from 0 to 128 [ 288.067765][ T7855] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 288.116191][ T7855] ext4 filesystem being mounted at /245/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 288.321111][ T7855] EXT4-fs error (device loop1): dx_make_map:1328: inode #2: block 18: comm syz.1.1193: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 288.410537][ T7855] EXT4-fs error (device loop1) in do_split:2095: Corrupt filesystem [ 288.453475][ T4256] EXT4-fs (loop2): unmounting filesystem. [ 288.506742][ T7855] EXT4-fs error (device loop1): dx_make_map:1328: inode #2: block 18: comm syz.1.1193: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 288.556238][ T7855] EXT4-fs error (device loop1) in do_split:2095: Corrupt filesystem [ 288.590186][ T26] kauditd_printk_skb: 25 callbacks suppressed [ 288.590201][ T26] audit: type=1326 audit(2000000130.310:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 288.663498][ T26] audit: type=1326 audit(2000000130.310:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 288.719375][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 288.753858][ T26] audit: type=1326 audit(2000000130.310:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 288.824770][ T26] audit: type=1326 audit(2000000130.320:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 289.021256][ T26] audit: type=1326 audit(2000000130.320:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 289.061318][ T26] audit: type=1326 audit(2000000130.320:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 289.384083][ T26] audit: type=1326 audit(2000000130.320:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 289.795230][ T7875] xfrm0 speed is unknown, defaulting to 1000 [ 289.838055][ T7877] loop0: detected capacity change from 0 to 1024 [ 289.914626][ T26] audit: type=1326 audit(2000000130.320:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 289.988531][ T26] audit: type=1326 audit(2000000130.320:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23698e929 code=0x7ffc0000 [ 290.011239][ T26] audit: type=1326 audit(2000000130.320:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa23698d290 code=0x7ffc0000 [ 290.175644][ T7884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1199'. [ 290.858536][ T7885] 9pnet: Could not find request transport: t [ 291.371196][ T7897] overlayfs: statfs failed on './file0' [ 291.448318][ T7898] loop1: detected capacity change from 0 to 4096 [ 291.828764][ T7898] EXT4-fs (loop1): Test dummy encryption mode enabled [ 291.877595][ T7898] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 291.965886][ T7919] loop3: detected capacity change from 0 to 128 [ 292.175318][ T7898] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 292.175910][ T6738] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 292.394994][ T7931] loop4: detected capacity change from 0 to 1024 [ 292.418224][ T6738] usb 3-1: unable to get BOS descriptor or descriptor too short [ 292.589986][ T6738] usb 3-1: too many configurations: 248, using maximum allowed: 8 [ 292.606888][ T6738] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 292.614621][ T6738] usb 3-1: can't read configurations, error -71 [ 293.438668][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 293.478768][ T7940] loop2: detected capacity change from 0 to 4096 [ 293.494797][ T7940] EXT4-fs (loop2): Test dummy encryption mode enabled [ 293.536344][ T7944] 9pnet: Could not find request transport: t [ 293.565230][ T7940] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 293.751206][ T26] kauditd_printk_skb: 24 callbacks suppressed [ 293.751221][ T26] audit: type=1326 audit(2000000135.470:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.3.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 293.802352][ T26] audit: type=1326 audit(2000000135.510:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.3.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 293.855666][ T26] audit: type=1326 audit(2000000135.510:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.3.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 293.921530][ T26] audit: type=1326 audit(2000000135.510:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.3.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 294.433932][ T26] audit: type=1326 audit(2000000135.510:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.3.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 294.517258][ T26] audit: type=1326 audit(2000000135.510:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.3.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 294.540006][ T26] audit: type=1326 audit(2000000135.510:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.3.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 294.542344][ T4256] EXT4-fs (loop2): unmounting filesystem. [ 294.563191][ T26] audit: type=1326 audit(2000000135.510:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.3.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 294.592198][ T26] audit: type=1326 audit(2000000135.510:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.3.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 294.655856][ T26] audit: type=1326 audit(2000000135.510:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.3.1219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ca538e929 code=0x7ffc0000 [ 294.808146][ T7967] loop0: detected capacity change from 0 to 512 [ 294.837060][ T7967] EXT4-fs: Ignoring removed nomblk_io_submit option [ 294.875686][ T7967] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 294.909190][ T7967] EXT4-fs (loop0): Test dummy encryption mode enabled [ 294.943063][ T7967] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 295.025987][ T7967] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002] [ 295.042437][ T7967] EXT4-fs (loop0): couldn't mount RDWR because of unsupported optional features (80) [ 295.061530][ T7967] EXT4-fs (loop0): Skipping orphan cleanup due to unknown ROCOMPAT features [ 295.082185][ T7967] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 295.148894][ T7967] EXT4-fs warning (device loop0): dx_probe:893: inode #2: comm syz.0.1225: dx entry: limit 65535 != root limit 120 [ 295.906938][ T7967] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1225: Corrupt directory, running e2fsck is recommended [ 296.042014][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 296.191241][ T7983] loop0: detected capacity change from 0 to 1024 [ 298.078153][ T8009] tipc: New replicast peer: 10.1.1.2 [ 298.084710][ T8009] tipc: Enabled bearer , priority 10 [ 298.295995][ T7998] 9pnet: Could not find request transport: t [ 299.381711][ T8025] loop1: detected capacity change from 0 to 512 [ 299.432174][ T8025] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 299.487776][ T8025] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec099, mo2=0002] [ 299.516580][ T8025] System zones: 1-12 [ 299.556970][ T8025] EXT4-fs (loop1): 1 truncate cleaned up [ 299.562687][ T8025] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 300.641069][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 301.190006][ T8035] loop1: detected capacity change from 0 to 512 [ 302.155397][ T8035] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 302.164903][ T8035] ext4 filesystem being mounted at /255/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 303.304326][ T8045] loop4: detected capacity change from 0 to 1024 [ 303.438904][ T26] kauditd_printk_skb: 27 callbacks suppressed [ 303.438931][ T26] audit: type=1326 audit(2000000145.160:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.0.1245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 303.552167][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 303.594219][ T26] audit: type=1326 audit(2000000145.160:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.0.1245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 303.690069][ T8050] overlayfs: statfs failed on './file0' [ 303.722646][ T26] audit: type=1326 audit(2000000145.160:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.0.1245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 304.253897][ T26] audit: type=1326 audit(2000000145.160:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.0.1245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 304.276290][ C1] vkms_vblank_simulate: vblank timer overrun [ 304.407643][ T26] audit: type=1326 audit(2000000145.160:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.0.1245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 304.435674][ T26] audit: type=1326 audit(2000000145.170:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.0.1245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 304.507506][ T26] audit: type=1326 audit(2000000145.170:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.0.1245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 304.585725][ T8055] 9pnet: Could not find request transport: t [ 304.589754][ T26] audit: type=1326 audit(2000000145.170:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.0.1245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 304.672094][ T26] audit: type=1326 audit(2000000145.170:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.0.1245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 304.704649][ T8063] loop0: detected capacity change from 0 to 512 [ 304.734500][ T26] audit: type=1326 audit(2000000145.170:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.0.1245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 304.764455][ T8063] EXT4-fs: Ignoring removed nobh option [ 304.807080][ T8063] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 305.110944][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 305.388622][ T8075] loop0: detected capacity change from 0 to 8192 [ 306.794920][ T8097] loop2: detected capacity change from 0 to 512 [ 306.890592][ T8102] loop0: detected capacity change from 0 to 512 [ 306.898857][ T8097] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 306.916300][ T8102] EXT4-fs: Ignoring removed mblk_io_submit option [ 306.925265][ T8097] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 306.965767][ T8102] EXT4-fs: inline encryption not supported [ 307.095658][ T8102] EXT4-fs: Ignoring removed mblk_io_submit option [ 307.123882][ T8102] EXT4-fs (loop0): Test dummy encryption mode enabled [ 307.156276][ T8102] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 307.197484][ T8102] EXT4-fs (loop0): 1 truncate cleaned up [ 307.203191][ T8102] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 307.578887][ T8111] loop3: detected capacity change from 0 to 128 [ 307.917929][ T8112] syz.4.1264 (8112) used greatest stack depth: 16864 bytes left [ 309.187652][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 309.227371][ T8128] tipc: Enabling of bearer rejected, failed to enable media [ 309.336286][ T8130] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 309.735421][ T8148] loop4: detected capacity change from 0 to 1024 [ 309.753780][ T8148] EXT4-fs: Ignoring removed orlov option [ 309.885809][ T8148] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 312.376103][ T8158] xfrm0 speed is unknown, defaulting to 1000 [ 312.495749][ T4305] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 312.688454][ T4305] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 312.712557][ T4305] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 312.735908][ T4305] usb 2-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 312.755374][ T4305] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.809879][ T4305] usb 2-1: config 0 descriptor?? [ 313.760137][ T8176] loop1: detected capacity change from 0 to 16 [ 313.807637][ T8176] erofs: Unknown parameter '' [ 313.963021][ T4305] usbhid 2-1:0.0: can't add hid device: -71 [ 313.975778][ T4305] usbhid: probe of 2-1:0.0 failed with error -71 [ 313.998068][ T4305] usb 2-1: USB disconnect, device number 2 [ 314.717349][ T4256] EXT4-fs (loop2): unmounting filesystem. [ 314.760852][ T8189] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 315.658430][ T8201] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 316.344190][ T8205] loop0: detected capacity change from 0 to 16 [ 316.437201][ T8205] erofs: (device loop0): mounted with root inode @ nid 36. [ 316.840215][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.581347][ T8220] loop1: detected capacity change from 0 to 164 [ 317.642556][ T8222] loop2: detected capacity change from 0 to 512 [ 317.687738][ T8222] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 318.513260][ T8222] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec099, mo2=0002] [ 318.525852][ T8222] System zones: 1-12 [ 318.544129][ T8222] EXT4-fs (loop2): 1 truncate cleaned up [ 318.554184][ T8222] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 319.276095][ T4256] EXT4-fs (loop2): unmounting filesystem. [ 319.541598][ T8237] loop1: detected capacity change from 0 to 2048 [ 319.622893][ T8237] loop1: p1 < > p3 [ 319.629934][ T8237] loop1: p3 size 134217728 extends beyond EOD, truncated [ 319.932647][ T8234] loop1: detected capacity change from 0 to 1024 [ 320.030173][ T8234] kvm: emulating exchange as write [ 320.421713][ T8252] loop0: detected capacity change from 0 to 256 [ 320.449287][ T8254] TCP: tcp_parse_options: Illegal window scaling value 127 > 14 received [ 320.556578][ T8257] 8021q: VLANs not supported on xfrm0 [ 321.791408][ T8262] loop0: detected capacity change from 0 to 512 [ 322.546433][ T8262] EXT4-fs: Ignoring removed mblk_io_submit option [ 322.683165][ T8262] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 322.699372][ T8262] EXT4-fs (loop0): orphan cleanup on readonly fs [ 322.755811][ T8262] __quota_error: 33 callbacks suppressed [ 322.755824][ T8262] Quota error (device loop0): v2_read_file_info: Block with free entry 1 out of range (1, 6). [ 322.805779][ T8262] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 322.871230][ T8262] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 322.935718][ T8262] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1313: bg 0: block 40: padding at end of block bitmap is not set [ 322.980786][ T8262] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 323.045246][ T8262] EXT4-fs (loop0): 1 truncate cleaned up [ 323.052279][ T8262] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 323.658876][ T8277] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1318'. [ 324.709997][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 324.755307][ T8297] loop1: detected capacity change from 0 to 1024 [ 324.792466][ T8297] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 325.014999][ T8305] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 325.527191][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 326.902701][ T8307] xt_CT: You must specify a L4 protocol and not use inversions on it [ 328.226036][ T8321] IPVS: set_ctl: invalid protocol: 8 127.0.0.1:20004 [ 328.428958][ T8327] loop1: detected capacity change from 0 to 1024 [ 328.464968][ T8327] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 328.586368][ T8335] loop2: detected capacity change from 0 to 1024 [ 328.645831][ T6738] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 328.655591][ T8335] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 328.899254][ T4256] EXT4-fs (loop2): unmounting filesystem. [ 328.995754][ T6738] usb 4-1: Using ep0 maxpacket: 32 [ 329.167860][ T8326] loop3: detected capacity change from 0 to 16 [ 329.498981][ T8326] erofs: (device loop3): mounted with root inode @ nid 36. [ 329.575168][ T8326] erofs: (device loop3): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 329.606835][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 329.662399][ T4255] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192] [ 329.686049][ T8326] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192] [ 329.734996][ T26] audit: type=1800 audit(2000000171.450:1472): pid=8326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1331" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 329.768125][ T6738] usb 4-1: unable to get BOS descriptor or descriptor too short [ 329.789831][ T8333] loop0: detected capacity change from 0 to 40427 [ 329.814054][ T8333] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 329.825779][ T8333] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 329.846689][ T8333] F2FS-fs (loop0): invalid crc value [ 329.910670][ T8333] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 329.955818][ T6738] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 329.963407][ T6738] usb 4-1: can't read configurations, error -71 [ 330.231520][ T8333] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 330.287070][ T8333] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 331.820139][ T8382] loop2: detected capacity change from 0 to 512 [ 331.859816][ T8382] EXT4-fs (loop2): Test dummy encryption mode enabled [ 331.929131][ T8382] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 331.957271][ T8382] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002] [ 331.967352][ T8382] System zones: 1-12 [ 332.197186][ T8366] loop4: detected capacity change from 0 to 1024 [ 332.672428][ T8366] EXT4-fs: Ignoring removed mblk_io_submit option [ 332.703715][ T8382] EXT4-fs (loop2): 1 truncate cleaned up [ 332.720645][ T8382] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 332.758640][ T8382] hub 8-0:1.0: USB hub found [ 332.764030][ T8382] hub 8-0:1.0: 1 port detected [ 332.788822][ T8366] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 332.856050][ T8393] IPv6: sit1: Disabled Multicast RS [ 333.268317][ T4256] EXT4-fs (loop2): unmounting filesystem. [ 333.307434][ T4260] EXT4-fs (loop4): unmounting filesystem. [ 333.401047][ T26] audit: type=1326 audit(2000000175.120:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 333.443909][ T26] audit: type=1326 audit(2000000175.150:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 333.492822][ T26] audit: type=1326 audit(2000000175.150:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 333.548177][ T26] audit: type=1326 audit(2000000175.150:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 333.571230][ T26] audit: type=1326 audit(2000000175.150:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 333.594495][ T26] audit: type=1326 audit(2000000175.150:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 333.644826][ T26] audit: type=1326 audit(2000000175.150:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 334.326910][ T8408] xfrm0 speed is unknown, defaulting to 1000 [ 334.385698][ T26] audit: type=1326 audit(2000000175.150:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 334.513960][ T26] audit: type=1326 audit(2000000175.150:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd68598e929 code=0x7ffc0000 [ 334.548865][ T8405] 9pnet: Could not find request transport: t [ 335.976975][ T8430] IPVS: set_ctl: invalid protocol: 8 127.0.0.1:20004 [ 336.076287][ T8431] loop3: detected capacity change from 0 to 512 [ 336.143514][ T8431] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 336.152621][ T8431] ext4 filesystem being mounted at /287/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 336.395777][ T4305] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 337.260382][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 337.260396][ T26] audit: type=1326 audit(2000000178.910:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8442 comm="syz.0.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 337.418852][ T26] audit: type=1326 audit(2000000178.910:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8442 comm="syz.0.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 337.457577][ T8445] loop1: detected capacity change from 0 to 1024 [ 337.503039][ T8445] EXT4-fs: Ignoring removed orlov option [ 337.526125][ T8445] EXT4-fs: Ignoring removed nomblk_io_submit option [ 337.546054][ T26] audit: type=1326 audit(2000000178.910:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8442 comm="syz.0.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 337.606503][ T8445] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 337.639870][ T26] audit: type=1326 audit(2000000178.910:1492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8442 comm="syz.0.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 337.734360][ T26] audit: type=1326 audit(2000000178.910:1493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8442 comm="syz.0.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 337.826018][ T26] audit: type=1326 audit(2000000178.910:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8442 comm="syz.0.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 337.925244][ T26] audit: type=1326 audit(2000000178.910:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8442 comm="syz.0.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 337.957699][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 338.023044][ T26] audit: type=1326 audit(2000000178.910:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8442 comm="syz.0.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 338.096429][ T26] audit: type=1326 audit(2000000178.910:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8442 comm="syz.0.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 338.169969][ T26] audit: type=1326 audit(2000000178.910:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8442 comm="syz.0.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 338.277243][ T4305] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 338.295621][ T4305] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 338.305371][ T4305] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 338.355635][ T4305] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 338.364693][ T4305] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.397427][ T4305] usb 5-1: config 0 descriptor?? [ 338.455505][ T8456] 9pnet: Could not find request transport: t [ 338.819625][ T4305] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 338.864308][ T4305] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 339.065599][ T4305] usb 5-1: USB disconnect, device number 6 [ 339.248671][ T8467] device pim6reg1 entered promiscuous mode [ 340.324497][ T8478] af_packet: tpacket_rcv: packet too big, clamped from 32834 to 4294967286. macoff=82 [ 340.586292][ T8485] loop2: detected capacity change from 0 to 512 [ 340.610802][ T8485] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 340.686121][ T8485] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec099, mo2=0002] [ 340.700477][ T8485] System zones: 1-12 [ 340.735026][ T8485] EXT4-fs (loop2): 1 truncate cleaned up [ 340.744200][ T8485] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 341.884360][ T4256] EXT4-fs (loop2): unmounting filesystem. [ 342.636439][ T4262] EXT4-fs (loop3): unmounting filesystem. [ 343.495203][ T26] kauditd_printk_skb: 26 callbacks suppressed [ 343.495217][ T26] audit: type=1326 audit(2000000185.210:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 343.574397][ T26] audit: type=1326 audit(2000000185.260:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 343.642347][ T26] audit: type=1326 audit(2000000185.260:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 343.711600][ T26] audit: type=1326 audit(2000000185.260:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 343.779036][ T26] audit: type=1326 audit(2000000185.260:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 343.801371][ C1] vkms_vblank_simulate: vblank timer overrun [ 343.821897][ T8528] device pim6reg1 entered promiscuous mode [ 343.895867][ T26] audit: type=1326 audit(2000000185.260:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 343.918205][ C1] vkms_vblank_simulate: vblank timer overrun [ 343.995459][ T26] audit: type=1326 audit(2000000185.260:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 344.017854][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.067176][ T8532] 9pnet: Could not find request transport: t [ 344.067205][ T26] audit: type=1326 audit(2000000185.260:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 344.262642][ T26] audit: type=1326 audit(2000000185.260:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 344.264593][ T8542] netlink: 61211 bytes leftover after parsing attributes in process `syz.0.1401'. [ 344.285033][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.286218][ T26] audit: type=1326 audit(2000000185.260:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f3fb8e929 code=0x7ffc0000 [ 344.322939][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.739825][ T8546] tipc: New replicast peer: 10.1.1.2 [ 344.745900][ T8546] tipc: Enabled bearer , priority 10 [ 345.618621][ T41] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.763360][ T41] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.958191][ T41] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.093948][ T41] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.353085][ T41] tipc: Disabling bearer [ 346.373315][ T41] tipc: Disabling bearer [ 346.390015][ T41] tipc: Left network mode [ 346.676248][ T4257] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 346.685022][ T4257] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 346.693332][ T4257] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 346.703488][ T4257] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 346.720021][ T4257] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 346.727458][ T4257] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 346.744224][ T4255] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 346.751560][ T4255] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 346.759208][ T4255] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 346.767584][ T4255] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 346.775038][ T4255] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 346.782769][ T4255] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 346.845168][ T4264] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 346.853899][ T4264] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 346.862113][ T4264] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 346.876465][ T4264] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 346.896171][ T4257] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 346.904145][ T4257] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 347.029689][ T41] infiniband syz1: set down [ 347.091387][ T32] xfrm0 speed is unknown, defaulting to 1000 [ 347.151417][ T8577] 9pnet: Could not find request transport: t [ 347.308760][ T5358] smc: removing ib device syz1 [ 347.365519][ T8583] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1417'. [ 349.595038][ T8598] can: request_module (can-proto-0) failed. [ 349.739685][ T8572] chnl_net:caif_netlink_parms(): no params data found [ 350.024074][ T8611] 9pnet: Could not find request transport: t [ 350.110506][ T8572] bridge0: port 1(bridge_slave_0) entered blocking state [ 350.125890][ T8572] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.133998][ T8572] device bridge_slave_0 entered promiscuous mode [ 350.187038][ T8572] bridge0: port 2(bridge_slave_1) entered blocking state [ 350.194152][ T8572] bridge0: port 2(bridge_slave_1) entered disabled state [ 350.246975][ T8572] device bridge_slave_1 entered promiscuous mode [ 350.344815][ T8572] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 350.415157][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 350.486162][ T41] device hsr_slave_0 left promiscuous mode [ 350.505469][ T41] device hsr_slave_1 left promiscuous mode [ 350.524545][ T4264] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 350.536173][ T4264] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 350.544296][ T4264] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 350.556521][ T4264] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 350.564210][ T4264] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 350.569176][ T41] device bond0 left promiscuous mode [ 350.577103][ T4264] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 350.588436][ T4255] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 350.598199][ T4255] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 350.598713][ T41] device veth1_macvtap left promiscuous mode [ 350.605745][ T4255] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 350.619507][ T4255] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 350.624193][ T41] device veth0_macvtap left promiscuous mode [ 350.638263][ T4255] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 350.645755][ T4255] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 350.662704][ T41] device veth1_vlan left promiscuous mode [ 350.690225][ T41] device veth0_vlan left promiscuous mode [ 351.872017][ T41] bond0 (unregistering): Released all slaves [ 351.933625][ T8572] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 352.018300][ T8572] team0: Port device team_slave_0 added [ 352.191929][ T8572] team0: Port device team_slave_1 added [ 352.303246][ T8572] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 352.355461][ T8572] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 352.696836][ T4264] Bluetooth: hci1: command 0x0409 tx timeout [ 352.886329][ T8572] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 353.026114][ T8572] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 353.033090][ T8572] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 353.723720][ T8572] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 354.051563][ T8572] device hsr_slave_0 entered promiscuous mode [ 354.089750][ T8572] device hsr_slave_1 entered promiscuous mode [ 354.100489][ T8572] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 354.109362][ T8572] Cannot create hsr debugfs directory [ 354.348884][ T8669] device syzkaller0 entered promiscuous mode [ 354.355819][ T8669] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready [ 354.438218][ T8620] chnl_net:caif_netlink_parms(): no params data found [ 354.707940][ T5380] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.776379][ T4255] Bluetooth: hci1: command 0x041b tx timeout [ 354.817704][ T8620] bridge0: port 1(bridge_slave_0) entered blocking state [ 354.835039][ T8620] bridge0: port 1(bridge_slave_0) entered disabled state [ 355.414938][ T8620] device bridge_slave_0 entered promiscuous mode [ 355.971105][ T8620] bridge0: port 2(bridge_slave_1) entered blocking state [ 356.009895][ T8620] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.052207][ T8620] device bridge_slave_1 entered promiscuous mode [ 356.148179][ T5380] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.222065][ T5380] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.240930][ T8572] netdevsim netdevsim2 netdevsim0: renamed from eth1 [ 356.257591][ T8620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 356.271852][ T8572] netdevsim netdevsim2 netdevsim1: renamed from eth2 [ 356.302316][ T8620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 356.323578][ T5380] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.349941][ T8572] netdevsim netdevsim2 netdevsim2: renamed from eth3 [ 356.398853][ T8572] netdevsim netdevsim2 netdevsim3: renamed from eth4 [ 356.458201][ T8620] team0: Port device team_slave_0 added [ 356.478902][ T8572] netdevsim netdevsim5 netdevsim4: renamed from eth5 [ 356.508141][ T8620] team0: Port device team_slave_1 added [ 356.519960][ T8572] netdevsim netdevsim5 netdevsim5: renamed from eth6 [ 356.581750][ T8572] netdevsim netdevsim5 netdevsim6: renamed from eth7 [ 356.614589][ T8572] netdevsim netdevsim5 netdevsim7: renamed from eth8 [ 356.641400][ T8620] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 356.649410][ T8620] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 356.676259][ T8620] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 356.726026][ T8620] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 356.732996][ T8620] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 356.773376][ T8620] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 356.857992][ T5380] tipc: Disabling bearer [ 356.863297][ T5380] tipc: Disabling bearer [ 356.865930][ T4264] Bluetooth: hci1: command 0x040f tx timeout [ 356.876147][ T5380] tipc: Left network mode [ 356.944380][ T8620] device hsr_slave_0 entered promiscuous mode [ 356.976676][ T8620] device hsr_slave_1 entered promiscuous mode [ 356.994450][ T8620] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 357.003311][ T8620] Cannot create hsr debugfs directory [ 357.586423][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 357.605778][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 357.642418][ T8572] 8021q: adding VLAN 0 to HW filter on device team0 [ 357.741905][ T8734] tipc: Started in network mode [ 357.747089][ T8734] tipc: Node identity 0eb1d3fef53c, cluster identity 4711 [ 357.754418][ T8734] tipc: Enabled bearer , priority 0 [ 357.810597][ T8736] device syzkaller0 entered promiscuous mode [ 357.817355][ T8736] tipc: Resetting bearer [ 358.025070][ T8738] 9pnet: Could not find request transport: t [ 358.031770][ T8733] tipc: Resetting bearer [ 358.435314][ T8748] loop4: detected capacity change from 0 to 128 [ 358.765704][ T32] tipc: Node number set to 4220376062 [ 358.935810][ T4264] Bluetooth: hci1: command 0x0419 tx timeout [ 360.258505][ T8733] tipc: Disabling bearer [ 360.266183][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 360.276012][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 360.284504][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 360.292252][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 360.386100][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 360.394207][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 360.403926][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 360.413076][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 360.420220][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 360.494720][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 360.525990][ T5380] IPVS: stopping master sync thread 4467 ... [ 361.659647][ T8774] bridge0: port 2(bridge_slave_1) entered disabled state [ 361.666845][ T8774] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.776013][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 361.859204][ T8780] device syzkaller0 entered promiscuous mode [ 361.893763][ T8793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1467'. [ 363.811743][ T8620] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 363.864718][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 363.886257][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 363.894980][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 364.018243][ T8572] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 364.051300][ T8572] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 364.084873][ T8620] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 364.095241][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 364.107557][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 364.122115][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 364.136075][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 364.149137][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 364.161138][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 364.277144][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 364.836845][ T8620] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 364.865220][ T8620] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 365.118870][ T8620] 8021q: adding VLAN 0 to HW filter on device bond0 [ 365.144468][ T8819] netlink: 'syz.3.1476': attribute type 1 has an invalid length. [ 365.228147][ T5380] device hsr_slave_0 left promiscuous mode [ 365.253885][ T8825] 9pnet: Could not find request transport: t [ 365.285782][ T5380] device hsr_slave_1 left promiscuous mode [ 365.380308][ T5380] device veth1_macvtap left promiscuous mode [ 365.392211][ T5380] device veth0_macvtap left promiscuous mode [ 365.413782][ T5380] device veth1_vlan left promiscuous mode [ 365.432476][ T5380] device veth0_vlan left promiscuous mode [ 366.895353][ T11] smc: removing ib device syz! [ 367.607433][ T5380] bond0 (unregistering): Released all slaves [ 367.716515][ T8829] bond3: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 367.726054][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 367.733750][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 367.756141][ T8819] device veth3 entered promiscuous mode [ 367.764180][ T8819] bond3: (slave veth3): Enslaving as a backup interface with a down link [ 367.922299][ T8620] 8021q: adding VLAN 0 to HW filter on device team0 [ 367.978250][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 368.026386][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 368.088078][ T4529] bridge0: port 1(bridge_slave_0) entered blocking state [ 368.095415][ T4529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 368.145416][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 368.163459][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 368.190217][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 368.424190][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 368.431377][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 368.682330][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 368.977614][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 369.020537][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 369.066471][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 369.074993][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 369.089504][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 369.126351][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 369.165849][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 369.176589][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 369.205354][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 369.214345][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 369.222116][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 369.230589][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 369.247056][ T8620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 369.270452][ T8889] tipc: Enabling of bearer rejected, failed to enable media [ 369.323219][ T8572] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 369.420104][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 369.457392][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 369.653144][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 369.666856][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 369.697706][ T8572] device veth0_vlan entered promiscuous mode [ 369.725359][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 369.766516][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 369.779131][ T8572] device veth1_vlan entered promiscuous mode [ 369.922257][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 369.931801][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 369.941402][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 369.951200][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 369.963218][ T8572] device veth0_macvtap entered promiscuous mode [ 369.986126][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 370.031169][ T8572] device veth1_macvtap entered promiscuous mode [ 370.143337][ T8572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.251305][ T8572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.870616][ T8572] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 370.878210][ T8918] tipc: Started in network mode [ 370.883134][ T8918] tipc: Node identity ac14140f, cluster identity 4711 [ 370.890165][ T8918] tipc: New replicast peer: 10.1.1.2 [ 370.895639][ T8918] tipc: Enabled bearer , priority 10 [ 370.904285][ T8572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.914878][ T8572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.933035][ T8572] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 370.944096][ T8572] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.952857][ T8572] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.961712][ T8572] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.970587][ T8572] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.979478][ T8572] netdevsim netdevsim5 netdevsim4: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.000520][ T8572] netdevsim netdevsim5 netdevsim5: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.022535][ T8572] netdevsim netdevsim5 netdevsim6: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.039074][ T8572] netdevsim netdevsim5 netdevsim7: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.060169][ T8572] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.081106][ T8924] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1496'. [ 371.092532][ T8572] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.100981][ T8572] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.110805][ T8572] netdevsim netdevsim0 eth4: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.137227][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 371.146013][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 371.154665][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 371.163636][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 371.173141][ T8921] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1495'. [ 371.185162][ T8921] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 371.199083][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 371.210200][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 371.283752][ T8620] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.444464][ T4529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.462944][ T4529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.537186][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 371.552903][ T1120] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.574204][ T1120] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.619300][ T4529] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 372.023867][ T6741] tipc: Node number set to 2886997007 [ 372.051919][ T8955] loop5: detected capacity change from 0 to 164 [ 372.996804][ T8972] tipc: New replicast peer: 10.1.1.2 [ 373.002344][ T8972] tipc: Enabled bearer , priority 10 [ 373.559153][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88802b2e0c00: rx timeout, send abort [ 373.569774][ C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff88802b2e0c00: 0x0ff00: (3) A timeout occurred and this is the connection abort to close the session. [ 375.031320][ T8976] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1509'. [ 375.059628][ T8978] device veth3 entered promiscuous mode [ 375.074350][ T8983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1510'. [ 375.164241][ T8983] device bridge_slave_1 left promiscuous mode [ 375.176656][ T8983] bridge0: port 2(bridge_slave_1) entered disabled state [ 375.326656][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 375.348843][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 375.374362][ T8995] loop3: detected capacity change from 0 to 1024 [ 375.423245][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 375.434613][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 375.456473][ T8620] device veth0_vlan entered promiscuous mode [ 375.484521][ T8995] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 375.531881][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 375.546944][ T5673] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 375.602763][ T8620] device veth1_vlan entered promiscuous mode [ 375.622980][ T9009] netlink: 'syz.4.1518': attribute type 1 has an invalid length. [ 375.653298][ T4262] EXT4-fs (loop3): unmounting filesystem. [ 375.692018][ T9011] bond4: (slave gretap1): making interface the new active one [ 375.743698][ T9011] bond4: (slave gretap1): Enslaving as an active interface with an up link [ 375.767436][ T5380] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 375.806119][ T5380] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 375.816181][ T5380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 375.869783][ T5380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 376.045066][ T8620] device veth0_macvtap entered promiscuous mode [ 376.059130][ T8620] device veth1_macvtap entered promiscuous mode [ 376.077435][ T8620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 376.089737][ T8620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.100237][ T8620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 376.189942][ T8620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.596090][ T8620] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 376.762317][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 376.771662][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 376.797454][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 376.826493][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 376.856612][ T9032] tipc: Started in network mode [ 376.861509][ T9032] tipc: Node identity ac14140f, cluster identity 4711 [ 376.869244][ T9032] tipc: New replicast peer: 10.1.1.2 [ 376.874673][ T9032] tipc: Enabled bearer , priority 10 [ 377.011900][ T8620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 377.039579][ T8620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.057642][ T8620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 377.085588][ T8620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.107036][ T8620] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 377.115096][ T9038] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1526'. [ 377.138428][ T9046] loop3: detected capacity change from 0 to 164 [ 377.194787][ T1120] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 377.221656][ T1120] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 377.284347][ T8620] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.321075][ T8620] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.355060][ T8620] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.373236][ T9054] loop1: detected capacity change from 0 to 1024 [ 377.386768][ T8620] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.514446][ T9054] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 378.006275][ T32] tipc: Node number set to 2886997007 [ 378.020406][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 378.209928][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 378.222650][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.383568][ T5380] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 378.419604][ T4825] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 378.443018][ T4825] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 378.454448][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 378.480488][ T1120] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 379.997956][ T9114] netlink: 'syz.3.1541': attribute type 10 has an invalid length. [ 380.069198][ T9114] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 380.117391][ C0] Illegal XDP return value 16128 on prog (id 506) dev bridge_slave_1, expect packet loss! [ 381.218800][ T9153] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1549'. [ 381.290531][ T9155] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1550'. [ 381.346627][ T9153] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1549'. [ 382.676239][ T9182] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1558'. [ 383.904896][ T9196] loop1: detected capacity change from 0 to 1024 [ 384.066794][ T9196] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 385.141652][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 385.343718][ T9230] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1570'. [ 385.413690][ T9230] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 385.670226][ T9246] loop4: detected capacity change from 0 to 164 [ 386.638107][ T9253] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 386.813363][ T9268] loop3: detected capacity change from 0 to 128 [ 387.456730][ T9289] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1586'. [ 387.525947][ T9289] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready [ 388.959947][ T9321] netlink: 'syz.6.1594': attribute type 10 has an invalid length. [ 389.011229][ T9321] bridge0: port 2(bridge_slave_1) entered disabled state [ 389.043985][ T9321] device bridge_slave_1 left promiscuous mode [ 389.157928][ T9321] bridge0: port 2(bridge_slave_1) entered disabled state [ 389.779534][ T9321] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 389.881158][ T9335] netlink: 'syz.4.1596': attribute type 1 has an invalid length. [ 390.015313][ T9338] bond5: (slave gretap2): making interface the new active one [ 390.054534][ T9338] bond5: (slave gretap2): Enslaving as an active interface with an up link [ 390.331570][ T9354] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1600'. [ 390.369897][ T9354] IPv6: ADDRCONF(NETDEV_CHANGE): gre4: link becomes ready [ 391.149609][ T9376] tipc: Enabling of bearer rejected, already enabled [ 391.247378][ T9372] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1604'. [ 392.064964][ T9428] netlink: 'syz.1.1608': attribute type 10 has an invalid length. [ 392.643395][ T9443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1614'. [ 393.333744][ T9443] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready [ 393.363674][ T9448] tipc: Started in network mode [ 393.368641][ T9448] tipc: Node identity ac14140f, cluster identity 4711 [ 393.375667][ T9448] tipc: New replicast peer: 10.1.1.2 [ 393.381118][ T9448] tipc: Enabled bearer , priority 10 [ 394.014277][ T9469] netlink: 'syz.3.1624': attribute type 10 has an invalid length. [ 394.490327][ T9489] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1630'. [ 394.510631][ T32] tipc: Node number set to 2886997007 [ 394.552256][ T9489] IPv6: ADDRCONF(NETDEV_CHANGE): gre5: link becomes ready [ 394.735562][ T9494] tipc: Enabling of bearer rejected, already enabled [ 395.594294][ T9507] netlink: 'syz.5.1638': attribute type 10 has an invalid length. [ 396.314846][ T9530] tipc: Enabling of bearer rejected, already enabled [ 397.426786][ T9541] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1650'. [ 397.554137][ T9544] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1651'. [ 397.806024][ T9548] netlink: 'syz.3.1653': attribute type 10 has an invalid length. [ 399.964186][ T9584] netlink: 'syz.5.1667': attribute type 10 has an invalid length. [ 400.299624][ T9588] loop3: detected capacity change from 0 to 2048 [ 400.676824][ T9595] tipc: Started in network mode [ 400.681854][ T9595] tipc: Node identity ac14140f, cluster identity 4711 [ 400.690489][ T9595] tipc: New replicast peer: 10.1.1.2 [ 400.697082][ T9595] tipc: Enabled bearer , priority 10 [ 401.045872][ T9588] loop3: p1 < > p3 [ 401.123569][ T9588] loop3: p3 size 134217728 extends beyond EOD, truncated [ 401.365767][ T9588] loop3: detected capacity change from 0 to 1024 [ 401.407311][ T9608] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1675'. [ 401.445012][ T9608] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 401.705644][ T6740] tipc: Node number set to 2886997007 [ 401.723475][ T9620] loop5: detected capacity change from 0 to 128 [ 401.969911][ T9628] netlink: 'syz.4.1680': attribute type 10 has an invalid length. [ 402.115000][ T9628] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 402.161229][ T9629] tc_dump_action: action bad kind [ 402.474606][ T9644] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1687'. [ 402.514255][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 402.761775][ T9657] loop6: detected capacity change from 0 to 128 [ 402.809940][ T9635] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1683'. [ 403.089176][ T9667] netlink: 'syz.5.1696': attribute type 10 has an invalid length. [ 403.326781][ T9679] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1701'. [ 403.712624][ T9693] loop6: detected capacity change from 0 to 128 [ 403.944086][ T9697] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1709'. [ 404.842740][ T9709] netlink: 'syz.3.1712': attribute type 10 has an invalid length. [ 405.140457][ T9715] 9pnet: Could not find request transport: t [ 405.290524][ T9731] tc_dump_action: action bad kind [ 405.310557][ T9731] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 405.356716][ T9735] loop4: detected capacity change from 0 to 128 [ 405.620353][ T9748] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1723'. [ 405.789910][ T9753] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (64) [ 407.095338][ T9774] netlink: 'syz.4.1728': attribute type 10 has an invalid length. [ 407.319591][ T9786] loop6: detected capacity change from 0 to 128 [ 407.470752][ T9788] 9pnet: Could not find request transport: t [ 408.453214][ T9818] tipc: Enabling of bearer rejected, already enabled [ 410.193989][ T9845] loop5: detected capacity change from 0 to 128 [ 413.175058][ T9884] loop4: detected capacity change from 0 to 128 [ 413.730352][ T9887] tipc: Enabling of bearer rejected, already enabled [ 414.900040][ T9902] loop5: detected capacity change from 0 to 1024 [ 414.955445][ T9902] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 415.049454][ T8572] EXT4-fs (loop5): unmounting filesystem. [ 416.253659][ T9934] loop4: detected capacity change from 0 to 128 [ 416.323877][ T9940] loop5: detected capacity change from 0 to 164 [ 416.363618][ T9941] netlink: 'syz.1.1777': attribute type 10 has an invalid length. [ 416.515189][ T9948] loop1: detected capacity change from 0 to 1024 [ 416.546360][ T9948] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 416.604849][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 416.931587][ T9968] loop1: detected capacity change from 0 to 128 [ 417.476433][ T9980] tipc: Enabling of bearer rejected, already enabled [ 417.934980][ T9982] netlink: 'syz.6.1792': attribute type 10 has an invalid length. [ 418.049297][ T9988] loop5: detected capacity change from 0 to 164 [ 418.072301][ T9990] loop3: detected capacity change from 0 to 1024 [ 418.156621][ T9990] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 418.358873][ T4262] EXT4-fs (loop3): unmounting filesystem. [ 419.141672][T10015] tipc: Enabling of bearer rejected, already enabled [ 419.418957][T10019] loop3: detected capacity change from 0 to 128 [ 419.674446][T10032] netlink: 'syz.5.1808': attribute type 10 has an invalid length. [ 420.179323][T10041] tipc: Enabling of bearer rejected, already enabled [ 420.609584][T10049] loop6: detected capacity change from 0 to 164 [ 420.613911][T10046] loop1: detected capacity change from 0 to 1024 [ 420.673916][T10046] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 420.829485][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 421.045919][T10070] loop6: detected capacity change from 0 to 128 [ 421.235576][T10074] tipc: Enabling of bearer rejected, already enabled [ 422.165222][T10097] loop1: detected capacity change from 0 to 164 [ 422.546560][T10099] tipc: Enabling of bearer rejected, already enabled [ 423.055197][T10106] loop6: detected capacity change from 0 to 1024 [ 423.150477][T10106] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 423.185262][T10115] loop3: detected capacity change from 0 to 128 [ 423.343493][ T8620] EXT4-fs (loop6): unmounting filesystem. [ 423.595768][ T26] kauditd_printk_skb: 15 callbacks suppressed [ 423.595782][ T26] audit: type=1326 audit(2000000265.320:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10132 comm="syz.6.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3512b8e929 code=0x7ffc0000 [ 423.640456][ T26] audit: type=1326 audit(2000000265.350:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10132 comm="syz.6.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3512b858e7 code=0x7ffc0000 [ 423.679123][ T26] audit: type=1326 audit(2000000265.350:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10132 comm="syz.6.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3512b2ab19 code=0x7ffc0000 [ 423.720071][ T26] audit: type=1326 audit(2000000265.350:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10132 comm="syz.6.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f3512b8e929 code=0x7ffc0000 [ 423.765389][ T26] audit: type=1326 audit(2000000265.400:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10132 comm="syz.6.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3512b858e7 code=0x7ffc0000 [ 423.837980][ T26] audit: type=1326 audit(2000000265.400:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10132 comm="syz.6.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3512b2ab19 code=0x7ffc0000 [ 423.913566][ T26] audit: type=1326 audit(2000000265.400:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10132 comm="syz.6.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f3512b8e929 code=0x7ffc0000 [ 423.983330][ T26] audit: type=1326 audit(2000000265.460:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10132 comm="syz.6.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3512b858e7 code=0x7ffc0000 [ 424.147710][ T26] audit: type=1326 audit(2000000265.460:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10132 comm="syz.6.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3512b2ab19 code=0x7ffc0000 [ 424.170530][ T26] audit: type=1326 audit(2000000265.460:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10132 comm="syz.6.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f3512b8e929 code=0x7ffc0000 [ 424.366620][T10147] tipc: Enabling of bearer rejected, already enabled [ 425.160727][T10154] loop1: detected capacity change from 0 to 164 [ 425.273746][T10156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1845'. [ 425.913807][T10162] loop1: detected capacity change from 0 to 1024 [ 425.961109][T10162] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 426.043856][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 426.622476][T10186] loop1: detected capacity change from 0 to 164 [ 426.951164][T10194] netlink: 88 bytes leftover after parsing attributes in process `syz.6.1858'. [ 427.063121][T10197] tipc: Enabling of bearer rejected, already enabled [ 427.445618][T10202] tipc: Enabling of bearer rejected, already enabled [ 427.808842][T10207] loop6: detected capacity change from 0 to 1024 [ 428.026593][T10207] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 428.066929][ T8620] EXT4-fs (loop6): unmounting filesystem. [ 429.650407][ T26] kauditd_printk_skb: 32 callbacks suppressed [ 429.650422][ T26] audit: type=1326 audit(2000000271.370:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10210 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f7e7858e7 code=0x7ffc0000 [ 430.181332][ T26] audit: type=1326 audit(2000000271.370:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10210 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f7e72ab19 code=0x7ffc0000 [ 430.206017][ T26] audit: type=1326 audit(2000000271.370:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10210 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 430.229160][ T26] audit: type=1326 audit(2000000271.400:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10210 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f7e7858e7 code=0x7ffc0000 [ 430.262023][ T26] audit: type=1326 audit(2000000271.460:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10210 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f7e72ab19 code=0x7ffc0000 [ 430.293394][ T26] audit: type=1326 audit(2000000271.460:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10210 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f7e7858e7 code=0x7ffc0000 [ 430.335942][ T26] audit: type=1326 audit(2000000271.470:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10210 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f7e72ab19 code=0x7ffc0000 [ 430.412869][ T26] audit: type=1326 audit(2000000271.470:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10210 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 430.451770][ T26] audit: type=1326 audit(2000000271.900:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10210 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f7e7858e7 code=0x7ffc0000 [ 430.580304][ T26] audit: type=1326 audit(2000000271.900:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10210 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f7e72ab19 code=0x7ffc0000 [ 431.921343][T10247] loop5: detected capacity change from 0 to 1024 [ 432.983367][T10255] tipc: Enabling of bearer rejected, already enabled [ 433.326843][T10247] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 433.399340][T10269] loop1: detected capacity change from 0 to 164 [ 433.498223][ T8572] EXT4-fs (loop5): unmounting filesystem. [ 434.364683][T10288] xt_CT: No such helper "snmp" [ 434.762436][T10304] device syzkaller0 entered promiscuous mode [ 434.778336][T10304] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready [ 435.075557][T10309] tipc: Enabling of bearer rejected, already enabled [ 435.755173][T10313] loop6: detected capacity change from 0 to 1024 [ 435.787317][T10316] loop5: detected capacity change from 0 to 164 [ 435.830117][T10313] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 435.940117][ T8620] EXT4-fs (loop6): unmounting filesystem. [ 436.412926][T10330] tipc: Enabling of bearer rejected, already enabled [ 436.863628][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 436.863643][ T26] audit: type=1326 audit(2000000278.580:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3512b8e929 code=0x7ffc0000 [ 436.916531][ T26] audit: type=1326 audit(2000000278.610:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3512b858e7 code=0x7ffc0000 [ 436.944948][ T26] audit: type=1326 audit(2000000278.610:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3512b2ab19 code=0x7ffc0000 [ 437.041944][ T26] audit: type=1326 audit(2000000278.610:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f3512b8e929 code=0x7ffc0000 [ 437.064995][ T26] audit: type=1326 audit(2000000278.660:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3512b858e7 code=0x7ffc0000 [ 437.092775][ T26] audit: type=1326 audit(2000000278.660:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3512b2ab19 code=0x7ffc0000 [ 437.116282][ T26] audit: type=1326 audit(2000000278.660:1615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f3512b8e929 code=0x7ffc0000 [ 437.139343][ T26] audit: type=1326 audit(2000000278.710:1616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3512b858e7 code=0x7ffc0000 [ 437.162613][ T26] audit: type=1326 audit(2000000278.710:1617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3512b2ab19 code=0x7ffc0000 [ 437.185631][ T26] audit: type=1326 audit(2000000278.710:1618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f3512b8e929 code=0x7ffc0000 [ 437.550834][T10370] loop5: detected capacity change from 0 to 1024 [ 437.585240][T10370] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 437.632311][ T8572] EXT4-fs (loop5): unmounting filesystem. [ 438.455944][T10392] tipc: Enabling of bearer rejected, already enabled [ 439.295663][T10402] netlink: 'syz.1.1912': attribute type 10 has an invalid length. [ 439.439138][T10405] loop5: detected capacity change from 0 to 1024 [ 439.539840][T10405] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 439.670175][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.734827][ T8572] EXT4-fs (loop5): unmounting filesystem. [ 440.330379][T10435] tipc: Enabling of bearer rejected, already enabled [ 441.292305][T10447] netlink: 'syz.1.1925': attribute type 10 has an invalid length. [ 441.441209][T10452] loop1: detected capacity change from 0 to 1024 [ 441.474575][T10452] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 441.568539][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 441.788612][T10466] loop1: detected capacity change from 0 to 164 [ 442.035002][ T26] kauditd_printk_skb: 39 callbacks suppressed [ 442.035015][ T26] audit: type=1326 audit(2000000283.750:1658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 442.113956][ T26] audit: type=1326 audit(2000000283.750:1659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 442.165426][ T26] audit: type=1326 audit(2000000283.790:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f7e7858e7 code=0x7ffc0000 [ 442.199860][ T26] audit: type=1326 audit(2000000283.790:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f7e72ab19 code=0x7ffc0000 [ 442.238906][ T26] audit: type=1326 audit(2000000283.790:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 442.275589][ T26] audit: type=1326 audit(2000000283.820:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f7e7858e7 code=0x7ffc0000 [ 442.328532][ T26] audit: type=1326 audit(2000000283.820:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f7e72ab19 code=0x7ffc0000 [ 442.372246][T10479] tipc: Enabling of bearer rejected, already enabled [ 442.384521][ T26] audit: type=1326 audit(2000000283.820:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f8f7e78e929 code=0x7ffc0000 [ 442.473557][ T26] audit: type=1326 audit(2000000283.880:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f7e7858e7 code=0x7ffc0000 [ 442.554627][ T26] audit: type=1326 audit(2000000283.880:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f7e72ab19 code=0x7ffc0000 [ 442.680659][T10484] netlink: 'syz.5.1936': attribute type 10 has an invalid length. [ 442.969519][T10490] loop1: detected capacity change from 0 to 1024 [ 443.045203][T10490] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 443.070446][T10496] loop6: detected capacity change from 0 to 164 [ 443.099095][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 443.491462][T10512] netlink: 'syz.6.1946': attribute type 10 has an invalid length. [ 444.251415][T10525] tipc: Enabling of bearer rejected, already enabled [ 444.907737][T10534] loop5: detected capacity change from 0 to 1024 [ 444.963735][T10534] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 445.036008][ T8572] EXT4-fs (loop5): unmounting filesystem. [ 445.162789][T10539] loop5: detected capacity change from 0 to 164 [ 445.813232][T10560] device pim6reg1 entered promiscuous mode [ 448.248046][T10565] tipc: Enabling of bearer rejected, already enabled [ 448.383848][T10571] loop1: detected capacity change from 0 to 1024 [ 448.414730][T10573] loop5: detected capacity change from 0 to 164 [ 448.452014][T10571] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 448.548545][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 450.951618][T10615] tipc: Enabling of bearer rejected, already enabled [ 451.338531][T10620] loop1: detected capacity change from 0 to 1024 [ 451.414678][T10620] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 451.528295][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 451.531474][T10626] loop5: detected capacity change from 0 to 164 [ 452.884363][T10643] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1981'. [ 454.144706][T10654] tipc: Enabling of bearer rejected, already enabled [ 454.824232][T10666] loop6: detected capacity change from 0 to 1024 [ 454.874840][T10666] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 454.895928][T10669] loop1: detected capacity change from 0 to 164 [ 454.990841][ T8620] EXT4-fs (loop6): unmounting filesystem. [ 457.547227][T10703] tipc: Enabling of bearer rejected, already enabled [ 458.095764][T10711] loop1: detected capacity change from 0 to 164 [ 458.236834][T10713] loop6: detected capacity change from 0 to 1024 [ 458.267252][T10713] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 458.365551][ T8620] EXT4-fs (loop6): unmounting filesystem. [ 461.042060][T10748] tipc: Enabling of bearer rejected, already enabled [ 461.597993][T10756] loop1: detected capacity change from 0 to 1024 [ 461.634776][T10756] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 461.688229][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 462.151937][T10775] netlink: 'syz.5.2015': attribute type 10 has an invalid length. [ 463.825040][T10790] loop5: detected capacity change from 0 to 1024 [ 464.194375][T10794] tipc: Enabling of bearer rejected, already enabled [ 464.287956][T10790] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 464.651133][ T8572] EXT4-fs (loop5): unmounting filesystem. [ 467.046201][T10833] tipc: Enabling of bearer rejected, already enabled [ 467.532701][T10839] loop5: detected capacity change from 0 to 1024 [ 467.591283][T10839] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 467.667248][ T8572] EXT4-fs (loop5): unmounting filesystem. [ 469.699647][T10871] loop6: detected capacity change from 0 to 1024 [ 469.722317][T10871] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 469.761377][ T8620] EXT4-fs (loop6): unmounting filesystem. [ 470.383371][T10881] tipc: Enabling of bearer rejected, already enabled [ 470.994163][T10892] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2047'. [ 471.087589][T10896] netlink: 'syz.6.2049': attribute type 10 has an invalid length. [ 472.878464][T10915] tipc: Enabling of bearer rejected, already enabled [ 473.986474][T10929] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2059'. [ 474.135170][T10931] netlink: 'syz.1.2060': attribute type 10 has an invalid length. [ 474.361145][T10935] loop1: detected capacity change from 0 to 164 [ 475.036089][T10943] tipc: Enabling of bearer rejected, already enabled [ 477.101132][T10962] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2070'. [ 477.136715][T10964] netlink: 'syz.1.2071': attribute type 10 has an invalid length. [ 477.395091][T10970] loop5: detected capacity change from 0 to 164 [ 478.390958][T10987] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2081'. [ 478.451733][T10990] netlink: 'syz.1.2082': attribute type 10 has an invalid length. [ 478.575871][T10996] loop5: detected capacity change from 0 to 164 [ 480.299917][T11014] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2093'. [ 480.439001][T11016] netlink: 'syz.6.2094': attribute type 10 has an invalid length. [ 480.726539][T11024] loop5: detected capacity change from 0 to 164 [ 481.104999][T11028] tipc: Enabling of bearer rejected, already enabled [ 481.634046][T11035] loop6: detected capacity change from 0 to 164 [ 481.839668][T11046] netlink: 'syz.5.2104': attribute type 10 has an invalid length. [ 482.602329][T11057] tipc: Enabling of bearer rejected, already enabled [ 483.144799][T11065] loop6: detected capacity change from 0 to 164 [ 483.287139][T11072] netlink: 'syz.1.2115': attribute type 10 has an invalid length. [ 485.737013][T11096] tipc: Enabling of bearer rejected, already enabled [ 486.201474][T11103] loop5: detected capacity change from 0 to 164 [ 486.324478][T11106] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2125'. [ 486.422609][T11108] netlink: 'syz.6.2126': attribute type 10 has an invalid length. [ 486.575293][T11118] loop1: detected capacity change from 0 to 1024 [ 486.646289][T11118] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 486.834216][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 487.204881][T11133] tipc: Enabling of bearer rejected, already enabled [ 487.795653][T11143] netlink: 'syz.6.2138': attribute type 10 has an invalid length. [ 488.978989][T11174] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2148'. [ 488.994051][T11174] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2148'. [ 490.911079][T11198] tipc: Enabling of bearer rejected, already enabled [ 491.143353][T11204] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2158'. [ 491.154971][T11204] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2158'. [ 491.168543][T11205] loop5: detected capacity change from 0 to 164 [ 491.548505][T11220] netlink: 'syz.6.2165': attribute type 10 has an invalid length. [ 491.715250][T11226] loop6: detected capacity change from 0 to 164 [ 491.779711][T11229] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2169'. [ 493.251869][T11246] tipc: Enabling of bearer rejected, already enabled [ 493.707038][T11253] netlink: 'syz.5.2177': attribute type 10 has an invalid length. [ 493.837113][T11257] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2178'. [ 493.885106][T11259] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2179'. [ 493.903714][T11259] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2179'. [ 495.327839][T11286] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2189'. [ 495.645035][T11291] bridge0: port 1(bridge_slave_0) entered disabled state [ 496.263683][T11300] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2195'. [ 496.313367][T11306] vcan0: tx drop: invalid sa for name 0xffffffffffffffff [ 497.014854][T11323] tipc: Enabling of bearer rejected, already enabled [ 498.611448][T11340] vcan0: tx drop: invalid sa for name 0xffffffffffffffff [ 499.306476][T11348] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2213'. [ 499.649956][T11353] loop1: detected capacity change from 0 to 1024 [ 499.736907][T11353] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 499.827140][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 499.923827][T11369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2221'. [ 499.941688][T11369] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2221'. [ 499.964506][T11373] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2224'. [ 500.429746][T11399] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2237'. [ 500.689513][T11410] netlink: 99 bytes leftover after parsing attributes in process `syz.5.2242'. [ 501.117302][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.144399][ C1] aoe: error packet from 65535.255@gre0; ecode=255 'no such error' [ 502.309955][T11438] tipc: Enabling of bearer rejected, already enabled [ 503.599225][T11497] loop5: detected capacity change from 0 to 164 [ 505.464063][T11527] loop5: detected capacity change from 0 to 164 [ 505.810815][T11533] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2293'. [ 505.836341][T11533] device gretap0 entered promiscuous mode [ 505.842253][T11533] device macvtap1 entered promiscuous mode [ 505.864971][T11533] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2293'. [ 505.874951][T11533] device gretap0 left promiscuous mode [ 506.003534][T11539] netlink: 'syz.6.2296': attribute type 10 has an invalid length. [ 506.092081][T11544] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2298'. [ 506.102492][T11544] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2298'. [ 506.112635][T11537] netlink: 'syz.5.2295': attribute type 4 has an invalid length. [ 506.120269][T11546] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2297'. [ 506.352957][T11551] raw_sendmsg: syz.6.2299 forgot to set AF_INET. Fix it! [ 507.581823][T11568] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2307'. [ 507.611618][T11568] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2307'. [ 509.041630][T11601] netlink: 220 bytes leftover after parsing attributes in process `syz.1.2319'. [ 509.265861][T11611] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2322'. [ 509.751825][T11630] loop1: detected capacity change from 0 to 1024 [ 509.796515][T11630] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 509.884543][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 510.054227][T11642] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2335'. [ 510.182355][T11648] device pim6reg1 entered promiscuous mode [ 510.485023][T11660] loop6: detected capacity change from 0 to 1024 [ 510.516566][T11660] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 510.562198][ T8620] EXT4-fs (loop6): unmounting filesystem. [ 510.683176][T11666] loop6: detected capacity change from 0 to 164 [ 512.909354][T11674] tipc: Enabling of bearer rejected, already enabled [ 513.212544][T11687] loop6: detected capacity change from 0 to 1024 [ 513.242577][T11687] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 513.286065][ T8620] EXT4-fs (loop6): unmounting filesystem. [ 513.321427][T11695] loop1: detected capacity change from 0 to 164 [ 514.523393][T11715] loop1: detected capacity change from 0 to 1024 [ 514.577742][T11715] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 514.647176][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 516.154967][T11730] __nla_validate_parse: 1 callbacks suppressed [ 516.154983][T11730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2369'. [ 516.171651][T11731] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2369'. [ 516.299698][T11738] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 516.415380][T11745] loop1: detected capacity change from 0 to 164 [ 517.115541][T11757] tipc: Enabling of bearer rejected, already enabled [ 518.218387][T11768] tipc: Enabling of bearer rejected, already enabled [ 520.490303][T11772] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2381'. [ 520.499381][T11773] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2381'. [ 520.692116][T11801] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2394'. [ 520.703399][T11801] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2394'. [ 521.630031][T11810] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2397'. [ 524.024078][T11847] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2412'. [ 527.173645][T11911] xt_cgroup: path and classid specified [ 527.180385][T11911] IPVS: set_ctl: invalid protocol: 50 10.1.1.2:20004 [ 527.204175][T11912] tipc: Enabling of bearer rejected, already enabled [ 527.577515][T11921] tipc: Enabling of bearer rejected, already enabled [ 528.571671][T11937] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2438'. [ 530.572008][T11957] tipc: Enabling of bearer rejected, already enabled [ 531.194450][T11969] loop5: detected capacity change from 0 to 164 [ 531.557466][T11979] tipc: Enabling of bearer rejected, already enabled [ 532.063599][T11995] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2455'. [ 532.148639][T11997] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2456'. [ 532.537036][T12010] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2461'. [ 532.866436][T12026] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2468'. [ 532.907079][T12026] bridge5: port 1(ip6gretap1) entered blocking state [ 532.913895][T12026] bridge5: port 1(ip6gretap1) entered disabled state [ 532.926742][T12026] device ip6gretap1 entered promiscuous mode [ 532.952164][T12026] device veth5 entered promiscuous mode [ 532.963173][T12026] bridge5: port 2(veth5) entered blocking state [ 532.973883][T12026] bridge5: port 2(veth5) entered disabled state [ 533.138126][T12032] loop6: detected capacity change from 0 to 164 [ 533.669822][T12052] tipc: Enabling of bearer rejected, already enabled [ 534.062272][T12062] tipc: Enabling of bearer rejected, already enabled [ 534.967078][T12091] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 535.006082][T12091] Cannot find add_set index 4 as target [ 536.133306][T12113] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2494'. [ 536.200850][T12116] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2495'. [ 536.304139][T12121] tipc: Enabling of bearer rejected, already enabled [ 536.473235][T12129] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.482648][T12129] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.491545][T12129] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.500518][T12129] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.509307][T12129] netdevsim netdevsim5 netdevsim4: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.519032][T12129] netdevsim netdevsim5 netdevsim5: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.527814][T12129] netdevsim netdevsim5 netdevsim6: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.536602][T12129] netdevsim netdevsim5 netdevsim7: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.545311][T12129] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.553547][T12129] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.561788][T12129] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 536.570033][T12129] netdevsim netdevsim0 eth4: set [0, 0] type 1 family 0 port 8472 - 0 [ 538.423390][T12176] tipc: Enabling of bearer rejected, already enabled [ 540.320517][T12223] tipc: Enabling of bearer rejected, already enabled [ 541.457526][T12232] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2529'. [ 541.774393][T12244] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2534'. [ 542.049150][T12259] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2538'. [ 542.093032][T12262] tipc: Enabling of bearer rejected, already enabled [ 542.830816][T12276] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2545'. [ 542.865932][T12276] device gretap0 entered promiscuous mode [ 542.875636][T12276] device macsec1 entered promiscuous mode [ 542.969522][T12285] device pim6reg1 entered promiscuous mode [ 544.945415][T12297] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2554'. [ 544.953448][T12296] netlink: 68 bytes leftover after parsing attributes in process `syz.6.2553'. [ 544.954932][T12297] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2554'. [ 545.005437][T12297] device dummy0 entered promiscuous mode [ 545.012546][T12297] device team0 entered promiscuous mode [ 545.018992][T12297] device team_slave_0 entered promiscuous mode [ 545.026382][T12297] device team_slave_1 entered promiscuous mode [ 545.036002][T12297] hsr1: Slave A (dummy0) is not up; please bring it up to get a fully working HSR network [ 545.046212][T12297] hsr1: Slave B (team0) is not up; please bring it up to get a fully working HSR network [ 545.061779][T12299] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2555'. [ 545.317075][T12312] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2561'. [ 545.340703][T12312] device bond_slave_0 entered promiscuous mode [ 545.346947][T12312] device bond_slave_1 entered promiscuous mode [ 545.362866][T12312] device macvtap1 entered promiscuous mode [ 545.371848][T12312] device bond0 entered promiscuous mode [ 545.384168][T12312] device bridge_slave_1 entered promiscuous mode [ 545.393122][T12312] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 545.416724][T12315] device bond0 left promiscuous mode [ 545.429169][T12319] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2564'. [ 545.438576][T12315] device bridge_slave_1 left promiscuous mode [ 545.445363][T12315] device bond_slave_0 left promiscuous mode [ 545.452088][T12315] device bond_slave_1 left promiscuous mode [ 545.668978][T12320] device pim6reg1 entered promiscuous mode [ 547.195822][T12347] __nla_validate_parse: 1 callbacks suppressed [ 547.195837][T12347] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2574'. [ 548.363425][T12358] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2577'. [ 548.738297][T12377] device pim6reg1 entered promiscuous mode [ 550.633597][T12382] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2588'. [ 551.021665][T12405] tipc: Enabling of bearer rejected, already enabled [ 551.186834][T12414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2597'. [ 551.582083][T12427] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2601'. [ 552.016282][T12439] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2606'. [ 552.480895][T12453] tipc: Enabling of bearer rejected, already enabled [ 552.580980][T12456] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2612'. [ 553.665017][T12481] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2623'. [ 554.128497][T12497] bridge0: port 2(erspan0) entered blocking state [ 554.135409][T12497] bridge0: port 2(erspan0) entered disabled state [ 554.149287][T12497] device erspan0 entered promiscuous mode [ 554.159883][T12497] device erspan0 left promiscuous mode [ 554.166858][T12497] bridge0: port 2(erspan0) entered disabled state [ 554.759708][T12516] 8021q: VLANs not supported on wpan0 [ 555.737517][T12542] tipc: Enabling of bearer rejected, already enabled [ 556.105804][T12547] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2637'. [ 556.755145][T12577] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2651'. [ 556.767200][T12577] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2651'. [ 556.780078][T12577] device bond0 entered promiscuous mode [ 556.785821][T12577] device bond_slave_0 entered promiscuous mode [ 556.792199][T12577] device bond_slave_1 entered promiscuous mode [ 556.799815][T12577] device bridge0 entered promiscuous mode [ 556.806381][T12577] hsr2: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 556.816334][T12577] hsr2: Slave B (bridge0) is not up; please bring it up to get a fully working HSR network [ 557.853379][T12609] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2665'. [ 559.236829][T12642] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2676'. [ 559.379621][T12648] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2680'. [ 559.994215][T12672] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2689'. [ 560.532630][T12685] IPVS: ovf: UDP 224.0.0.2:20004 - no destination available [ 560.957799][T12702] device pim6reg1 entered promiscuous mode [ 562.543600][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.556522][ C1] aoe: error packet from 65535.255@gre0; ecode=255 'no such error' [ 563.048654][T12719] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2705'. [ 563.163045][T12725] bridge0: port 2(erspan0) entered blocking state [ 563.169814][T12725] bridge0: port 2(erspan0) entered disabled state [ 563.177929][T12725] device erspan0 entered promiscuous mode [ 563.184057][T12725] bridge0: port 2(erspan0) entered blocking state [ 563.190607][T12725] bridge0: port 2(erspan0) entered forwarding state [ 563.319439][T12733] device pim6reg1 entered promiscuous mode [ 565.753339][T12765] device pim6reg1 entered promiscuous mode [ 567.826091][T12787] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2732'. [ 568.075156][T12794] lo speed is unknown, defaulting to 1000 [ 568.097055][T12794] lo speed is unknown, defaulting to 1000 [ 568.116242][T12794] lo speed is unknown, defaulting to 1000 [ 568.372281][T12794] infiniband sz1: set active [ 568.377161][ T7] lo speed is unknown, defaulting to 1000 [ 568.386421][T12794] infiniband sz1: added lo [ 568.412279][T12794] RDS/IB: sz1: added [ 568.416951][T12794] smc: adding ib device sz1 with port count 1 [ 568.423175][T12794] smc: ib device sz1 port 1 has pnetid [ 568.429241][ T7] lo speed is unknown, defaulting to 1000 [ 568.435673][T12794] lo speed is unknown, defaulting to 1000 [ 568.535754][T12794] lo speed is unknown, defaulting to 1000 [ 568.719216][T12794] lo speed is unknown, defaulting to 1000 [ 568.885315][T12794] lo speed is unknown, defaulting to 1000 [ 569.775132][T12854] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2762'. [ 570.431051][T12882] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2773'. [ 571.019059][T12893] tipc: Enabling of bearer rejected, already enabled [ 571.928152][T12915] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2782'. [ 572.906420][T12937] tipc: Enabling of bearer rejected, already enabled [ 574.304848][T12995] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2814'. [ 574.424046][T13000] netlink: 'syz.5.2816': attribute type 10 has an invalid length. [ 574.601708][T13004] tipc: Enabling of bearer rejected, already enabled [ 574.984196][T13017] lo speed is unknown, defaulting to 1000 [ 575.002791][T13018] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2823'. [ 575.033972][T13018] netlink: 'syz.5.2823': attribute type 21 has an invalid length. [ 575.053975][T13018] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2823'. [ 575.084812][T13018] netlink: 'syz.5.2823': attribute type 13 has an invalid length. [ 575.127377][T13018] netlink: 'syz.5.2823': attribute type 17 has an invalid length. [ 575.176124][T13018] infiniband sz1: set active [ 575.202681][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): eql: link becomes ready [ 575.372119][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): wpan0: link becomes ready [ 575.400865][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): nr1: link becomes ready [ 575.408882][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): nr2: link becomes ready [ 575.417577][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): nr3: link becomes ready [ 575.425268][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): nr4: link becomes ready [ 575.433059][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): nr5: link becomes ready [ 575.441860][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): nr6: link becomes ready [ 575.459095][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): lapb0: link becomes ready [ 575.467543][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): lapb1: link becomes ready [ 575.475955][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): lapb2: link becomes ready [ 575.483895][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): lapb3: link becomes ready [ 575.514254][T13018] IPv6: ADDRCONF(NETDEV_CHANGE): batadv0: link becomes ready [ 575.615800][ T4316] lo speed is unknown, defaulting to 1000 [ 575.878527][T13038] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2830'. [ 576.409213][T13061] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2838'. [ 576.992681][T13066] tipc: Enabling of bearer rejected, already enabled [ 577.258929][ T27] INFO: task kworker/0:2:125 blocked for more than 143 seconds. [ 577.300779][ T27] Not tainted 6.1.141-syzkaller #0 [ 577.346506][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 577.356493][ T27] task:kworker/0:2 state:D stack:24416 pid:125 ppid:2 flags:0x00004000 [ 577.365787][ T27] Workqueue: events rfkill_global_led_trigger_worker [ 577.372506][ T27] Call Trace: [ 577.375839][ T27] [ 577.378793][ T27] __schedule+0x10e9/0x40d0 [ 577.383347][ T27] ? release_firmware_map_entry+0x18a/0x18a [ 577.389316][ T27] ? __mutex_trylock_common+0x80/0x250 [ 577.394800][ T27] ? lockdep_hardirqs_on+0x94/0x140 [ 577.400053][ T27] schedule+0xb9/0x180 [ 577.404136][ T27] schedule_preempt_disabled+0xf/0x20 [ 577.409562][ T27] __mutex_lock+0x555/0xaf0 [ 577.414085][ T27] ? __mutex_lock+0x3a5/0xaf0 [ 577.435519][ T27] ? rfkill_global_led_trigger_worker+0x23/0xc0 [ 577.485545][ T27] ? mutex_lock_nested+0x10/0x10 [ 577.490595][ T27] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 577.496893][ T27] ? read_lock_is_recursive+0x10/0x10 [ 577.502408][ T27] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 577.508460][ T27] ? _raw_spin_unlock+0x40/0x40 [ 577.513421][ T27] rfkill_global_led_trigger_worker+0x23/0xc0 [ 577.519756][ T27] ? process_one_work+0x7a1/0x1160 [ 577.529369][ T27] process_one_work+0x898/0x1160 [ 577.537559][ T27] ? worker_detach_from_pool+0x240/0x240 [ 577.543311][ T27] ? _raw_spin_lock_irq+0xab/0xe0 [ 577.550571][ T27] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 577.556142][ T27] ? kthread_data+0x4b/0xc0 [ 577.560739][ T27] worker_thread+0xaa2/0x1250 [ 577.565522][ T27] ? _raw_spin_unlock_irqrestore+0xa5/0x100 [ 577.571512][ T27] ? __kthread_parkme+0x162/0x1c0 [ 577.577876][ T27] kthread+0x29d/0x330 [ 577.586500][ T27] ? worker_clr_flags+0x1a0/0x1a0 [ 577.591703][ T27] ? kthread_blkcg+0xd0/0xd0 [ 577.599279][ T27] ret_from_fork+0x1f/0x30 [ 577.603812][ T27] [ 577.610101][ T27] INFO: task syz.4.1832:10109 blocked for more than 143 seconds. [ 577.617859][ T27] Not tainted 6.1.141-syzkaller #0 [ 577.623487][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 577.632270][ T27] task:syz.4.1832 state:D stack:24416 pid:10109 ppid:4260 flags:0x00004004 [ 577.641510][ T27] Call Trace: [ 577.644778][ T27] [ 577.647763][ T27] __schedule+0x10e9/0x40d0 [ 577.652293][ T27] ? release_firmware_map_entry+0x18a/0x18a [ 577.658971][ T27] ? __mutex_trylock_common+0x80/0x250 [ 577.664446][ T27] ? trace_raw_output_contention_end+0xd0/0xd0 [ 577.670780][ T27] schedule+0xb9/0x180 [ 577.674868][ T27] schedule_preempt_disabled+0xf/0x20 [ 577.680277][ T27] __mutex_lock+0x555/0xaf0 [ 577.684778][ T27] ? __mutex_lock+0x3a5/0xaf0 [ 577.689524][ T27] ? nfc_rfkill_set_block+0x4c/0x2d0 [ 577.694829][ T27] ? mutex_lock_nested+0x10/0x10 [ 577.699824][ T27] ? lockdep_hardirqs_on+0x94/0x140 [ 577.705013][ T27] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 577.710929][ T27] ? _raw_spin_unlock+0x40/0x40 [ 577.715837][ T27] ? nfc_unregister_device+0x290/0x290 [ 577.721301][ T27] nfc_rfkill_set_block+0x4c/0x2d0 [ 577.726450][ T27] ? nfc_unregister_device+0x290/0x290 [ 577.731917][ T27] rfkill_set_block+0x1c6/0x420 [ 577.736801][ T27] rfkill_fop_write+0x458/0x560 [ 577.741645][ T27] ? rfkill_fop_read+0x4b0/0x4b0 [ 577.746629][ T27] ? common_file_perm+0xa0/0x1c0 [ 577.751575][ T27] ? fsnotify_perm+0x5a/0x550 [ 577.756292][ T27] ? security_file_permission+0x75/0xa0 [ 577.761850][ T27] ? rfkill_fop_read+0x4b0/0x4b0 [ 577.766844][ T27] vfs_write+0x2c4/0x960 [ 577.771106][ T27] ? file_end_write+0x250/0x250 [ 577.777406][ T27] ? __fget_files+0x28/0x4d0 [ 577.782024][ T27] ? __fget_files+0x44a/0x4d0 [ 577.786755][ T27] ? __fdget_pos+0x1d4/0x360 [ 577.791359][ T27] ? ksys_write+0x71/0x240 [ 577.795795][ T27] ksys_write+0x143/0x240 [ 577.800116][ T27] ? __ia32_sys_read+0x80/0x80 [ 577.804878][ T27] ? lockdep_hardirqs_on+0x94/0x140 [ 577.810155][ T27] do_syscall_64+0x4c/0xa0 [ 577.814584][ T27] ? clear_bhb_loop+0x60/0xb0 [ 577.819307][ T27] ? clear_bhb_loop+0x60/0xb0 [ 577.823982][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 577.829906][ T27] RIP: 0033:0x7fd68598e929 [ 577.834327][ T27] RSP: 002b:00007fd686890038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 577.842764][ T27] RAX: ffffffffffffffda RBX: 00007fd685bb5fa0 RCX: 00007fd68598e929 [ 577.850758][ T27] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000003 [ 577.858779][ T27] RBP: 00007fd685a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 577.866848][ T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 577.874827][ T27] R13: 0000000000000000 R14: 00007fd685bb5fa0 R15: 00007ffd835f1d58 [ 577.882830][ T27] [ 577.886791][ T27] INFO: task syz.3.1834:10114 blocked for more than 143 seconds. [ 577.894513][ T27] Not tainted 6.1.141-syzkaller #0 [ 577.900843][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 577.909558][ T27] task:syz.3.1834 state:D stack:26240 pid:10114 ppid:4262 flags:0x00004004 [ 577.918841][ T27] Call Trace: [ 577.922124][ T27] [ 577.925047][ T27] __schedule+0x10e9/0x40d0 [ 577.929617][ T27] ? release_firmware_map_entry+0x18a/0x18a [ 577.935573][ T27] ? __mutex_trylock_common+0x80/0x250 [ 577.941049][ T27] ? trace_raw_output_contention_end+0xd0/0xd0 [ 577.947228][ T27] schedule+0xb9/0x180 [ 577.951291][ T27] schedule_preempt_disabled+0xf/0x20 [ 577.956835][ T27] __mutex_lock+0x555/0xaf0 [ 577.961348][ T27] ? __mutex_lock+0x3a5/0xaf0 [ 577.966101][ T27] ? rfkill_unregister+0xc4/0x220 [ 577.971131][ T27] ? mutex_lock_nested+0x10/0x10 [ 577.976113][ T27] ? kill_device+0x160/0x160 [ 577.980719][ T27] ? nfc_genl_device_removed+0x22a/0x310 [ 577.986409][ T27] ? nfc_genl_setup_device_added+0x310/0x310 [ 577.992395][ T27] ? _raw_spin_unlock_irq+0x1f/0x40 [ 577.997979][ T27] rfkill_unregister+0xc4/0x220 [ 578.002885][ T27] nfc_unregister_device+0x92/0x290 [ 578.008918][ T27] ? virtual_ncidev_open+0xc0/0xc0 [ 578.014043][ T27] virtual_ncidev_close+0x55/0x90 [ 578.019089][ T27] __fput+0x22c/0x920 [ 578.023079][ T27] task_work_run+0x1ca/0x250 [ 578.027763][ T27] ? task_work_cancel+0x230/0x230 [ 578.032807][ T27] ? __close_range+0x1c5/0x730 [ 578.037681][ T27] ? exit_to_user_mode_loop+0x3b/0x110 [ 578.043163][ T27] exit_to_user_mode_loop+0xe6/0x110 [ 578.048505][ T27] exit_to_user_mode_prepare+0xb1/0x140 [ 578.054081][ T27] syscall_exit_to_user_mode+0x16/0x40 [ 578.059586][ T27] do_syscall_64+0x58/0xa0 [ 578.064019][ T27] ? clear_bhb_loop+0x60/0xb0 [ 578.068762][ T27] ? clear_bhb_loop+0x60/0xb0 [ 578.073463][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 578.079385][ T27] RIP: 0033:0x7f3ca538e929 [ 578.083790][ T27] RSP: 002b:00007fffae06a0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 578.092232][ T27] RAX: 0000000000000000 RBX: 00007f3ca55b7ba0 RCX: 00007f3ca538e929 [ 578.100245][ T27] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 578.108356][ T27] RBP: 00007f3ca55b7ba0 R08: 00000000000000cc R09: 00000006ae06a3bf [ 578.118286][ T27] R10: 00000000003ffd10 R11: 0000000000000246 R12: 000000000006781f [ 578.126514][ T27] R13: 00007f3ca55b6080 R14: ffffffffffffffff R15: 00007fffae06a1e0 [ 578.134510][ T27] [ 578.137577][ T27] [ 578.137577][ T27] Showing all locks held in the system: [ 578.145315][ T27] 1 lock held by rcu_tasks_kthre/12: [ 578.152969][ T27] #0: ffffffff8c92b430 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 578.163463][ T27] 1 lock held by rcu_tasks_trace/13: [ 578.168812][ T27] #0: ffffffff8c92bc50 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 578.179843][ T27] 1 lock held by khungtaskd/27: [ 578.184772][ T27] #0: ffffffff8c92aaa0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 578.194654][ T27] 3 locks held by kworker/0:2/125: [ 578.199793][ T27] #0: ffff888017470938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160 [ 578.210213][ T27] #1: ffffc9000256fd00 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160 [ 578.223223][ T27] #2: ffffffff8ddefc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x23/0xc0 [ 578.235236][ T27] 2 locks held by getty/4016: [ 578.240116][ T27] #0: ffff88814d43f098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 578.250084][ T27] #1: ffffc9000326b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41b/0x1380 [ 578.260266][ T27] 2 locks held by syz.4.1832/10109: [ 578.265517][ T27] #0: ffffffff8ddefc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x19e/0x560 [ 578.275685][ T27] #1: ffff888055173100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x4c/0x2d0 [ 578.285339][ T27] 2 locks held by syz.3.1834/10114: [ 578.290567][ T27] #0: ffff888055173100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x5f/0x290 [ 578.300355][ T27] #1: ffffffff8ddefc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xc4/0x220 [ 578.310523][ T27] 2 locks held by syz-executor/10411: [ 578.315950][ T27] #0: ffff8880302b5118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x740 [ 578.326132][ T27] #1: ffffffff8ddefc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x33/0x8a0 [ 578.336129][ T27] 2 locks held by syz-executor/10413: [ 578.341497][ T27] #0: ffff88807d9ed918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x740 [ 578.351577][ T27] #1: ffffffff8ddefc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x33/0x8a0 [ 578.361599][ T27] 2 locks held by syz-executor/11355: [ 578.368937][ T27] #0: ffff88804e2ec918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x740 [ 578.384567][ T27] #1: ffffffff8ddefc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x33/0x8a0 [ 578.394702][ T27] 2 locks held by syz-executor/11356: [ 578.400118][ T27] #0: ffff88804e2ee118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x740 [ 578.410190][ T27] #1: ffffffff8ddefc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x33/0x8a0 [ 578.420198][ T27] 2 locks held by syz-executor/12628: [ 578.425620][ T27] #0: ffff888056de7918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x740 [ 578.435815][ T27] #1: ffffffff8ddefc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x33/0x8a0 [ 578.445802][ T27] 2 locks held by syz-executor/12651: [ 578.451170][ T27] #0: ffff88805ca59918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x740 [ 578.461463][ T27] #1: ffffffff8ddefc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x33/0x8a0 [ 578.471464][ T27] [ 578.473788][ T27] ============================================= [ 578.473788][ T27] [ 578.482275][ T27] NMI backtrace for cpu 1 [ 578.486612][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.141-syzkaller #0 [ 578.494505][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 578.504548][ T27] Call Trace: [ 578.507821][ T27] [ 578.510744][ T27] dump_stack_lvl+0x168/0x22e [ 578.515418][ T27] ? show_regs_print_info+0x12/0x12 [ 578.520619][ T27] ? load_image+0x3b0/0x3b0 [ 578.525114][ T27] ? vprintk_emit+0x571/0x680 [ 578.529787][ T27] ? printk_sprint+0x460/0x460 [ 578.534574][ T27] nmi_cpu_backtrace+0x3f4/0x470 [ 578.539526][ T27] ? nmi_trigger_cpumask_backtrace+0x450/0x450 [ 578.545678][ T27] ? _printk+0xcc/0x110 [ 578.549824][ T27] ? load_image+0x3b0/0x3b0 [ 578.554320][ T27] ? load_image+0x3b0/0x3b0 [ 578.558842][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 578.564903][ T27] nmi_trigger_cpumask_backtrace+0x1d4/0x450 [ 578.570916][ T27] watchdog+0xeee/0xf30 [ 578.575068][ T27] ? watchdog+0x1ed/0xf30 [ 578.579394][ T27] kthread+0x29d/0x330 [ 578.583458][ T27] ? hungtask_pm_notify+0x40/0x40 [ 578.588480][ T27] ? kthread_blkcg+0xd0/0xd0 [ 578.593084][ T27] ret_from_fork+0x1f/0x30 [ 578.597516][ T27] [ 578.600888][ T27] Sending NMI from CPU 1 to CPUs 0: [ 578.606141][ C0] NMI backtrace for cpu 0 skipped: idling at default_idle+0xb/0x10 [ 578.614451][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 578.629156][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.141-syzkaller #0 [ 578.637032][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 578.647069][ T27] Call Trace: [ 578.650336][ T27] [ 578.653258][ T27] dump_stack_lvl+0x168/0x22e [ 578.657951][ T27] ? memcpy+0x3c/0x60 [ 578.661953][ T27] ? show_regs_print_info+0x12/0x12 [ 578.667148][ T27] ? load_image+0x3b0/0x3b0 [ 578.671648][ T27] panic+0x2c9/0x710 [ 578.675535][ T27] ? schedule_preempt_disabled+0x20/0x20 [ 578.681197][ T27] ? bpf_jit_dump+0xd0/0xd0 [ 578.685706][ T27] ? __irq_work_queue_local+0x12c/0x190 [ 578.691254][ T27] ? nmi_trigger_cpumask_backtrace+0x35b/0x450 [ 578.697404][ T27] ? nmi_trigger_cpumask_backtrace+0x360/0x450 [ 578.703556][ T27] watchdog+0xf2d/0xf30 [ 578.707708][ T27] ? watchdog+0x1ed/0xf30 [ 578.712035][ T27] kthread+0x29d/0x330 [ 578.716103][ T27] ? hungtask_pm_notify+0x40/0x40 [ 578.721131][ T27] ? kthread_blkcg+0xd0/0xd0 [ 578.725713][ T27] ret_from_fork+0x1f/0x30 [ 578.730126][ T27] [ 578.733428][ T27] Kernel Offset: disabled [ 578.737752][ T27] Rebooting in 86400 seconds..