last executing test programs: 3.937416482s ago: executing program 1 (id=1660): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NFQNL_MSG_VERDICT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x14, 0x3, 0x3, 0x5, 0x0, 0x0, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4894}, 0x0) getsockname$packet(r2, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=@newlink={0x50, 0x10, 0x437, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r3, 0x30c9}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x5}, @IFLA_GRE_ENCAP_LIMIT={0x5, 0xb, 0x2}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x2368}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x50}}, 0x0) sendmmsg$inet(r0, &(0x7f00000008c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @remote}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty, @empty}}}], 0x20}}], 0x1, 0x0) 3.657017353s ago: executing program 1 (id=1664): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x9, 0x6, @local}, 0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0x0) sendto$inet6(r3, &(0x7f0000000200), 0x0, 0x8840, &(0x7f0000000040)={0xa, 0x4e21, 0x1, @mcast1, 0x3}, 0x1c) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x32822}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x4c}}, 0x4080) 3.034568386s ago: executing program 1 (id=1673): socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_udplite(0xa, 0x2, 0x88) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="8580f83288e1", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x1, 0x5, 0x1c, 0x67, 0x0, 0x0, 0x2, 0x0, @private=0xa010102, @multicast1}, {0x11, 0x81, 0x0, @multicast1}}}}}, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000001a00)=ANY=[@ANYBLOB="13100000120091ef"], 0xfe33) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r1, 0x84, 0x24, 0x0, &(0x7f0000000000)) r2 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_msfilter(r2, 0x0, 0x23, &(0x7f0000004b00)=ANY=[@ANYBLOB="e0000808ac1414aa"], 0x10) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) 2.850993156s ago: executing program 1 (id=1680): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="20061700"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)=ANY=[@ANYBLOB="1c0000001400010000000000000000c903000080080002"], 0x1c}], 0x1}, 0x0) 2.425708589s ago: executing program 2 (id=1686): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x1, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) sendmmsg$inet(r0, &(0x7f0000003440)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000100)="7e08f45960e825e6b5094ad4945b172227501d247d75b4bd1becdef54c911235ed986c50877ff2128971995cd003ea4cb3472c005eec0c9d56c895b79ea163372adfa60656d5adf08f022cdda614a0879fea89f9ae78753c607d883f70e4", 0x5e}, {&(0x7f0000000180)="cd78e889a5f7a21394dbbf5e61ed2a076e9972f75972695a04eb1821ca82b9c747b59ddda5c6aebc1f77103bc25b30fd60271c5e64e858f1c9da0eb5695bd70048a3bd8341d6c82ebbd5cfa3242fa26245b6aae229304937312a619459622fbe24f96e2a720a10a114135d", 0x6b}, {0x0}], 0x3}}, {{0x0, 0x0, &(0x7f0000002980)}}], 0x2, 0x4) sendto$inet(r0, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93) 2.282695219s ago: executing program 3 (id=1689): r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 2.2255321s ago: executing program 3 (id=1690): syz_usb_connect(0x0, 0x24, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0) syz_usb_connect$cdc_ecm(0x4, 0x56, &(0x7f0000000080)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x44, 0x1, 0x1, 0x9, 0x20, 0x2, [{{0x9, 0x4, 0x0, 0x7, 0x2, 0x2, 0x6, 0x0, 0x95, {{0x5}, {0x5, 0x24, 0x0, 0x5}, {0xd, 0x24, 0xf, 0x1, 0xe8, 0xff, 0x1}}, {[{{0x9, 0x5, 0x81, 0x3, 0x400, 0xb, 0x0, 0x6}}], {{0x9, 0x5, 0x82, 0x2, 0x8, 0x9, 0x9, 0x7}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0xfb, 0xa6, 0x2}}}}}]}}]}}, &(0x7f0000000280)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x250, 0x1e, 0x3a, 0x7, 0x8, 0x7}, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="077a050000"], 0x4, [{0x2b, &(0x7f0000000140)=@string={0x2b, 0x3, "fd4d01ae7072a6be505b99b25e3a17d66bc4cb5e614a75b5068ff107cc5ddb3ae27208f6198c2c3a69"}}, {0x7b, &(0x7f0000000180)=@string={0x7b, 0x3, "267b3a52492ca4b9428d47cf62a72438983074f8e34c4f0e45497e4bd37243225f4b17b15907c770042deaf82c67d3b80d7156c36767d927c4051b1a0e9107dbbfdafbc13b4a10ea12e197fcd1393ab405a7af1935f9f89bf346d5a17d9fbd2d86cd5e721c3c039657c036d5566e6fed2d911ab644969a8237"}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x443}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0xb0be}}]}) r0 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x8, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x2, @pix={0x2, 0x2, 0x3132564e, 0x6, 0x7, 0x40, 0xb, 0x9, 0x0, 0x7, 0x1, 0x2}}) 1.782262012s ago: executing program 4 (id=1698): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) chdir(&(0x7f0000000140)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0) 1.682701792s ago: executing program 4 (id=1699): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000140)=@RTM_DELMDB={0x38, 0x54, 0x93d, 0x0, 0x0, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x0, 0x3, 0x0, {@ip4=@local, 0x86dd}}}]}, 0x38}}, 0x0) 1.669478222s ago: executing program 4 (id=1700): r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.623825123s ago: executing program 4 (id=1701): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000014c0)=@newtfilter={0x88c, 0x2c, 0xd27, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x0, 0xfff4}, {}, {0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0x860, 0x2, [@TCA_U32_POLICE={0x85c, 0x6, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0x2, 0x7, 0x3, 0xa0d, 0x5, 0x800, 0xd, 0x3ff, 0x1135, 0xffffff0c, 0x4, 0x8, 0xf9dd, 0x2, 0x4f3, 0xcf, 0x3, 0xfff, 0x5, 0x7, 0x6, 0x9f, 0x8, 0x6, 0xb, 0x9, 0x2, 0xffff, 0x2, 0x3, 0x0, 0x4, 0x7ff, 0x4, 0x100, 0xfffffff9, 0x3, 0x5, 0xa741, 0x7, 0xad91, 0x9, 0x0, 0x400, 0xffffffff, 0xd89, 0x6, 0x5, 0x4, 0x2, 0x0, 0x0, 0x7573, 0x0, 0x100, 0xe6, 0x1ff, 0x5, 0x6d9c, 0x4, 0x7455, 0x494, 0xd, 0x8, 0x1, 0x100, 0x8000, 0x8, 0x10000, 0x7f, 0xffffffff, 0x4, 0x2, 0x7fff, 0x9, 0xa3, 0x727, 0x9, 0x46b, 0x7f, 0x1, 0x88, 0x10001, 0x3, 0x5, 0x1, 0xfffffff8, 0x8000, 0x4, 0x3, 0x9, 0x8000, 0xb991, 0xad60, 0xfffffbff, 0x0, 0x8000000, 0x1ff, 0x0, 0x0, 0x81, 0x7, 0x8, 0xffffffff, 0x9, 0xf, 0x3, 0x800, 0x2, 0xd, 0xc, 0x9, 0x9, 0x5, 0x7, 0x0, 0x4, 0xc6c, 0xfffff001, 0x39, 0x7, 0x81, 0xff, 0x8001, 0x8, 0x0, 0x12000, 0xf, 0x1ff, 0x7, 0x8, 0xd8, 0x0, 0x6, 0xff, 0xffffffff, 0x6, 0x6, 0x1c9, 0x2, 0x2, 0x5, 0x4, 0x3, 0x6, 0xd0, 0xb, 0x3, 0x1, 0xda22, 0xe1, 0xfffffffa, 0x10, 0x8000, 0xd77, 0x8, 0xb11, 0xffffffff, 0x9, 0x2, 0x9, 0x5, 0x9, 0xe70e, 0x47f, 0x0, 0x7, 0x40, 0x5, 0x7fb, 0xfffffffb, 0x9, 0x800, 0x0, 0x4, 0xf, 0x43000000, 0xffffffff, 0x0, 0xfffff001, 0x2, 0x4, 0x0, 0x3, 0x4, 0x6, 0xd, 0xd9dd, 0xc, 0x5, 0x7, 0x7ff, 0x2f3, 0x8, 0x100, 0x1000, 0x800, 0x9, 0x8, 0x6, 0x800, 0x7, 0x3, 0x400, 0x97c, 0x4, 0x42e, 0x6, 0x6, 0x80000001, 0x0, 0xfee, 0x8001, 0x4, 0x1ff, 0xff, 0xf49, 0x40, 0x7, 0x6, 0x10001, 0xffffffff, 0xffff, 0x9, 0x7, 0x80000001, 0x5, 0x5, 0x0, 0x5, 0x2, 0x7, 0xfffffffb, 0x43805fb8, 0x1, 0x6, 0x9, 0x0, 0x4, 0x6, 0x6, 0x0, 0x3e, 0x406, 0x7ff, 0x1000, 0x6, 0x5, 0x8, 0x8, 0x3, 0xcc19, 0x946d, 0x6, 0x80000000]}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8000, 0x20000000, 0x2, 0xd87, 0xad, {0x9, 0x0, 0x5, 0xa, 0x11, 0x6a75}, {0xb, 0x0, 0x0, 0x5, 0x2, 0x81}, 0x6, 0x7ff}}, @TCA_POLICE_RESULT={0x8, 0x5, 0x9}, @TCA_POLICE_RATE={0x404, 0x2, [0x7fffffff, 0x5, 0x3ff, 0xfffffff8, 0x3, 0x44, 0x7f, 0x8001, 0x3, 0x4, 0x2, 0x9, 0xfff, 0x800, 0x401, 0x9d4, 0xfffffffd, 0x9a, 0x2, 0x6, 0x81, 0x7aa2, 0x6, 0x0, 0x4, 0x6608f6d6, 0x2, 0x1, 0x401, 0x9, 0x7, 0x0, 0x8000, 0x7, 0x0, 0x200, 0xffffff00, 0x1, 0x6, 0x1, 0x5000000, 0x1000, 0x31, 0x80000001, 0x1, 0xc574, 0x9, 0x9, 0xfb71, 0x400, 0x5, 0x7f, 0x8, 0xf6b33e1, 0x4, 0x6, 0xb41, 0x6, 0x9, 0x0, 0x5, 0x2, 0xffff6659, 0xfffffffc, 0x80000000, 0x2, 0x10000, 0xfffffffa, 0x5, 0x9, 0x7fffffff, 0x0, 0x7000, 0x0, 0x4, 0x5, 0x8, 0x633b, 0x4, 0xfffffff8, 0x3, 0x3, 0x51d, 0x8000, 0x2, 0x7, 0x0, 0x796715d5, 0x604, 0xfffffff8, 0x9, 0x4, 0xfffffffe, 0x200, 0x507bee0, 0x9, 0xf, 0x6, 0xd, 0xad000000, 0x7fff, 0xd, 0x4, 0x7, 0x2, 0x800, 0x20000000, 0x2, 0xffff, 0x8, 0x33b, 0xbe3d, 0x5, 0x1ff, 0x92d, 0x10000, 0x5, 0x0, 0x10001, 0x10000, 0x0, 0x5, 0x856, 0x8000, 0xf, 0x2, 0x6f17, 0x4, 0x2, 0x6, 0xab63, 0x1, 0x9, 0x1, 0x3ff, 0xa, 0x7, 0x499, 0x0, 0x460d, 0x85, 0x800, 0x9, 0x2, 0x9, 0x1, 0x45, 0x9, 0x8, 0x8000, 0x7, 0x3, 0xcc, 0x9, 0xfffff54e, 0x2, 0x7, 0x6, 0xcc, 0xffffffff, 0x1000, 0x10000, 0x400, 0x9, 0x5, 0xfffffff2, 0xffff, 0xfffff268, 0xffff, 0x5, 0x1, 0x3ff, 0x0, 0xa, 0x7, 0x0, 0x4, 0x9, 0x7, 0x2, 0x2, 0x9, 0x4fd, 0xe, 0x0, 0x4, 0x3, 0x74f8, 0x20000000, 0xc, 0x85, 0x3, 0x8, 0x80000001, 0xf9, 0x8, 0x8, 0x9, 0x0, 0x3, 0xda0, 0x6, 0x1, 0xfffffffe, 0x80, 0xecc, 0x8, 0xc, 0x6, 0x0, 0x1, 0x7ff, 0xcd3, 0x7, 0x10000, 0x7, 0x400, 0x3, 0x401, 0x5b, 0x8, 0x1, 0x0, 0x7ff, 0x9, 0x4, 0x0, 0x9, 0x3, 0x0, 0xad4e, 0x6, 0x8, 0x3, 0xffff30f4, 0x1, 0x2, 0x100, 0x46, 0x3, 0x86, 0x5, 0x4, 0x8, 0xffff8001, 0x4, 0x6, 0x3, 0xfff, 0x6, 0x81, 0xffffff4e, 0x1, 0x9, 0xead, 0x3]}]}]}}]}, 0x88c}, 0x1, 0x0, 0x0, 0x1}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.542640523s ago: executing program 4 (id=1702): unshare(0x68060200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x8031, 0xffffffffffffffff, 0x1000) syz_emit_ethernet(0x21, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x10000800) 1.542396383s ago: executing program 2 (id=1703): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000200)="0fb1c466b9a00d00000f320f20d86635080000000f22d865cc66b9be0b00000f3266b9800000c00f326635000800000f3067f081630d0300baf80c66b86ac9058d66efbafc0cec670f00d1d3e3", 0x4d}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.226784634s ago: executing program 0 (id=1707): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r0}, 0x0, 0x0}, 0x20) 1.119286395s ago: executing program 0 (id=1708): writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000340)="8a226ff432407a7f5fd09590d734f795e12e57ce9fed3f0300eb6368ed559a85603b0080", 0x24}], 0x2) r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x1, 0x0, 0x0, 0xffffffff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b36, &(0x7f0000000000)={'wlan0\x00'}) 1.014620736s ago: executing program 0 (id=1709): symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000000)='./file0\x00') mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, 0x0) 988.843675ms ago: executing program 0 (id=1710): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4e20, @remote}, 0x10, 0x0}, 0x3000d041) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f740805ed08a56231dbf9ed7815e3802000000033a0093b837dc6cc01e32efaec8c7a6ec08200800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) 807.037066ms ago: executing program 0 (id=1711): ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x3, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x4, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) syz_emit_ethernet(0x1b0, &(0x7f0000000c00)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000186dd698fbc7f017a21"], 0x0) 714.565707ms ago: executing program 1 (id=1712): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000400)) socket$nl_netfilter(0x10, 0x3, 0xc) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1, 0x0, 0x0, 0x44}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000000)=0x7ff, 0x4) setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x20, 0x8f, 0x2, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x4}, 0xe) r3 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000020c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0xf}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_IIF={0x6, 0x4, r4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44}, 0x24000000) sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0) 617.088947ms ago: executing program 1 (id=1713): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000140), 0x4240a2ca) 519.272827ms ago: executing program 0 (id=1714): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x1, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) sendmmsg$inet(r0, &(0x7f0000003440)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000100)="7e08f45960e825e6b5094ad4945b172227501d247d75b4bd1becdef54c911235ed986c50877ff2128971995cd003ea4cb3472c005eec0c9d56c895b79ea163372adfa60656d5adf08f022cdda614a0879fea89f9ae78753c607d883f70e4", 0x5e}, {&(0x7f0000000180)="cd78e889a5f7a21394dbbf5e61ed2a076e9972f75972695a04eb1821ca82b9c747b59ddda5c6aebc1f77103bc25b30fd60271c5e64e858f1c9da0eb5695bd70048a3bd8341d6c82ebbd5cfa3242fa26245b6aae229304937312a619459622fbe24f96e2a720a10a114135d", 0x6b}, {0x0}], 0x3}}, {{0x0, 0x0, &(0x7f0000002980)}}], 0x2, 0x4) sendto$inet(r0, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93) 429.085248ms ago: executing program 2 (id=1715): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000040)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000100)="0f01773e6566410ff4020f01dbf3460f1c008f6828ce9a007000801581008ec866baf8263646c935fc696c81ef66bafc0c66ed66b8de000f00d066660f3825c667438fc72b66baf80cb8caa9658bef66bafc0c6466430f38f87e00", 0x5b}], 0x1, 0x43, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 342.612348ms ago: executing program 4 (id=1716): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_devices(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="1e846f5c936da931ca8563"], 0xffdd) 342.150768ms ago: executing program 3 (id=1717): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000c00)=ANY=[@ANYBLOB="aaaaaeaaaaaaffffffffff0800004500ee2f00b68f373ede8083ac1e0001ac1414aa05009078051414bb45000000fffe00001d00000000e0000002ac14140080052385ed7026e6102d4036990527d7441263b3f72ef075f286515e92e4649f88ecb836a95469239f45e33a48903681011402edc292eaa54600fd05e2ae583bb367d7bba60cb1588c2d08442e09d0beaabaaea132452a6f883ceb38545618ccaf2100"/175], 0x0) r1 = userfaultfd(0x80001) r2 = fsopen(&(0x7f0000000340)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f00000000c0)='source', &(0x7f0000000280)='source', 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x1cc}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x4) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000a40)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="78177796d554842bae1d942bd5a0845f32f2b2f1a81e8ff55e623b29391648967745f04c58f33af8955a9d3f49dc8567f51874af22c054b53999d341884775a1e9b0aeba496a92c05e68572265ab9d5f223f54a3eb9ba5", 0x57}, {&(0x7f0000000180)}, {&(0x7f0000000000)="3d80f9e6be7282ee5099d33eadfbf898", 0x10}], 0x3, 0x0, 0x0, 0x4008024}, {0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000380)="c5f3ea1173647bb7f6d4b229492486e0cc1690630b0a7fd15457d58b6a2345be1dca86bac5a369d059d097525e5d9fc98866bc941859907fd58e0544578d9d90f4605ce1df456d7df3fce61b232842d5e5403394bfe874d27a336116fd280aa3dd58ff5bf0b1cb31846fef3c8b0c93e507f478cf238e2cb38a85696fd9fa31b855259ce7ae6f64b519b7c3607d78373d9261fd224a51b155221acbea0c897bc1c1c01e61195566ebf57ee536c2a143f864bb855716f6003eda7dd568e8faa1e041948150543fcc0bb0569e3aed5a2ac9fca26d76737efe91b0e576ca00914ef0f2221c", 0xe3}, {&(0x7f0000000480)="2745959a5b7e49095badb81967bf1d7121cbb2914d9b6759428bc054b733fcda9b8a666af4041a206020cfa3a1f30830e9ecf9cd8d69dcab107ef19aec5c520e7d6ff373684904829bdb94714fb169e23794a5fa54f684500f9172a6f6b1f27a95b9b8ebd79bbc9d7ee9e9e79b557739e3adc7cf814d103c", 0x78}, {&(0x7f0000000580)="1de29690a987a10cc2224f43fab3a9f556691090a7f32e46a43536cc5277dd3372e47eac50407efcda3869bafd0a2e7dd7b780fde873d35f9b39045df16cf3a823929149cd3730951027696bc6ecea831fb4c7d0e52fdeefbf0e0e57363db08031f4612fc2f41ec9e40b22f016de302c918d9d2c8354e77e9a4a44b2091574baafcdabfd6a8143ddd4f90eb9f2f1da8179f8cb71961c69088809a0f34d29110d304d1326446cf48e7302b063222863be2e826bacfe94e99c8e37b26ec7bd83d7b435639228152c44773ed193b3", 0xcd}, {&(0x7f0000000680)="9ec44b4b81592b0fbb40a285da3efaaf11f444021ecb08abf594fa11eda1f37f6b241d9bec6ad9b49d9c07bcadc942b45eea75f5ab35db180b7f2909138e08917d600ec7e71a0209e56ca1f550d6c4c141769a0c69b4ef65064e8b333d6c5b19a9a620ef49a53982324e60bb3ce4ac523fa07a9ec9b567e0ec8e4329fc1c4a475d7feb749734d203869ae769589ccff9e9b4591ed522000b64a5fe", 0x9b}], 0x4, &(0x7f0000000240)=[@assoc={0x18, 0x117, 0x4, 0x6089}], 0x18, 0x40000}, {0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000007c0)="ff84d1", 0x3}, {&(0x7f0000000800)="ef7ed1be0d73c9d4dab6045cb94eb9e86facd9c693cd6651d7a455d012a9b3860b82b2c24184c4f67465bc9ed1bbdc3af188bc144e93ae4c0ba8b6cd9cf32ab1ad83d58573b2fcc1499e7886d3bccd03945b5445d9379a90ecb979ca3a2cdeed287315a3f6f453ca959b134df3390a795c4c4d1cc7354230f8755bb0452f5a5b8faa096d87709a5e269e415f6778fa2add6b426eb1753a2c388b413d9f7140fdb4048e21600de833c82b8d63095bd7b3b9a66004cc12033b92ec223d4f79d6aa148ae0", 0xc3}], 0x2, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000170100000300000000000000000000001800000000000000170100000400000005000000006cac00000000000000000017010000020000003300000042773b253c5a4d5c8253efd30eef86a9fc51e315369561461d5245010961ecd6c37148664eb8d8550e10557f15a3ced11566bd00800000000000000017010000020000006c0000007ac784676e4c4425379c973adc11eeb24b1084d91e3dd29ff905ac129e72b16effd28cdcded2fcc5667b4fa4b74de2af213d0f53c5bf4427a95df94aaa4c0718474d9aedaf39114f047df767bb"], 0xf8, 0x4008090}], 0x3, 0x8004) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x53, 0x800, 0xfffc, {0x4, 0x1}, {0x3a, 0x2}, @cond=[{0x7, 0x5, 0x200, 0xfe2d, 0xb, 0xfbfe}, {0xff, 0x800, 0xfffb, 0x801, 0x0, 0x529}]}) r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01) r4 = syz_open_dev$usbmon(0x0, 0x0, 0x0) r5 = syz_open_dev$usbfs(&(0x7f0000000000), 0x201, 0x20440) r6 = dup3(r4, r5, 0x0) ioctl$MON_IOCX_MFETCH(r6, 0xc0109207, 0x0) write$char_usb(r6, &(0x7f0000000d00)="1954e378c791745b3fd39745b9a9399763f2bcbe5e47bd6cb590fcd43edfc1e77ac51549c52646bceea8998698c6eb80e2cbaab7b2a57f8867719ca721e7849330ce4f7e9e8714e0d2cd38ba78ad92de0474a5fd5bad52c335d9883764886cafd52d38877b806cf5bcd4d8badec3a3afe3fb03490a2db60e8611517391e6f72573c84a71258f1cd47b2703fbce21a2f01e1cfeb5a8f6451d70a9f60be482002f65aee4f513b7af128ffe007e5d74f0e6181479e4fb", 0xb5) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r7 = socket$inet6(0xa, 0x3, 0x8000000003c) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x3d0, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x200, 0x230, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x430) syz_emit_ethernet(0x8a, 0x0, 0x0) ioctl$FBIOPAN_DISPLAY(r6, 0x4606, &(0x7f0000000b40)={0x20, 0xb38, 0x3c00, 0x300, 0x9, 0xa, 0x8, 0x1, {0x1ff, 0x1, 0x1}, {0xe4a, 0xd4}, {0x8001, 0x2}, {0x7fff, 0x5}, 0x1, 0x40, 0x9, 0x3, 0x0, 0x3, 0xe, 0xfffffffa, 0x0, 0xfffffffe, 0x2, 0x80000001, 0xe, 0x200, 0x1, 0xc}) write$char_usb(r3, &(0x7f0000000040)="e2", 0x12d8) ioctl$KVM_SET_MEMORY_ATTRIBUTES(r6, 0x4020aed2, &(0x7f0000000cc0)={0xeeee8000, 0x10000, 0x8}) close_range(r0, 0xffffffffffffffff, 0x0) 230.940319ms ago: executing program 2 (id=1718): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r0}, 0x0, 0x0}, 0x20) 214.934449ms ago: executing program 3 (id=1719): syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="02c820160012000100010102008000030808000300000007"], 0x1b) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 114.6588ms ago: executing program 2 (id=1720): r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x189802) close_range(r0, 0xffffffffffffffff, 0x0) 111.425059ms ago: executing program 3 (id=1721): ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000080)={"4af4c1b0750952fc4568c9da2cf111014bae220f51bc99c4d397467f39691ace3c86176e7b277e4f0ee3da7c62af19a3ea52543a9d9768f74730db12a72802cee08f0f9d34ecb7216a601d2aef57abb51ff66badc4554dedbcf3bfa910307e664823c83cb7d8e1b254e15020b632b10bf17d6b521dfd84634597442b9cf43400fa5b060b407c2285cd872780a1656919e827357c1b5d7fdc46b2f0b882ae896a2e9b75237368ae81c1ecbf85fb54ad9c15761d71304114c5597604d0c20f70a00a933fdc6ab8ee62216340a5d1b04f3e61d3964a288c074ed7939e9bb31a79ada1c636941fbbb555c8653a3bf2d7f9cc1d081583331fded38862086be7c2aa6213d36ecd7f06e811eb848cae4ec4e5c867f2ca5ef7f374d57256ec63a704c07de26832feaf7bc6d2c0f36afa12a7ca0aae64fdd55330782ef2b4d8813089b2420423f626065e8343fd7b5326945b93f83d7bcff3bb9fa2a5aea870a4221b9aa93a683a9cb30f958a3263ee51f1882a3090eceda796dc9353ec9fa8004fbcba3e3eadfc6c86bcc6990a759cf6181f014b4b0c0a5ac1f0f78dc77ba4bdabc8c9454e1339d5fcc92895f2a5f75f20774deb637a6305b0116d9d6a1ac691078f51dc68fac7f38d7fb9ee558f6396fd30a1d478eeca382ff18534f93bfa52483841cb3345560e5634c363eec2212f8ca334cb8b832223290dd279b1cf3c8bc8d338e1abebc1122c9b528091b5db315fd9babbdd7f1208e6ba55f966023e176fad5aa96df4ad5ab30bbf080b81f82568f028f26a5be18fab0a22d4cc92ad3bf96d8fc7eaec5eab00159ace3884a66b71da7642396ebfd9c77aea4ad358e92a18d8b9ddecfe2b44fc0d9ce80d77839c95341de6575d778c594dd4692178e227bb0b5667b7a75a69ce142ba237c61b0bb06860a49193e79904efb40ecae688441f1bede1da5ba93f46791162eee5a59415567de83cbac0fd2a49b7e589b14f08909edd960e2bb61bdd91c4c27ebb3a7cc3b89a4359d34de5f012e2ff8599bb008a31309c2f7ff90bb5527652bc20bc9cb7b1522af369c2716cd6100a16de7ba3dd160e626601a6958bd88e9366715438e0756f4d57c95cf2544161acf696869e41d079c44e1c5c7dc1d41d765ca7a80fc7beecbc7d033ed5e6ba59969ba91cac40e19dc9b8a0f0014a6160eb3a06cda013f339adcfff7092cbdfe9233141ef8d2d1b3c8a16a73b3ee0af8bd5ce5f0638effda121d0b75c233870e30e3efadb2aa156b1ff4f8a5b26081f1f945c8b73f4cf851505cbb57dae9947421e5610474c9462ab65c887baeef78732b28a1d0c1ca0b2132b5da94e64dfe91fbf0b5e89c8b0af00b8507756730dc0d3ea4877034090bbce6d82fcd24cf771e5b16127bb89397ef7d9f0553fd4a2b7abec74228fd41f8c7d7ca839dabbfbace03dce60de676480f6a0"}) r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="000000001f0000001a"]) 69.12871ms ago: executing program 2 (id=1722): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) read$FUSE(r0, &(0x7f0000009780)={0x2020}, 0x2020) write$FUSE_DIRENTPLUS(r0, &(0x7f0000000180)={0x10, 0xffffffffffffffda, 0x3}, 0x10) 0s ago: executing program 3 (id=1723): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000400)) socket$nl_netfilter(0x10, 0x3, 0xc) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1, 0x0, 0x0, 0x44}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000000)=0x7ff, 0x4) setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x20, 0x8f, 0x2, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x4}, 0xe) r3 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000020c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0xf}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_IIF={0x6, 0x4, r4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44}, 0x24000000) sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0) kernel console output (not intermixed with test programs): state [ 62.837194][ T4172] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.872409][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 62.881324][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 62.891686][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 62.901056][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 62.910421][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 62.919488][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.926602][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.934685][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 62.944952][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 62.958227][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 62.967369][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 62.983151][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.017748][ T4170] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.038420][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.048454][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.057723][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.064829][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.073482][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.081890][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.090635][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.103999][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.113966][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.123943][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.132797][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.140013][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.147823][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.156504][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.181760][ T4168] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.203832][ T4170] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.210884][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.222866][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.231501][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.240430][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.249365][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.258823][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.268002][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.276933][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.285415][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.299585][ T4176] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.311003][ T4176] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.335056][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.345420][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.356753][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.365752][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.376755][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.393989][ T4166] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.413845][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.421878][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.431710][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.441210][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.448639][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.458447][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.467570][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.476519][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.483645][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.491536][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.500815][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.510582][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.526923][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.552375][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.590547][ T4172] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.609527][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.624775][ T4166] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.633882][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.643945][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.653012][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.661374][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.669727][ T4216] Bluetooth: hci0: command 0x041b tx timeout [ 63.671368][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.685667][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.717451][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.735752][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.744435][ T4213] Bluetooth: hci2: command 0x041b tx timeout [ 63.756596][ T4213] Bluetooth: hci4: command 0x041b tx timeout [ 63.765020][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.773478][ T4213] Bluetooth: hci1: command 0x041b tx timeout [ 63.780798][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.788847][ T4213] Bluetooth: hci3: command 0x041b tx timeout [ 63.796764][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.809539][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.818231][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.827231][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.837963][ T3098] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.845182][ T3098] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.853413][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.861662][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.878954][ T4170] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.890867][ T4170] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.912161][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.928612][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.937525][ T3098] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.944665][ T3098] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.954151][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.962679][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.971413][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.983157][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.990668][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 64.017608][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.051850][ T4172] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.064639][ T4168] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.092301][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 64.102037][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.112083][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 64.120251][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 64.130363][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 64.138215][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 64.145943][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.159268][ T4176] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.185326][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 64.198805][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.262876][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 64.278972][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.287591][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 64.297335][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 64.311163][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 64.319929][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.336218][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 64.353173][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 64.361471][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 64.390990][ T4172] device veth0_vlan entered promiscuous mode [ 64.408360][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 64.427555][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 64.447325][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 64.457962][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 64.467359][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 64.477330][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 64.490639][ T4170] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.508926][ T4172] device veth1_vlan entered promiscuous mode [ 64.520267][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 64.528695][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 64.540248][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 64.549975][ T4176] device veth0_vlan entered promiscuous mode [ 64.572744][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 64.580947][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 64.596614][ T4176] device veth1_vlan entered promiscuous mode [ 64.639872][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 64.648317][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 64.656888][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 64.665430][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 64.674870][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 64.684172][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 64.691639][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 64.699572][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 64.709350][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 64.727346][ T4166] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.747549][ T4168] device veth0_vlan entered promiscuous mode [ 64.769481][ T4172] device veth0_macvtap entered promiscuous mode [ 64.778037][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 64.788107][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 64.798152][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 64.806729][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 64.819308][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 64.827426][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 64.836701][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 64.847261][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 64.856651][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 64.875465][ T4170] device veth0_vlan entered promiscuous mode [ 64.885429][ T4172] device veth1_macvtap entered promiscuous mode [ 64.895296][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 64.907325][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 64.916175][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 64.926817][ T4168] device veth1_vlan entered promiscuous mode [ 64.945607][ T4176] device veth0_macvtap entered promiscuous mode [ 64.953324][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 64.961611][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 64.970392][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 64.979584][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 64.987617][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 64.998495][ T4170] device veth1_vlan entered promiscuous mode [ 65.012232][ T4172] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.033949][ T4176] device veth1_macvtap entered promiscuous mode [ 65.043952][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 65.052004][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 65.060466][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 65.069253][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 65.078464][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 65.087652][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 65.108163][ T4172] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.133075][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 65.141182][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 65.150536][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 65.166434][ T4168] device veth0_macvtap entered promiscuous mode [ 65.191774][ T4170] device veth0_macvtap entered promiscuous mode [ 65.199241][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 65.209068][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 65.218800][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 65.227638][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 65.237572][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 65.247530][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 65.258623][ T4168] device veth1_macvtap entered promiscuous mode [ 65.285011][ T4172] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.296619][ T4172] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.306619][ T4172] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.316205][ T4172] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.327710][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 65.337320][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 65.347903][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 65.356494][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 65.366492][ T4166] device veth0_vlan entered promiscuous mode [ 65.377171][ T4170] device veth1_macvtap entered promiscuous mode [ 65.388714][ T4176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.399571][ T4176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.412391][ T4176] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.441788][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 65.450758][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 65.463094][ T4176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.478762][ T4176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.490129][ T4176] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.500921][ T4176] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.523008][ T4176] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.531752][ T4176] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.542872][ T4176] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.557866][ T4166] device veth1_vlan entered promiscuous mode [ 65.577428][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 65.587199][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 65.596457][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 65.618223][ T4168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.628958][ T4168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.639213][ T4168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.649928][ T4168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.661960][ T4168] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.673646][ T4168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.684436][ T4168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.694616][ T4168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.705689][ T4168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.717274][ T4168] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.726754][ T4170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.737345][ T4170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.748050][ T4170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.748128][ T4213] Bluetooth: hci0: command 0x040f tx timeout [ 65.763860][ T4170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.775112][ T4170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.786121][ T4170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.797926][ T4170] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.808558][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 65.817748][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 65.823338][ T4213] Bluetooth: hci3: command 0x040f tx timeout [ 65.829247][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 65.832634][ T4213] Bluetooth: hci1: command 0x040f tx timeout [ 65.846064][ T4213] Bluetooth: hci4: command 0x040f tx timeout [ 65.846163][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 65.852172][ T4213] Bluetooth: hci2: command 0x040f tx timeout [ 65.867674][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 65.876525][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 65.903513][ T4168] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.912256][ T4168] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.921242][ T4168] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.932019][ T4168] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.945424][ T4170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.956406][ T4170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.966506][ T4170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.978503][ T4170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.988686][ T4170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.999382][ T4170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.010605][ T4170] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.058435][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 66.068922][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 66.078128][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 66.096290][ T4170] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.106307][ T4170] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.115496][ T4170] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.124710][ T4170] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.168913][ T4166] device veth0_macvtap entered promiscuous mode [ 66.188168][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 66.199335][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 66.208653][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 66.236497][ T4166] device veth1_macvtap entered promiscuous mode [ 66.282612][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 66.307642][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.317698][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.341297][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.341408][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 66.350342][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.369925][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.382399][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.395348][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.405934][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.415884][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.426896][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.437131][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.448057][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.459664][ T4166] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.500796][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 66.510191][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 66.523784][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 66.535924][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.547694][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.557837][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.568347][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.578258][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.589159][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.599763][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.610298][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.621546][ T4166] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.643773][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 66.653175][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 66.668418][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.668841][ T4166] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.682562][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.685708][ T4166] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.703697][ T4166] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.715654][ T4166] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.732890][ T447] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.740971][ T447] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.754289][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 66.768810][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.782698][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.806521][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 66.815583][ T3098] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 66.846096][ T447] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.866423][ T447] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.890587][ T3098] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.900263][ T3098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.919391][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 66.935466][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 66.970761][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.986357][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.999730][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 67.019260][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.029740][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.072852][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 67.123724][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.131788][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.195452][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 67.467371][ T4245] kernel write not supported for file [landlock-ruleset] (pid: 4245 comm: kworker/0:7) [ 67.823153][ T4179] Bluetooth: hci0: command 0x0419 tx timeout [ 67.904885][ T4245] Bluetooth: hci2: command 0x0419 tx timeout [ 67.911006][ T4253] loop1: detected capacity change from 0 to 32768 [ 67.933502][ T4245] Bluetooth: hci4: command 0x0419 tx timeout [ 67.953238][ T4245] Bluetooth: hci1: command 0x0419 tx timeout [ 67.983936][ T4253] ======================================================= [ 67.983936][ T4253] WARNING: The mand mount option has been deprecated and [ 67.983936][ T4253] and is ignored by this kernel. Remove the mand [ 67.983936][ T4253] option from the mount to silence this warning. [ 67.983936][ T4253] ======================================================= [ 68.002667][ T4245] Bluetooth: hci3: command 0x0419 tx timeout [ 68.126784][ T4253] JBD2: Ignoring recovery information on journal [ 68.220253][ T4253] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 68.310000][ T4253] capability: warning: `syz.1.2' uses 32-bit capabilities (legacy support in use) [ 68.414817][ T4172] ocfs2: Unmounting device (7,1) on (node local) [ 68.449410][ T4255] loop2: detected capacity change from 0 to 32768 [ 68.531833][ T4255] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 68.532337][ T4252] loop4: detected capacity change from 0 to 32768 [ 68.601649][ T4255] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 68.674960][ T4252] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 68.682399][ T4252] CPU: 0 PID: 4252 Comm: syz.4.5 Not tainted 5.15.171-syzkaller #0 [ 68.690322][ T4252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 68.700412][ T4252] Call Trace: [ 68.703712][ T4252] [ 68.706657][ T4252] dump_stack_lvl+0x1e3/0x2d0 [ 68.711394][ T4252] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 68.717045][ T4252] ? panic+0x860/0x860 [ 68.721148][ T4252] ? sysfs_create_dir_ns+0x282/0x390 [ 68.726454][ T4252] sysfs_create_dir_ns+0x2c6/0x390 [ 68.731592][ T4252] ? sysfs_warn_dup+0xa0/0xa0 [ 68.736305][ T4252] ? do_raw_spin_unlock+0x137/0x8b0 [ 68.741540][ T4252] ? kobject_set_name_vargs+0xca/0x110 [ 68.747027][ T4252] kobject_add_internal+0x6e0/0xe00 [ 68.752251][ T4252] kobject_init_and_add+0x120/0x190 [ 68.757486][ T4252] ? lockdep_softirqs_off+0x420/0x420 [ 68.762871][ T4252] ? widen_string+0x3a/0x310 [ 68.767572][ T4252] ? kobject_add+0x210/0x210 [ 68.772189][ T4252] ? __init_swait_queue_head+0xaa/0x140 [ 68.777783][ T4252] gfs2_sys_fs_add+0x237/0x4a0 [ 68.782579][ T4252] ? gfs2_recover_set+0x240/0x240 [ 68.787627][ T4252] ? snprintf+0xd6/0x120 [ 68.791895][ T4252] ? vscnprintf+0x80/0x80 [ 68.796248][ T4252] ? read_word_at_a_time+0xe/0x20 [ 68.801295][ T4252] ? strscpy+0x89/0x220 [ 68.805477][ T4252] gfs2_fill_super+0x1299/0x2750 [ 68.810472][ T4252] ? gfs2_reconfigure+0xcf0/0xcf0 [ 68.815516][ T4252] ? ptr_to_hashval+0x60/0x60 [ 68.820209][ T4252] ? up_write+0x19d/0x580 [ 68.824661][ T4252] ? set_blocksize+0x1ec/0x370 [ 68.829452][ T4252] get_tree_bdev+0x3fe/0x620 [ 68.834075][ T4252] ? gfs2_reconfigure+0xcf0/0xcf0 [ 68.839130][ T4252] gfs2_get_tree+0x50/0x210 [ 68.843653][ T4252] ? bpf_lsm_capable+0x5/0x10 [ 68.848354][ T4252] vfs_get_tree+0x88/0x270 [ 68.852794][ T4252] do_new_mount+0x2ba/0xb40 [ 68.857328][ T4252] ? do_move_mount_old+0x160/0x160 [ 68.862461][ T4252] ? user_path_at_empty+0x12b/0x180 [ 68.867689][ T4252] __se_sys_mount+0x2d5/0x3c0 [ 68.872391][ T4252] ? __x64_sys_mount+0xc0/0xc0 [ 68.877172][ T4252] ? syscall_enter_from_user_mode+0x2e/0x240 [ 68.883193][ T4252] ? lockdep_hardirqs_on+0x94/0x130 [ 68.888411][ T4252] ? __x64_sys_mount+0x1c/0xc0 [ 68.893191][ T4252] do_syscall_64+0x3b/0xb0 [ 68.897623][ T4252] ? clear_bhb_loop+0x15/0x70 [ 68.902312][ T4252] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 68.908230][ T4252] RIP: 0033:0x7f959e943eba [ 68.912678][ T4252] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.932302][ T4252] RSP: 002b:00007f959cdb9e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 68.940797][ T4252] RAX: ffffffffffffffda RBX: 00007f959cdb9ef0 RCX: 00007f959e943eba [ 68.948792][ T4252] RDX: 0000000020037f40 RSI: 0000000020037f80 RDI: 00007f959cdb9eb0 [ 68.956824][ T4252] RBP: 0000000020037f40 R08: 00007f959cdb9ef0 R09: 0000000000000000 [ 68.964822][ T4252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80 [ 68.966300][ T4262] loop0: detected capacity change from 0 to 40427 [ 68.972809][ T4252] R13: 00007f959cdb9eb0 R14: 0000000000037f14 R15: 0000000020037fc0 [ 68.972861][ T4252] [ 68.993599][ T4252] kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 69.009628][ T4252] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 69.018015][ T4255] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 69.035146][ T4264] loop3: detected capacity change from 0 to 32768 [ 69.040365][ T21] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 69.049655][ T21] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 69.070235][ T4262] F2FS-fs (loop0): invalid crc value [ 69.103491][ T4262] F2FS-fs (loop0): Found nat_bits in checkpoint [ 69.129019][ T4264] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 69.232371][ T4262] F2FS-fs (loop0): Start checkpoint disabled! [ 69.270180][ T4262] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 69.282567][ T4245] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 69.368783][ T21] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 319ms [ 69.390133][ T21] gfs2: fsid=syz:syz.0: jid=0: Done [ 69.399236][ T4255] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 69.400015][ T4170] ocfs2: Unmounting device (7,3) on (node local) [ 69.532626][ T4245] usb 2-1: Using ep0 maxpacket: 16 [ 69.664452][ T4245] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 69.752621][ T4245] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 69.796175][ T4245] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 69.824388][ T4245] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.865875][ T4245] usb 2-1: config 0 descriptor?? [ 70.340070][ T4277] loop4: detected capacity change from 0 to 40427 [ 70.348398][ T4245] microsoft 0003:045E:07DA.0001: ignoring exceeding usage max [ 70.375060][ T4245] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 70.393432][ T21] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 70.402118][ T4245] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 70.421339][ T4245] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 70.421671][ T4277] F2FS-fs (loop4): invalid crc value [ 70.434551][ T4245] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 70.459970][ T4245] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 70.469865][ T4277] F2FS-fs (loop4): Found nat_bits in checkpoint [ 70.476423][ T4245] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 70.476479][ T4245] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 70.476504][ T4245] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 70.476527][ T4245] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 70.476550][ T4245] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 70.550507][ T4245] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0001/input/input5 [ 70.630048][ T4277] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 70.675683][ T4245] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 70.727183][ T4245] usb 2-1: USB disconnect, device number 2 [ 70.728476][ T4279] loop3: detected capacity change from 0 to 32768 [ 70.806922][ T4279] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 70.822665][ T4279] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 70.842921][ T21] usb 3-1: config 0 has no interfaces? [ 70.849942][ T21] usb 3-1: New USB device found, idVendor=1668, idProduct=0323, bcdDevice=5f.ca [ 70.873461][ T21] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.888382][ T4168] attempt to access beyond end of device [ 70.888382][ T4168] loop4: rw=2049, want=45104, limit=40427 [ 70.917855][ T21] usb 3-1: config 0 descriptor?? [ 70.925483][ T4279] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 70.946899][ T4290] loop0: detected capacity change from 0 to 32768 [ 70.956792][ T4157] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 70.965705][ T4157] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 71.052085][ T4290] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 scanned by syz.0.17 (4290) [ 71.076257][ T4157] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 110ms [ 71.121359][ T4157] gfs2: fsid=syz:syz.0: jid=0: Done [ 71.134457][ T4279] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 71.144608][ T4294] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 71.186426][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.193744][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.206107][ T4157] usb 3-1: USB disconnect, device number 2 [ 71.210907][ T4290] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 71.234275][ T4290] BTRFS info (device loop0): using free space tree [ 71.286151][ T4290] BTRFS info (device loop0): has skinny extents [ 71.476212][ T4317] 9pnet: p9_fd_create_unix (4317): problem connecting socket: ./file1: -2 [ 71.591191][ T4290] BTRFS info (device loop0): enabling ssd optimizations [ 71.843700][ T4331] loop2: detected capacity change from 0 to 1024 [ 72.482392][ T4342] loop4: detected capacity change from 0 to 1024 [ 72.569856][ T4342] hfsplus: gid requires an argument [ 72.588913][ T4346] loop3: detected capacity change from 0 to 64 [ 72.595540][ T4342] hfsplus: unable to parse mount options [ 73.024019][ T4353] loop1: detected capacity change from 0 to 512 [ 73.040013][ T4351] loop3: detected capacity change from 0 to 2048 [ 73.062345][ T4290] BTRFS info (device loop0): turning off barriers [ 73.070201][ T4290] BTRFS info (device loop0): enabling auto defrag [ 73.082712][ T4290] BTRFS info (device loop0): not using ssd optimizations [ 73.089964][ T4290] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 73.101146][ T4290] BTRFS info (device loop0): trying to use backup root at mount time [ 73.106331][ T4353] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled [ 73.118979][ T4290] BTRFS info (device loop0): enabling disk space caching [ 73.140721][ T4290] BTRFS info (device loop0): enabling ssd optimizations [ 73.154420][ T4290] BTRFS info (device loop0): using spread ssd allocation scheme [ 73.176505][ T4290] BTRFS error (device loop0): cannot disable free space tree [ 73.193056][ T4290] BTRFS info (device loop0): resize thread pool 3 -> 4 [ 73.213142][ T4351] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 73.229064][ T4353] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,jqfmt=vfsold,data_err=abort,norecovery,norecovery,. Quota mode: writeback. [ 73.270169][ T4351] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.278472][ T4353] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 73.878040][ T4360] loop4: detected capacity change from 0 to 32768 [ 73.929669][ T4374] syz.3.38 uses obsolete (PF_INET,SOCK_PACKET) [ 74.019736][ T4341] loop2: detected capacity change from 0 to 32768 [ 74.084551][ T4360] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 74.087802][ T4341] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 74.180287][ T4341] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 74.260699][ T4341] gfs2: fsid=syz:syz.s: journal 0 mapped with 16 extents in 0ms [ 74.289978][ T4168] ocfs2: Unmounting device (7,4) on (node local) [ 74.599503][ T4341] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 74.646825][ T4341] gfs2: fsid=syz:syz.s: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 74.688584][ T4341] gfs2: fsid=syz:syz.s: fatal: filesystem consistency error [ 74.688584][ T4341] inode = 12 2341 [ 74.688584][ T4341] function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602 [ 74.756877][ T4341] gfs2: fsid=syz:syz.s: about to withdraw this file system [ 74.782732][ T4341] gfs2: fsid=syz:syz.s: Journal recovery skipped for jid 0 until next mount. [ 74.822053][ T4341] gfs2: fsid=syz:syz.s: Glock dequeues delayed: 0 [ 74.840966][ T4400] netlink: 4 bytes leftover after parsing attributes in process `syz.4.47'. [ 74.862723][ T4364] Bluetooth: hci2: command 0x0406 tx timeout [ 74.870511][ T4341] gfs2: fsid=syz:syz.s: File system withdrawn [ 74.901440][ T4341] CPU: 0 PID: 4341 Comm: syz.2.28 Not tainted 5.15.171-syzkaller #0 [ 74.909466][ T4341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 74.919540][ T4341] Call Trace: [ 74.922834][ T4341] [ 74.925783][ T4341] dump_stack_lvl+0x1e3/0x2d0 [ 74.929453][ T4372] loop1: detected capacity change from 0 to 32768 [ 74.930483][ T4341] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 74.942522][ T4341] ? panic+0x860/0x860 [ 74.946629][ T4341] ? do_raw_spin_unlock+0x137/0x8b0 [ 74.951863][ T4341] gfs2_withdraw+0xe9e/0x14e0 [ 74.956590][ T4341] ? gfs2_lm+0x230/0x230 [ 74.960859][ T4341] ? gfs2_dirent_scan+0x276/0x640 [ 74.965915][ T4341] ? panic+0x860/0x860 [ 74.970019][ T4341] ? gfs2_consist_inode_i+0xc0/0xe0 [ 74.975256][ T4341] gfs2_dirent_scan+0x512/0x640 [ 74.980128][ T4341] ? gfs2_permission+0x331/0x4d0 [ 74.985101][ T4341] ? gfs2_dirent_search+0x8c0/0x8c0 [ 74.990340][ T4341] gfs2_dirent_search+0x30a/0x8c0 [ 74.995576][ T4341] ? gfs2_dirent_search+0x8c0/0x8c0 [ 75.000796][ T4341] ? generic_permission+0x21c/0x4f0 [ 75.006025][ T4341] ? gfs2_dir_search+0x2f0/0x2f0 [ 75.010988][ T4341] ? gfs2_permission+0x3fd/0x4d0 [ 75.015956][ T4341] gfs2_dir_search+0xae/0x2f0 [ 75.020656][ T4341] ? do_filldir_main+0x520/0x520 [ 75.025622][ T4341] ? gfs2_glock_wait+0x137/0x1c0 [ 75.030580][ T4341] gfs2_lookupi+0x45b/0x5e0 [ 75.035231][ T4341] ? gfs2_lookup_simple+0x170/0x170 [ 75.040460][ T4341] ? gfs2_lookupi+0x3f7/0x5e0 [ 75.045422][ T4341] ? read_lock_is_recursive+0x10/0x10 [ 75.050922][ T4341] ? d_alloc+0x194/0x1d0 [ 75.055202][ T4341] __gfs2_lookup+0xa0/0x270 [ 75.059732][ T4341] ? gfs2_atomic_open+0x220/0x220 [ 75.064792][ T4341] ? _raw_spin_unlock+0x24/0x40 [ 75.069669][ T4341] ? d_alloc+0x194/0x1d0 [ 75.073938][ T4341] lookup_one_qstr_excl+0x117/0x240 [ 75.079170][ T4341] filename_create+0x293/0x530 [ 75.083968][ T4341] ? kern_path_create+0x180/0x180 [ 75.089014][ T4341] ? __virt_addr_valid+0x3bb/0x460 [ 75.094149][ T4341] do_mkdirat+0xb3/0x520 [ 75.098424][ T4341] ? vfs_mkdir+0x590/0x590 [ 75.102863][ T4341] ? getname_flags+0x1ec/0x4e0 [ 75.107651][ T4341] ? lockdep_hardirqs_on+0x94/0x130 [ 75.112877][ T4341] __x64_sys_mkdir+0x6a/0x80 [ 75.117579][ T4341] do_syscall_64+0x3b/0xb0 [ 75.122012][ T4341] ? clear_bhb_loop+0x15/0x70 [ 75.126707][ T4341] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 75.132621][ T4341] RIP: 0033:0x7efd279b4719 [ 75.137052][ T4341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.156678][ T4341] RSP: 002b:00007efd25e2c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 75.165296][ T4341] RAX: ffffffffffffffda RBX: 00007efd27b6bf80 RCX: 00007efd279b4719 [ 75.173292][ T4341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200003c0 [ 75.181284][ T4341] RBP: 00007efd27a27616 R08: 0000000000000000 R09: 0000000000000000 [ 75.189278][ T4341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.197267][ T4341] R13: 0000000000000000 R14: 00007efd27b6bf80 R15: 00007ffebb0380a8 [ 75.205306][ T4341] [ 75.243452][ T4372] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 75.258164][ T4372] CPU: 0 PID: 4372 Comm: syz.1.35 Not tainted 5.15.171-syzkaller #0 [ 75.266202][ T4372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 75.276284][ T4372] Call Trace: [ 75.279596][ T4372] [ 75.282551][ T4372] dump_stack_lvl+0x1e3/0x2d0 [ 75.287258][ T4372] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 75.292917][ T4372] ? panic+0x860/0x860 [ 75.296997][ T4372] ? sysfs_create_dir_ns+0x282/0x390 [ 75.302288][ T4372] sysfs_create_dir_ns+0x2c6/0x390 [ 75.307403][ T4372] ? sysfs_warn_dup+0xa0/0xa0 [ 75.312081][ T4372] ? do_raw_spin_unlock+0x137/0x8b0 [ 75.317277][ T4372] ? kobject_set_name_vargs+0xca/0x110 [ 75.322739][ T4372] kobject_add_internal+0x6e0/0xe00 [ 75.327954][ T4372] kobject_init_and_add+0x120/0x190 [ 75.333150][ T4372] ? lockdep_softirqs_off+0x420/0x420 [ 75.338525][ T4372] ? widen_string+0x3a/0x310 [ 75.343148][ T4372] ? kobject_add+0x210/0x210 [ 75.347756][ T4372] ? __init_swait_queue_head+0xaa/0x140 [ 75.353313][ T4372] gfs2_sys_fs_add+0x237/0x4a0 [ 75.358096][ T4372] ? gfs2_recover_set+0x240/0x240 [ 75.363124][ T4372] ? snprintf+0xd6/0x120 [ 75.367396][ T4372] ? vscnprintf+0x80/0x80 [ 75.371730][ T4372] ? read_word_at_a_time+0xe/0x20 [ 75.376756][ T4372] ? strscpy+0x89/0x220 [ 75.380912][ T4372] gfs2_fill_super+0x1299/0x2750 [ 75.385951][ T4372] ? gfs2_reconfigure+0xcf0/0xcf0 [ 75.390972][ T4372] ? ptr_to_hashval+0x60/0x60 [ 75.395647][ T4372] ? up_write+0x19d/0x580 [ 75.400008][ T4372] ? set_blocksize+0x1ec/0x370 [ 75.404772][ T4372] get_tree_bdev+0x3fe/0x620 [ 75.409363][ T4372] ? gfs2_reconfigure+0xcf0/0xcf0 [ 75.414392][ T4372] gfs2_get_tree+0x50/0x210 [ 75.419080][ T4372] ? bpf_lsm_capable+0x5/0x10 [ 75.423768][ T4372] vfs_get_tree+0x88/0x270 [ 75.428211][ T4372] do_new_mount+0x2ba/0xb40 [ 75.432783][ T4372] ? do_move_mount_old+0x160/0x160 [ 75.438607][ T4372] ? user_path_at_empty+0x12b/0x180 [ 75.443946][ T4372] __se_sys_mount+0x2d5/0x3c0 [ 75.448663][ T4372] ? __x64_sys_mount+0xc0/0xc0 [ 75.453439][ T4372] ? syscall_enter_from_user_mode+0x2e/0x240 [ 75.459427][ T4372] ? lockdep_hardirqs_on+0x94/0x130 [ 75.464640][ T4372] ? __x64_sys_mount+0x1c/0xc0 [ 75.469417][ T4372] do_syscall_64+0x3b/0xb0 [ 75.473834][ T4372] ? clear_bhb_loop+0x15/0x70 [ 75.478509][ T4372] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 75.484426][ T4372] RIP: 0033:0x7f7388bcceba [ 75.488854][ T4372] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.508458][ T4372] RSP: 002b:00007f7387042e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 75.516878][ T4372] RAX: ffffffffffffffda RBX: 00007f7387042ef0 RCX: 00007f7388bcceba [ 75.524855][ T4372] RDX: 0000000020037f40 RSI: 0000000020037f80 RDI: 00007f7387042eb0 [ 75.532849][ T4372] RBP: 0000000020037f40 R08: 00007f7387042ef0 R09: 0000000000000000 [ 75.540816][ T4372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80 [ 75.548787][ T4372] R13: 00007f7387042eb0 R14: 0000000000037f14 R15: 0000000020037fc0 [ 75.556765][ T4372] [ 75.566824][ T4372] kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 75.592615][ T4372] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 75.651850][ T4405] netlink: 'syz.4.51': attribute type 1 has an invalid length. [ 75.660921][ T4405] netlink: 236 bytes leftover after parsing attributes in process `syz.4.51'. [ 76.100700][ T4422] netlink: 44 bytes leftover after parsing attributes in process `syz.0.56'. [ 76.141447][ T4422] netlink: 24 bytes leftover after parsing attributes in process `syz.0.56'. [ 76.181513][ T4422] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.212496][ T4422] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.219669][ T4422] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.691265][ T4452] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.67'. [ 76.771201][ T4457] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 76.979476][ T4464] Zero length message leads to an empty skb [ 77.404179][ T4490] netlink: 24 bytes leftover after parsing attributes in process `syz.3.83'. [ 77.609921][ T4503] netlink: 104 bytes leftover after parsing attributes in process `syz.2.89'. [ 77.618905][ T4502] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.923098][ T4518] xt_CT: You must specify a L4 protocol and not use inversions on it [ 78.147430][ T4532] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 78.665614][ T4554] netlink: 4 bytes leftover after parsing attributes in process `syz.3.112'. [ 79.001364][ T4565] netlink: 'syz.2.117': attribute type 29 has an invalid length. [ 79.069549][ T4565] netlink: 'syz.2.117': attribute type 29 has an invalid length. [ 79.088404][ T4566] netlink: 'syz.2.117': attribute type 29 has an invalid length. [ 79.118277][ T4539] loop4: detected capacity change from 0 to 40427 [ 79.164407][ T4539] F2FS-fs (loop4): invalid crc value [ 79.198400][ T4539] F2FS-fs (loop4): Found nat_bits in checkpoint [ 79.266372][ T4539] F2FS-fs (loop4): Start checkpoint disabled! [ 79.340216][ T4539] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 79.979770][ T4601] netlink: 104 bytes leftover after parsing attributes in process `syz.1.131'. [ 81.093994][ T4653] netlink: 104 bytes leftover after parsing attributes in process `syz.2.153'. [ 81.427129][ T1323] cfg80211: failed to load regulatory.db [ 81.502745][ T4667] device netdevsim0 entered promiscuous mode [ 81.619925][ T4610] loop3: detected capacity change from 0 to 40427 [ 81.748668][ T4610] F2FS-fs (loop3): invalid crc value [ 81.804541][ T4610] F2FS-fs (loop3): Found nat_bits in checkpoint [ 81.914348][ T4688] netlink: 4 bytes leftover after parsing attributes in process `syz.4.166'. [ 82.065485][ T4610] F2FS-fs (loop3): Start checkpoint disabled! [ 82.129642][ T4610] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 82.545302][ T1107] hid-generic 0005:046D:FFF9.0002: item fetching failed at offset 0/1 [ 82.565510][ T1107] hid-generic: probe of 0005:046D:FFF9.0002 failed with error -22 [ 82.603933][ T4726] netlink: 20 bytes leftover after parsing attributes in process `syz.4.180'. [ 83.144513][ T4754] netlink: 20 bytes leftover after parsing attributes in process `syz.4.188'. [ 83.875053][ T4782] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 84.558659][ T4748] loop1: detected capacity change from 0 to 40427 [ 84.689398][ T4748] F2FS-fs (loop1): invalid crc value [ 84.734010][ T4748] F2FS-fs (loop1): Found nat_bits in checkpoint [ 84.955478][ T4839] netlink: 20 bytes leftover after parsing attributes in process `syz.2.222'. [ 84.994351][ T4839] netlink: 8 bytes leftover after parsing attributes in process `syz.2.222'. [ 85.003880][ T4748] F2FS-fs (loop1): Start checkpoint disabled! [ 85.022791][ T4839] netlink: 8 bytes leftover after parsing attributes in process `syz.2.222'. [ 85.033090][ T4748] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 85.045905][ T4839] netlink: 8 bytes leftover after parsing attributes in process `syz.2.222'. [ 85.596652][ T4869] loop4: detected capacity change from 0 to 1024 [ 85.725893][ T4872] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 85.783314][ T4869] hfsplus: request for non-existent node 33423360 in B*Tree [ 85.798869][ T4869] hfsplus: request for non-existent node 33423360 in B*Tree [ 85.865622][ T4869] hfsplus: request for non-existent node 33423360 in B*Tree [ 85.867505][ T4874] loop1: detected capacity change from 0 to 64 [ 85.886485][ T4869] hfsplus: request for non-existent node 33423360 in B*Tree [ 85.918964][ T4875] hfsplus: request for non-existent node 33423360 in B*Tree [ 85.955276][ T4875] hfsplus: request for non-existent node 33423360 in B*Tree [ 86.005008][ T4869] hfsplus: request for non-existent node 33423360 in B*Tree [ 86.045565][ T4869] hfsplus: request for non-existent node 33423360 in B*Tree [ 86.085222][ T4875] hfsplus: request for non-existent node 33423360 in B*Tree [ 86.114670][ T4875] hfsplus: request for non-existent node 33423360 in B*Tree [ 86.197377][ T4869] hfsplus: request for non-existent node 33423360 in B*Tree [ 86.224640][ T4869] hfsplus: request for non-existent node 33423360 in B*Tree [ 86.244369][ T4875] hfsplus: request for non-existent node 33423360 in B*Tree [ 86.251779][ T4875] hfsplus: request for non-existent node 33423360 in B*Tree [ 86.254311][ T4879] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 86.299248][ T4866] loop0: detected capacity change from 0 to 32768 [ 86.314184][ T4879] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 86.333887][ T4870] loop2: detected capacity change from 0 to 32768 [ 86.366353][ T4866] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.234 (4866) [ 86.460352][ T4870] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by syz.2.236 (4870) [ 86.460545][ T4866] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 86.509935][ T4866] BTRFS info (device loop0): using free space tree [ 86.525006][ T4267] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by udevd (4267) [ 86.546924][ T4866] BTRFS info (device loop0): has skinny extents [ 86.789659][ T4866] BTRFS info (device loop0): enabling ssd optimizations [ 87.007233][ T4877] loop3: detected capacity change from 0 to 32768 [ 87.051230][ T4881] loop4: detected capacity change from 0 to 40427 [ 87.123437][ T4881] F2FS-fs (loop4): invalid crc value [ 87.181608][ T4877] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 87.201917][ T4881] F2FS-fs (loop4): Found nat_bits in checkpoint [ 87.285337][ T4922] loop2: detected capacity change from 0 to 64 [ 87.321993][ T4881] F2FS-fs (loop4): Start checkpoint disabled! [ 87.322594][ T4877] loop_set_status: loop3 () has still dirty pages (nrpages=3) [ 87.356252][ T4881] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 87.408033][ T4877] OCFS2: ERROR (device loop3): int ocfs2_validate_xattr_block(struct super_block *, struct buffer_head *): Extended attribute block #2304 has bad signature [ 87.472720][ T4877] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 87.490498][ T4877] OCFS2: File system is now read-only. [ 87.498833][ T4877] (syz.3.239,4877,1):ocfs2_xattr_block_find:2836 ERROR: status = -30 [ 87.818833][ T447] attempt to access beyond end of device [ 87.818833][ T447] loop4: rw=2049, want=40984, limit=40427 [ 87.900940][ T4170] ocfs2: Unmounting device (7,3) on (node local) [ 88.553084][ T4964] loop3: detected capacity change from 0 to 64 [ 88.732300][ T4969] bridge0: port 3(ipvlan2) entered blocking state [ 88.781651][ T4969] bridge0: port 3(ipvlan2) entered disabled state [ 89.229589][ T4948] loop2: detected capacity change from 0 to 32768 [ 89.327940][ T4993] loop4: detected capacity change from 0 to 64 [ 89.338430][ T4995] netlink: 104 bytes leftover after parsing attributes in process `syz.0.281'. [ 89.355205][ T4948] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.262 (4948) [ 89.433269][ T4948] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 89.461208][ T4948] BTRFS info (device loop2): using free space tree [ 89.476240][ T4948] BTRFS info (device loop2): has skinny extents [ 89.484617][ T4954] loop1: detected capacity change from 0 to 40427 [ 89.574183][ T4954] F2FS-fs (loop1): invalid crc value [ 89.615184][ T4954] F2FS-fs (loop1): Found nat_bits in checkpoint [ 89.865440][ T4954] F2FS-fs (loop1): Start checkpoint disabled! [ 89.904454][ T4948] BTRFS info (device loop2): enabling ssd optimizations [ 89.974322][ T4954] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 90.118720][ T5048] loop3: detected capacity change from 0 to 64 [ 90.209693][ T5052] netlink: 24 bytes leftover after parsing attributes in process `syz.0.297'. [ 90.231162][ T4714] attempt to access beyond end of device [ 90.231162][ T4714] loop1: rw=2049, want=40984, limit=40427 [ 90.656759][ T5063] device syzkaller0 entered promiscuous mode [ 91.100393][ T5081] loop2: detected capacity change from 0 to 64 [ 91.111612][ T5079] netlink: 'syz.0.310': attribute type 4 has an invalid length. [ 91.380464][ T5089] netlink: 96 bytes leftover after parsing attributes in process `syz.1.315'. [ 91.476646][ T5091] netlink: 32 bytes leftover after parsing attributes in process `syz.2.314'. [ 91.547147][ T5095] netlink: 32 bytes leftover after parsing attributes in process `syz.2.314'. [ 91.572677][ T5096] vxcan1: MTU too low for tipc bearer [ 91.603002][ T5096] tipc: Enabling of bearer rejected, failed to enable media [ 91.670283][ T5098] tipc: Started in network mode [ 91.697292][ T5098] tipc: Node identity ac1414aa, cluster identity 4711 [ 91.716287][ T5098] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 91.740143][ T5098] tipc: Enabled bearer , priority 10 [ 91.854395][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 91.992690][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 92.011395][ T5112] loop4: detected capacity change from 0 to 64 [ 92.132607][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 92.154389][ T5077] loop3: detected capacity change from 0 to 40427 [ 92.260192][ T5077] F2FS-fs (loop3): invalid crc value [ 92.272737][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 92.295196][ T5077] F2FS-fs (loop3): Found nat_bits in checkpoint [ 92.345338][ T5085] loop0: detected capacity change from 0 to 32768 [ 92.412646][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 92.493905][ T5077] F2FS-fs (loop3): Start checkpoint disabled! [ 92.520625][ T5077] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 92.535578][ T5085] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.312 (5085) [ 92.552647][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 92.624810][ T5085] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 92.650006][ T5085] BTRFS info (device loop0): using free space tree [ 92.685117][ T5085] BTRFS info (device loop0): has skinny extents [ 92.692643][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 92.798676][ T5160] loop4: detected capacity change from 0 to 64 [ 92.831036][ T1497] attempt to access beyond end of device [ 92.831036][ T1497] loop3: rw=2049, want=40984, limit=40427 [ 92.844932][ T4216] tipc: Node number set to 2886997162 [ 92.954200][ T5085] BTRFS info (device loop0): enabling ssd optimizations [ 92.972605][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 93.242589][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 93.928621][ T5205] loop3: detected capacity change from 0 to 64 [ 93.938978][ T5204] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 93.960112][ T5204] Cannot find set identified by id 0 to match [ 94.312845][ T5184] loop2: detected capacity change from 0 to 40427 [ 94.394771][ T5225] netlink: 8 bytes leftover after parsing attributes in process `syz.0.364'. [ 94.435713][ T5184] F2FS-fs (loop2): invalid crc value [ 94.457539][ T5184] F2FS-fs (loop2): Found nat_bits in checkpoint [ 94.653996][ T5240] loop0: detected capacity change from 0 to 64 [ 94.662747][ T5184] F2FS-fs (loop2): Start checkpoint disabled! [ 94.700591][ T5184] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 94.879311][ T5209] loop4: detected capacity change from 0 to 32768 [ 94.922043][ T154] attempt to access beyond end of device [ 94.922043][ T154] loop2: rw=2049, want=40976, limit=40427 [ 94.971579][ T5209] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.356 (5209) [ 95.078097][ T5209] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 95.125102][ T5209] BTRFS info (device loop4): using free space tree [ 95.150022][ T5209] BTRFS info (device loop4): has skinny extents [ 95.364748][ T5209] BTRFS info (device loop4): enabling ssd optimizations [ 95.539613][ T5289] netlink: 24 bytes leftover after parsing attributes in process `syz.3.383'. [ 95.697454][ T5295] loop1: detected capacity change from 0 to 64 [ 95.833609][ T5297] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 96.613813][ T5328] loop3: detected capacity change from 0 to 64 [ 96.832296][ T5291] loop0: detected capacity change from 0 to 40427 [ 96.863542][ C0] net_ratelimit: 5 callbacks suppressed [ 96.863559][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 96.960281][ T5291] F2FS-fs (loop0): invalid crc value [ 97.000392][ T5291] F2FS-fs (loop0): Found nat_bits in checkpoint [ 97.188446][ T5291] F2FS-fs (loop0): Start checkpoint disabled! [ 97.239091][ T5291] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 97.279763][ T5355] loop2: detected capacity change from 0 to 64 [ 97.348118][ T5312] loop1: detected capacity change from 0 to 32768 [ 97.374129][ T5359] netlink: 12 bytes leftover after parsing attributes in process `syz.4.416'. [ 97.396447][ T5312] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.395 (5312) [ 97.459791][ T5360] device bridge_slave_1 left promiscuous mode [ 97.476808][ T5360] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.486438][ T154] attempt to access beyond end of device [ 97.486438][ T154] loop0: rw=2049, want=40976, limit=40427 [ 97.488506][ T5312] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 97.519887][ T5312] BTRFS info (device loop1): using free space tree [ 97.527280][ T5312] BTRFS info (device loop1): has skinny extents [ 97.551839][ T5360] bridge1: port 1(bridge_slave_1) entered blocking state [ 97.575928][ T5360] bridge1: port 1(bridge_slave_1) entered disabled state [ 97.603962][ T5360] device bridge_slave_1 entered promiscuous mode [ 97.902662][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 97.934924][ T5393] netlink: 4 bytes leftover after parsing attributes in process `syz.0.417'. [ 97.975775][ T5397] netlink: 8 bytes leftover after parsing attributes in process `syz.0.426'. [ 98.008847][ T5312] BTRFS info (device loop1): enabling ssd optimizations [ 98.942802][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 99.192086][ T5462] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 99.361627][ T5401] loop0: detected capacity change from 0 to 40427 [ 99.443076][ T5401] F2FS-fs (loop0): invalid crc value [ 99.510575][ T5401] F2FS-fs (loop0): Found nat_bits in checkpoint [ 99.650754][ T5401] F2FS-fs (loop0): Start checkpoint disabled! [ 99.711838][ T5401] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 99.886151][ T5484] netlink: 'syz.1.458': attribute type 10 has an invalid length. [ 99.921139][ T5484] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 99.983031][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 99.988241][ T5444] loop4: detected capacity change from 0 to 32768 [ 100.226365][ T5444] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.445 (5444) [ 100.248422][ T5484] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 100.309104][ T5444] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 100.320472][ T5495] loop2: detected capacity change from 0 to 64 [ 100.323170][ T5484] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link [ 100.339302][ T1497] attempt to access beyond end of device [ 100.339302][ T1497] loop0: rw=2049, want=40976, limit=40427 [ 100.359288][ T5444] BTRFS info (device loop4): using free space tree [ 100.384026][ T5444] BTRFS info (device loop4): has skinny extents [ 100.820440][ T5444] BTRFS info (device loop4): enabling ssd optimizations [ 101.013949][ T5538] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 101.022629][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 101.616468][ T5550] loop3: detected capacity change from 0 to 64 [ 101.741204][ T5533] loop1: detected capacity change from 0 to 40427 [ 101.849768][ T5533] F2FS-fs (loop1): invalid crc value [ 101.878032][ T5533] F2FS-fs (loop1): Found nat_bits in checkpoint [ 102.037837][ T5533] F2FS-fs (loop1): Start checkpoint disabled! [ 102.062667][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 102.098588][ T5533] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 102.646267][ T5587] loop4: detected capacity change from 0 to 64 [ 102.754749][ T5496] attempt to access beyond end of device [ 102.754749][ T5496] loop1: rw=2049, want=40968, limit=40427 [ 103.039567][ T5564] loop2: detected capacity change from 0 to 32768 [ 103.088923][ T5598] netlink: 8 bytes leftover after parsing attributes in process `syz.4.496'. [ 103.102589][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 103.189849][ T5564] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.484 (5564) [ 103.228827][ T5564] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 103.255117][ T5564] BTRFS info (device loop2): using free space tree [ 103.285218][ T5564] BTRFS info (device loop2): has skinny extents [ 103.481001][ T5624] loop3: detected capacity change from 0 to 64 [ 103.664619][ T5564] BTRFS info (device loop2): enabling ssd optimizations [ 104.142576][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 105.106114][ T5618] loop0: detected capacity change from 0 to 40427 [ 105.182580][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 105.200009][ T5618] F2FS-fs (loop0): invalid crc value [ 105.262652][ T5618] F2FS-fs (loop0): Found nat_bits in checkpoint [ 105.350962][ T5668] loop4: detected capacity change from 0 to 32768 [ 105.364457][ T5687] netlink: 28 bytes leftover after parsing attributes in process `syz.1.527'. [ 105.445346][ T5618] F2FS-fs (loop0): Start checkpoint disabled! [ 105.482924][ T5668] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.520 (5668) [ 105.515659][ T5618] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 105.575072][ T5668] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 105.608347][ T5668] BTRFS info (device loop4): using free space tree [ 105.644013][ T5668] BTRFS info (device loop4): has skinny extents [ 105.862127][ T5668] BTRFS info (device loop4): enabling ssd optimizations [ 105.932733][ T447] attempt to access beyond end of device [ 105.932733][ T447] loop0: rw=2049, want=40968, limit=40427 [ 106.222569][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 106.222912][ T5723] loop1: detected capacity change from 0 to 64 [ 107.251997][ T5737] loop3: detected capacity change from 0 to 40427 [ 107.262559][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 107.360422][ T5737] F2FS-fs (loop3): invalid crc value [ 107.384573][ T5771] loop2: detected capacity change from 0 to 64 [ 107.400202][ T5737] F2FS-fs (loop3): Found nat_bits in checkpoint [ 107.440389][ T5769] netlink: 28 bytes leftover after parsing attributes in process `syz.4.551'. [ 107.459721][ T5769] netlink: 28 bytes leftover after parsing attributes in process `syz.4.551'. [ 107.491191][ T5769] device batadv0 entered promiscuous mode [ 107.501621][ T5769] device gretap0 entered promiscuous mode [ 107.541071][ T1497] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready [ 107.611480][ T5737] F2FS-fs (loop3): Start checkpoint disabled! [ 107.653865][ T5737] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 107.746147][ T5777] loop2: detected capacity change from 0 to 64 [ 108.133292][ T5761] loop0: detected capacity change from 0 to 32768 [ 108.201348][ T5761] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.547 (5761) [ 108.302947][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 108.310862][ T5761] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 108.349144][ T5761] BTRFS info (device loop0): using free space tree [ 108.376388][ T5761] BTRFS info (device loop0): has skinny extents [ 108.442677][ T5496] attempt to access beyond end of device [ 108.442677][ T5496] loop3: rw=2049, want=40968, limit=40427 [ 108.726919][ T5806] loop1: detected capacity change from 0 to 64 [ 108.902629][ T5761] BTRFS info (device loop0): enabling ssd optimizations [ 108.985896][ T5821] netlink: 12 bytes leftover after parsing attributes in process `syz.4.565'. [ 109.342613][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 109.919312][ T5852] netlink: 24 bytes leftover after parsing attributes in process `syz.3.577'. [ 110.085393][ T5855] device bridge0 entered promiscuous mode [ 110.091733][ T5855] device macvlan2 entered promiscuous mode [ 110.382587][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 110.385185][ T5867] netlink: 28 bytes leftover after parsing attributes in process `syz.4.582'. [ 110.527954][ T5830] loop2: detected capacity change from 0 to 40427 [ 110.600068][ T5830] F2FS-fs (loop2): invalid crc value [ 110.626519][ T5830] F2FS-fs (loop2): Found nat_bits in checkpoint [ 110.637222][ T5876] netlink: 'syz.4.586': attribute type 1 has an invalid length. [ 110.742486][ T5878] netlink: 8 bytes leftover after parsing attributes in process `syz.4.586'. [ 110.856054][ T5878] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 110.899817][ T5830] F2FS-fs (loop2): Start checkpoint disabled! [ 110.914685][ T5878] bond1: (slave batadv1): Enslaving as a backup interface with an up link [ 110.970545][ T5830] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 111.024553][ T5876] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 111.085601][ T5876] bond1 (unregistering): Released all slaves [ 111.164550][ T5871] loop0: detected capacity change from 0 to 32768 [ 111.172890][ T5893] netlink: 8 bytes leftover after parsing attributes in process `syz.3.589'. [ 111.186496][ T5893] netlink: 4 bytes leftover after parsing attributes in process `syz.3.589'. [ 111.232865][ T5871] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.584 (5871) [ 111.344687][ T5871] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 111.392489][ T5871] BTRFS info (device loop0): using free space tree [ 111.399168][ T5871] BTRFS info (device loop0): has skinny extents [ 111.408378][ T5903] loop1: detected capacity change from 0 to 64 [ 111.422572][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 111.723557][ T9] attempt to access beyond end of device [ 111.723557][ T9] loop2: rw=2049, want=40968, limit=40427 [ 111.841244][ T5871] BTRFS info (device loop0): enabling ssd optimizations [ 112.462643][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 112.748710][ T5951] netlink: 24 bytes leftover after parsing attributes in process `syz.4.608'. [ 113.158360][ T5969] loop3: detected capacity change from 0 to 64 [ 113.502562][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 113.621673][ T5983] netlink: 40 bytes leftover after parsing attributes in process `syz.0.621'. [ 113.671841][ T5983] netlink: 40 bytes leftover after parsing attributes in process `syz.0.621'. [ 113.740566][ T5985] netlink: 24 bytes leftover after parsing attributes in process `syz.4.622'. [ 114.035005][ T5947] loop1: detected capacity change from 0 to 40427 [ 114.089511][ T6001] loop3: detected capacity change from 0 to 64 [ 114.131489][ T5947] F2FS-fs (loop1): invalid crc value [ 114.145797][ T5947] F2FS-fs (loop1): Found nat_bits in checkpoint [ 114.227978][ T5971] loop2: detected capacity change from 0 to 32768 [ 114.318573][ T5971] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.615 (5971) [ 114.321070][ T5947] F2FS-fs (loop1): Start checkpoint disabled! [ 114.402630][ T5947] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 114.404724][ T5971] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 114.458869][ T5971] BTRFS info (device loop2): using free space tree [ 114.484533][ T5971] BTRFS info (device loop2): has skinny extents [ 114.542575][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 114.754137][ T5971] BTRFS info (device loop2): enabling ssd optimizations [ 114.896984][ T6048] vxcan1: tx address claim with different name [ 114.969177][ T9] attempt to access beyond end of device [ 114.969177][ T9] loop1: rw=2049, want=40968, limit=40427 [ 115.369224][ T6055] xt_CT: No such helper "snmp" [ 115.583168][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 115.613930][ T6071] __nla_validate_parse: 3 callbacks suppressed [ 115.613948][ T6071] netlink: 4 bytes leftover after parsing attributes in process `syz.0.648'. [ 115.693819][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 115.722859][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 115.771906][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 115.793137][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 115.982865][ T6073] netlink: 40 bytes leftover after parsing attributes in process `syz.0.648'. [ 116.020908][ T6087] netlink: 24 bytes leftover after parsing attributes in process `syz.1.638'. [ 116.519050][ T6107] netlink: 8 bytes leftover after parsing attributes in process `syz.2.662'. [ 116.623276][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 116.654289][ T6111] netlink: 'syz.3.664': attribute type 3 has an invalid length. [ 116.783739][ T6117] loop2: detected capacity change from 0 to 64 [ 116.828461][ T6079] loop4: detected capacity change from 0 to 32768 [ 116.970408][ T6079] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.651 (6079) [ 116.994217][ T6126] netlink: 'syz.1.671': attribute type 4 has an invalid length. [ 117.110873][ T6079] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 117.172964][ T6079] BTRFS info (device loop4): using free space tree [ 117.183106][ T6079] BTRFS info (device loop4): has skinny extents [ 117.243875][ T6135] netlink: 'syz.3.675': attribute type 10 has an invalid length. [ 117.283304][ T6135] device syz_tun entered promiscuous mode [ 117.415716][ T6135] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 117.568417][ T6079] BTRFS info (device loop4): enabling ssd optimizations [ 117.662677][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 117.921904][ T6176] netlink: 24 bytes leftover after parsing attributes in process `syz.2.685'. [ 117.960939][ T6181] netlink: 'syz.1.684': attribute type 4 has an invalid length. [ 118.138667][ T6189] syz.3.689 sent an empty control message without MSG_MORE. [ 118.580702][ T6211] netlink: 24 bytes leftover after parsing attributes in process `syz.4.698'. [ 118.702598][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 119.034784][ T6223] netlink: 8 bytes leftover after parsing attributes in process `syz.1.704'. [ 119.111503][ T6231] netlink: 'syz.2.707': attribute type 21 has an invalid length. [ 119.147542][ T6232] device veth1_virt_wifi entered promiscuous mode [ 119.520747][ T6244] netlink: 24 bytes leftover after parsing attributes in process `syz.3.713'. [ 119.719864][ T6204] loop0: detected capacity change from 0 to 32768 [ 119.742655][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 119.800634][ T6204] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.694 (6204) [ 119.889132][ T6204] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 119.952487][ T6204] BTRFS info (device loop0): using free space tree [ 119.978617][ T6204] BTRFS info (device loop0): has skinny extents [ 120.042326][ T6257] device syzkaller0 entered promiscuous mode [ 120.310282][ T6278] 8021q: VLANs not supported on hsr0 [ 120.321514][ T6204] BTRFS info (device loop0): enabling ssd optimizations [ 120.551173][ T6300] netlink: 24 bytes leftover after parsing attributes in process `syz.3.728'. [ 120.569262][ T6297] Cannot find set identified by id 0 to match [ 120.782703][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 121.346268][ T6321] netlink: 8 bytes leftover after parsing attributes in process `syz.3.737'. [ 121.558190][ T6337] siw: device registration error -23 [ 121.822796][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 121.928671][ T6361] netlink: 8 bytes leftover after parsing attributes in process `syz.4.754'. [ 121.970042][ T6361] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 122.018306][ T6366] netlink: 4 bytes leftover after parsing attributes in process `syz.4.754'. [ 122.056267][ T6366] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 122.322706][ T6385] netlink: 'syz.3.765': attribute type 10 has an invalid length. [ 122.364109][ T6388] loop2: detected capacity change from 0 to 64 [ 122.508833][ T6394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.770'. [ 122.562273][ T6394] device bridge_slave_1 left promiscuous mode [ 122.572667][ T6334] loop1: detected capacity change from 0 to 32768 [ 122.579128][ T6394] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.595041][ T6394] device bridge_slave_0 left promiscuous mode [ 122.606103][ T6334] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.741 (6334) [ 122.610679][ T6394] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.693630][ T6405] loop4: detected capacity change from 0 to 64 [ 122.738851][ T6334] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 122.775086][ T6334] BTRFS info (device loop1): using free space tree [ 122.802927][ T6334] BTRFS info (device loop1): has skinny extents [ 122.862565][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 123.104706][ T6429] netlink: 'syz.2.780': attribute type 10 has an invalid length. [ 123.155496][ T6429] device syz_tun entered promiscuous mode [ 123.188103][ T6429] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 123.191656][ T6436] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 123.347810][ T6334] BTRFS info (device loop1): enabling ssd optimizations [ 123.464150][ T6456] loop4: detected capacity change from 0 to 64 [ 123.621580][ T6468] loop2: detected capacity change from 0 to 64 [ 123.885510][ T6478] ieee802154 phy0 wpan0: encryption failed: -22 [ 123.903175][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 124.248545][ T6490] netlink: 24 bytes leftover after parsing attributes in process `syz.4.808'. [ 124.327694][ T6499] loop3: detected capacity change from 0 to 64 [ 124.454349][ T6503] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 124.498521][ T6503] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 124.533248][ T6508] netlink: 20 bytes leftover after parsing attributes in process `syz.4.817'. [ 124.730776][ T6517] Cannot find set identified by id 0 to match [ 124.928329][ T6525] loop3: detected capacity change from 0 to 64 [ 124.935172][ T6530] netlink: 24 bytes leftover after parsing attributes in process `syz.1.824'. [ 124.944027][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 125.088752][ T6534] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 125.402046][ T6495] loop0: detected capacity change from 0 to 32768 [ 125.519187][ T6495] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.810 (6495) [ 125.536666][ T6554] netlink: 24 bytes leftover after parsing attributes in process `syz.4.838'. [ 125.567177][ T6557] loop3: detected capacity change from 0 to 64 [ 125.580368][ T6495] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 125.603893][ T6495] BTRFS info (device loop0): using free space tree [ 125.610468][ T6495] BTRFS info (device loop0): has skinny extents [ 125.866340][ T6581] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 125.900587][ T6495] BTRFS info (device loop0): enabling ssd optimizations [ 125.982604][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 126.197279][ T6601] loop4: detected capacity change from 0 to 64 [ 126.302919][ T6603] netlink: 36 bytes leftover after parsing attributes in process `syz.1.853'. [ 127.022584][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 127.161929][ T6643] loop2: detected capacity change from 0 to 64 [ 127.410780][ T6651] netlink: 24 bytes leftover after parsing attributes in process `syz.4.875'. [ 127.493132][ T6653] device vlan2 entered promiscuous mode [ 127.531421][ T6623] loop1: detected capacity change from 0 to 32768 [ 127.569588][ T6653] netlink: 4 bytes leftover after parsing attributes in process `syz.3.877'. [ 127.601206][ T6623] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.862 (6623) [ 127.686297][ T6623] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 127.701883][ T6623] BTRFS info (device loop1): using free space tree [ 127.724296][ T6623] BTRFS info (device loop1): has skinny extents [ 127.774753][ T6653] device hsr_slave_1 left promiscuous mode [ 127.943843][ T6679] loop2: detected capacity change from 0 to 1024 [ 128.062562][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 128.088379][ T6679] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.111241][ T6623] BTRFS info (device loop1): enabling ssd optimizations [ 128.118443][ T6679] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.174980][ T6693] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.206169][ T6693] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.282736][ T6679] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.290071][ T6679] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.342979][ T6696] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.365015][ T6696] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.386157][ T6703] loop4: detected capacity change from 0 to 64 [ 128.398650][ T6693] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.422376][ T6693] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.450879][ T6679] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.492157][ T6679] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.524055][ T6693] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.551399][ T6693] hfsplus: request for non-existent node 33423360 in B*Tree [ 128.798126][ T6710] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 128.936763][ T6717] netlink: 24 bytes leftover after parsing attributes in process `syz.4.889'. [ 129.102550][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 129.185146][ T6734] loop4: detected capacity change from 0 to 64 [ 129.207154][ T6732] netlink: 'syz.0.896': attribute type 10 has an invalid length. [ 129.223615][ T6736] loop1: detected capacity change from 0 to 64 [ 129.230872][ T6732] device syz_tun entered promiscuous mode [ 129.284034][ T6732] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 130.142563][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 130.216955][ T6731] loop2: detected capacity change from 0 to 32768 [ 130.309401][ T6731] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.897 (6731) [ 130.367862][ T6731] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 130.377398][ T6731] BTRFS info (device loop2): using free space tree [ 130.405262][ T6731] BTRFS info (device loop2): has skinny extents [ 130.647632][ T6777] loop1: detected capacity change from 0 to 64 [ 130.690373][ T6782] loop4: detected capacity change from 0 to 64 [ 130.737743][ T6731] BTRFS info (device loop2): enabling ssd optimizations [ 131.182563][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 131.740024][ T6813] loop1: detected capacity change from 0 to 64 [ 131.814791][ T6815] loop2: detected capacity change from 0 to 64 [ 132.218338][ T6822] netlink: 4 bytes leftover after parsing attributes in process `syz.1.929'. [ 132.222633][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 132.253488][ T6822] netlink: 'syz.1.929': attribute type 1 has an invalid length. [ 132.625146][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.631663][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.710587][ T6792] loop4: detected capacity change from 0 to 32768 [ 132.794900][ T6792] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 132.804049][ T6840] netlink: 'syz.1.936': attribute type 10 has an invalid length. [ 132.842914][ T6792] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 132.850656][ T6840] device syz_tun entered promiscuous mode [ 132.880516][ T6823] loop2: detected capacity change from 0 to 32768 [ 132.909354][ T6840] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 132.920820][ T6792] gfs2: fsid=syz:syz.s: journal 0 mapped with 16 extents in 0ms [ 133.012565][ T6823] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.928 (6823) [ 133.093841][ T6823] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 133.122530][ T6823] BTRFS info (device loop2): using free space tree [ 133.129087][ T6823] BTRFS info (device loop2): has skinny extents [ 133.197672][ T6846] loop1: detected capacity change from 0 to 64 [ 133.203450][ T6792] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 133.262734][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 133.366763][ T6792] gfs2: fsid=syz:syz.s: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 133.402517][ T6792] gfs2: fsid=syz:syz.s: fatal: filesystem consistency error [ 133.402517][ T6792] inode = 12 2341 [ 133.402517][ T6792] function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602 [ 133.522608][ T6792] gfs2: fsid=syz:syz.s: about to withdraw this file system [ 133.529860][ T6792] gfs2: fsid=syz:syz.s: Journal recovery skipped for jid 0 until next mount. [ 133.539132][ T6792] gfs2: fsid=syz:syz.s: Glock dequeues delayed: 0 [ 133.546188][ T6792] gfs2: fsid=syz:syz.s: File system withdrawn [ 133.560564][ T6792] CPU: 0 PID: 6792 Comm: syz.4.916 Not tainted 5.15.171-syzkaller #0 [ 133.568678][ T6792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 133.578758][ T6792] Call Trace: [ 133.582059][ T6792] [ 133.585007][ T6792] dump_stack_lvl+0x1e3/0x2d0 [ 133.589712][ T6792] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 133.595368][ T6792] ? panic+0x860/0x860 [ 133.599466][ T6792] ? do_raw_spin_unlock+0x137/0x8b0 [ 133.604698][ T6792] gfs2_withdraw+0xe9e/0x14e0 [ 133.609436][ T6792] ? gfs2_lm+0x230/0x230 [ 133.613699][ T6792] ? gfs2_dirent_scan+0x276/0x640 [ 133.619016][ T6792] ? panic+0x860/0x860 [ 133.623114][ T6792] ? gfs2_consist_inode_i+0xc0/0xe0 [ 133.628340][ T6792] gfs2_dirent_scan+0x512/0x640 [ 133.633220][ T6792] ? gfs2_permission+0x331/0x4d0 [ 133.638183][ T6792] ? gfs2_dirent_search+0x8c0/0x8c0 [ 133.643849][ T6792] gfs2_dirent_search+0x30a/0x8c0 [ 133.648915][ T6792] ? gfs2_dirent_search+0x8c0/0x8c0 [ 133.654133][ T6792] ? generic_permission+0x21c/0x4f0 [ 133.659384][ T6792] ? gfs2_dir_search+0x2f0/0x2f0 [ 133.664349][ T6792] ? gfs2_permission+0x3fd/0x4d0 [ 133.669319][ T6792] gfs2_dir_search+0xae/0x2f0 [ 133.674019][ T6792] ? do_filldir_main+0x520/0x520 [ 133.678982][ T6792] ? gfs2_glock_wait+0x137/0x1c0 [ 133.683947][ T6792] gfs2_lookupi+0x45b/0x5e0 [ 133.688476][ T6792] ? gfs2_lookup_simple+0x170/0x170 [ 133.693718][ T6792] ? gfs2_lookupi+0x3f7/0x5e0 [ 133.698414][ T6792] ? read_lock_is_recursive+0x10/0x10 [ 133.703801][ T6792] ? d_alloc+0x194/0x1d0 [ 133.708092][ T6792] __gfs2_lookup+0xa0/0x270 [ 133.712624][ T6792] ? gfs2_atomic_open+0x220/0x220 [ 133.717681][ T6792] ? _raw_spin_unlock+0x24/0x40 [ 133.722569][ T6792] ? d_alloc+0x194/0x1d0 [ 133.726853][ T6792] lookup_one_qstr_excl+0x117/0x240 [ 133.732084][ T6792] filename_create+0x293/0x530 [ 133.737138][ T6792] ? kern_path_create+0x180/0x180 [ 133.742207][ T6792] ? __virt_addr_valid+0x3bb/0x460 [ 133.747460][ T6792] do_mkdirat+0xb3/0x520 [ 133.751728][ T6792] ? vfs_mkdir+0x590/0x590 [ 133.756166][ T6792] ? getname_flags+0x1ec/0x4e0 [ 133.760958][ T6792] ? lockdep_hardirqs_on+0x94/0x130 [ 133.766181][ T6792] __x64_sys_mkdir+0x6a/0x80 [ 133.770802][ T6792] do_syscall_64+0x3b/0xb0 [ 133.775242][ T6792] ? clear_bhb_loop+0x15/0x70 [ 133.780026][ T6792] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 133.785941][ T6792] RIP: 0033:0x7f959e942719 [ 133.790374][ T6792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.809992][ T6792] RSP: 002b:00007f959cdba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 133.818434][ T6792] RAX: ffffffffffffffda RBX: 00007f959eaf9f80 RCX: 00007f959e942719 [ 133.826419][ T6792] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200003c0 [ 133.834579][ T6792] RBP: 00007f959e9b5616 R08: 0000000000000000 R09: 0000000000000000 [ 133.842561][ T6792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 133.850548][ T6792] R13: 0000000000000000 R14: 00007f959eaf9f80 R15: 00007ffd9a49a638 [ 133.858553][ T6792] [ 133.866133][ T6865] loop0: detected capacity change from 0 to 64 [ 133.888079][ T6823] BTRFS info (device loop2): enabling ssd optimizations [ 134.302565][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 134.703713][ T6887] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 134.824996][ T6891] netlink: 24 bytes leftover after parsing attributes in process `syz.2.945'. [ 135.284762][ T6915] netlink: 4 bytes leftover after parsing attributes in process `syz.4.960'. [ 135.342585][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 135.467942][ T6927] netlink: 24 bytes leftover after parsing attributes in process `syz.0.965'. [ 135.629148][ T6936] loop4: detected capacity change from 0 to 64 [ 136.382554][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 136.476494][ T6975] netlink: 76 bytes leftover after parsing attributes in process `syz.0.984'. [ 136.990621][ T6998] loop3: detected capacity change from 0 to 64 [ 137.422596][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 137.970114][ T7034] loop4: detected capacity change from 0 to 64 [ 138.018171][ T7038] netlink: 'syz.0.1007': attribute type 10 has an invalid length. [ 138.462551][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 138.659992][ T7065] netlink: 'syz.1.1018': attribute type 10 has an invalid length. [ 138.665250][ T7061] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1017'. [ 138.676555][ T7067] loop3: detected capacity change from 0 to 64 [ 139.239564][ T7098] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1033'. [ 139.260343][ T7096] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1032'. [ 139.355141][ T7096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1032'. [ 139.477649][ T7107] loop3: detected capacity change from 0 to 64 [ 139.502580][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 139.670113][ T7111] netlink: 'syz.4.1039': attribute type 1 has an invalid length. [ 139.810583][ T7116] bond1 (unregistering): Released all slaves [ 140.079308][ T7128] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1045'. [ 140.318129][ T7141] loop4: detected capacity change from 0 to 64 [ 140.542594][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 140.558586][ T7143] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1052'. [ 140.568023][ T7143] 8021q: VLANs not supported on lo [ 141.145259][ T7163] loop3: detected capacity change from 0 to 64 [ 141.199692][ T7165] netlink: 'syz.4.1062': attribute type 10 has an invalid length. [ 141.228652][ T7165] device syz_tun entered promiscuous mode [ 141.300241][ T7165] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 141.582555][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 141.720468][ T7192] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 141.816384][ T7200] loop3: detected capacity change from 0 to 64 [ 141.880704][ T7204] netlink: 'syz.1.1078': attribute type 10 has an invalid length. [ 142.357649][ T4172] bond0: (slave syz_tun): Releasing backup interface [ 142.622590][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 142.671986][ T7233] loop2: detected capacity change from 0 to 64 [ 143.027198][ T7246] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1096'. [ 143.205662][ T7251] netlink: 'syz.3.1099': attribute type 1 has an invalid length. [ 143.329943][ T7256] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1099'. [ 143.391736][ T7256] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 143.417550][ T7256] bond1: (slave batadv1): Enslaving as a backup interface with an up link [ 143.509101][ T7257] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 143.554993][ T7257] bond1 (unregistering): Released all slaves [ 143.614325][ T7239] chnl_net:caif_netlink_parms(): no params data found [ 143.662969][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 143.932960][ T7280] loop2: detected capacity change from 0 to 64 [ 144.033045][ T7239] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.077461][ T7239] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.111950][ T7239] device bridge_slave_0 entered promiscuous mode [ 144.128136][ T7239] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.143426][ T7239] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.163554][ T7239] device bridge_slave_1 entered promiscuous mode [ 144.287866][ T7239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 144.337079][ T7239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 144.437074][ T7239] team0: Port device team_slave_0 added [ 144.454420][ T7239] team0: Port device team_slave_1 added [ 144.505221][ T7239] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 144.522457][ T7239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.555501][ T7239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 144.578480][ T7239] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 144.591637][ T7239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.627492][ T7239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 144.702561][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 144.758808][ T7239] device hsr_slave_0 entered promiscuous mode [ 144.769161][ T7239] device hsr_slave_1 entered promiscuous mode [ 144.785413][ T7239] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 144.795397][ T7239] Cannot create hsr debugfs directory [ 144.863403][ T5740] Bluetooth: hci4: command 0x0409 tx timeout [ 145.003385][ T7239] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.121296][ T7239] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.260547][ T7239] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.409194][ T7239] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.586260][ T7315] bond0: ARP monitoring cannot be used with MII monitoring [ 145.680363][ T7319] loop2: detected capacity change from 0 to 64 [ 145.704699][ T7239] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 145.742580][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 145.745762][ T7239] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 145.823678][ T7239] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 145.854621][ T7321] netlink: 'syz.3.1122': attribute type 1 has an invalid length. [ 145.890460][ T7239] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 145.909486][ T7323] device bond1 entered promiscuous mode [ 145.915843][ T7323] 8021q: adding VLAN 0 to HW filter on device bond1 [ 146.125841][ T7239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 146.160465][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 146.174965][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 146.190475][ T7239] 8021q: adding VLAN 0 to HW filter on device team0 [ 146.207389][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.218279][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.229067][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.236284][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 146.257765][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 146.267533][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.277370][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.288370][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.295547][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 146.323951][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 146.347239][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 146.382573][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 146.409268][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 146.420741][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.430660][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.460002][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 146.479033][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 146.506293][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 146.532648][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 146.547600][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 146.575571][ T7239] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 146.782581][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 146.952524][ T5739] Bluetooth: hci4: command 0x041b tx timeout [ 146.998804][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 147.013324][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 147.048091][ T7239] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.112660][ T7356] loop0: detected capacity change from 0 to 64 [ 147.136979][ T1497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 147.147783][ T7355] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1134'. [ 147.173355][ T1497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 147.265681][ T1497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 147.303294][ T1497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 147.348230][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 147.363464][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 147.383451][ T7239] device veth0_vlan entered promiscuous mode [ 147.457247][ T7239] device veth1_vlan entered promiscuous mode [ 147.508842][ T1497] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 147.543382][ T1497] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 147.551732][ T1497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 147.604997][ T1497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 147.625506][ T7239] device veth0_macvtap entered promiscuous mode [ 147.648356][ T7239] device veth1_macvtap entered promiscuous mode [ 147.700846][ T7239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 147.724003][ T7239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.746385][ T7239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 147.763655][ T7239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.780982][ T7239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 147.802139][ T7239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.822603][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 147.830765][ T7239] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 147.852663][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 147.861716][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 147.877918][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 147.907724][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 147.923401][ T7239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 147.936774][ T7239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.968394][ T7239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 147.979309][ T7239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.995889][ T7239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 148.008498][ T7239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.018770][ T7239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 148.029631][ T7239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 148.041305][ T7239] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 148.054921][ T7381] netlink: 'syz.0.1142': attribute type 1 has an invalid length. [ 148.076430][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 148.085785][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 148.098136][ T7382] netlink: 'syz.4.1141': attribute type 10 has an invalid length. [ 148.124081][ T7383] bond1 (unregistering): Released all slaves [ 148.197955][ T7239] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.207447][ T7239] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.216967][ T7239] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.233383][ T7239] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.434423][ T7399] loop4: detected capacity change from 0 to 64 [ 148.441982][ T7394] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1146'. [ 148.459679][ T5496] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 148.489682][ T5496] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.522609][ T5496] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 148.559580][ T5496] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 148.571958][ T5496] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.610706][ T1497] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 148.862634][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 149.023749][ T5741] Bluetooth: hci4: command 0x040f tx timeout [ 149.285907][ T7438] loop1: detected capacity change from 0 to 64 [ 149.639786][ T7448] sctp: [Deprecated]: syz.3.1167 (pid 7448) Use of int in maxseg socket option. [ 149.639786][ T7448] Use struct sctp_assoc_value instead [ 149.902595][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 149.959099][ T7461] netlink: 'syz.4.1173': attribute type 1 has an invalid length. [ 150.411920][ T7484] tipc: Started in network mode [ 150.432846][ T7484] tipc: Node identity 5ef3cf3a5cff, cluster identity 4711 [ 150.448625][ T7484] tipc: Enabled bearer , priority 0 [ 150.512020][ T7482] tipc: Resetting bearer [ 150.613630][ T7482] tipc: Disabling bearer [ 150.771781][ T7498] netlink: 'syz.1.1189': attribute type 1 has an invalid length. [ 150.909844][ T7505] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1193'. [ 150.942630][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 150.956223][ T7510] netlink: 'syz.3.1194': attribute type 1 has an invalid length. [ 151.047199][ T7510] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1194'. [ 151.071706][ T7516] bond2 (unregistering): Released all slaves [ 151.112639][ T4217] Bluetooth: hci4: command 0x0419 tx timeout [ 151.204763][ T7521] device netdevsim0 left promiscuous mode [ 151.313624][ T7530] netlink: 'syz.2.1202': attribute type 1 has an invalid length. [ 151.864545][ T7564] netlink: 'syz.1.1214': attribute type 1 has an invalid length. [ 151.911794][ T7564] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1214'. [ 151.982568][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 151.982713][ T7568] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 152.194722][ T7568] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 152.254345][ T7572] device vlan2 entered promiscuous mode [ 152.259948][ T7572] device dummy0 entered promiscuous mode [ 152.281691][ T7572] device dummy0 left promiscuous mode [ 153.016083][ T7607] loop1: detected capacity change from 0 to 64 [ 153.022590][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 153.154388][ T7610] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1232'. [ 154.017088][ T7638] loop3: detected capacity change from 0 to 64 [ 154.062631][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 154.328670][ T7637] xt_CT: You must specify a L4 protocol and not use inversions on it [ 154.481597][ T7645] netlink: 'syz.3.1247': attribute type 1 has an invalid length. [ 154.651149][ T7646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1247'. [ 154.746286][ T7651] bond2 (unregistering): Released all slaves [ 155.102599][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 155.120755][ T7671] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 155.304351][ T7680] loop1: detected capacity change from 0 to 64 [ 155.761447][ T7670] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1254'. [ 155.825069][ T7695] netlink: 'syz.4.1264': attribute type 1 has an invalid length. [ 155.949632][ T7697] device bridge1 entered promiscuous mode [ 155.983678][ T7697] team0: Port device bridge1 added [ 155.989725][ T7704] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1264'. [ 156.038882][ T7707] loop2: detected capacity change from 0 to 64 [ 156.100394][ T7695] bond2 (unregistering): Released all slaves [ 156.142554][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 156.226053][ T7711] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 156.279012][ T7711] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 156.310113][ T7711] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 156.467140][ T7721] netlink: 'syz.0.1276': attribute type 1 has an invalid length. [ 156.772587][ T7739] loop0: detected capacity change from 0 to 64 [ 156.827371][ T7741] loop2: detected capacity change from 0 to 64 [ 157.182553][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 157.185628][ T7748] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1284'. [ 157.496900][ T7761] netlink: 'syz.2.1291': attribute type 1 has an invalid length. [ 157.524234][ T7764] loop1: detected capacity change from 0 to 64 [ 157.647560][ T7768] loop0: detected capacity change from 0 to 64 [ 157.661372][ T7773] device bridge1 entered promiscuous mode [ 157.725373][ T7763] xt_CT: You must specify a L4 protocol and not use inversions on it [ 157.735580][ T7773] team0: Port device bridge1 added [ 158.110169][ T7792] netlink: 'syz.4.1304': attribute type 1 has an invalid length. [ 158.223271][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 158.301301][ T7798] bond2 (unregistering): Released all slaves [ 158.351486][ T7802] loop1: detected capacity change from 0 to 64 [ 158.472765][ T7804] netlink: 'syz.0.1309': attribute type 10 has an invalid length. [ 158.614957][ T7808] loop0: detected capacity change from 0 to 64 [ 159.199233][ T7834] netlink: 'syz.1.1320': attribute type 1 has an invalid length. [ 159.262550][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 159.305917][ T7837] netlink: 'syz.4.1321': attribute type 10 has an invalid length. [ 159.336872][ T7838] bond1 (unregistering): Released all slaves [ 159.541525][ T7841] loop4: detected capacity change from 0 to 64 [ 159.543405][ T7800] loop3: detected capacity change from 0 to 32768 [ 159.638168][ T7800] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1308 (7800) [ 159.735419][ T7800] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 159.748633][ T7800] BTRFS info (device loop3): using free space tree [ 159.789921][ T7800] BTRFS info (device loop3): has skinny extents [ 159.964984][ T7869] loop4: detected capacity change from 0 to 64 [ 160.144347][ T7800] BTRFS info (device loop3): enabling ssd optimizations [ 160.302566][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 160.340455][ T7889] netlink: 'syz.0.1333': attribute type 10 has an invalid length. [ 160.852224][ T7899] loop4: detected capacity change from 0 to 64 [ 161.317888][ T7910] netlink: 'syz.4.1342': attribute type 21 has an invalid length. [ 161.342670][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 161.353197][ T7910] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1342'. [ 161.562838][ T7919] netlink: 'syz.3.1345': attribute type 10 has an invalid length. [ 162.003182][ T7930] device wlan0 entered promiscuous mode [ 162.033117][ T7930] device wlan0 left promiscuous mode [ 162.105685][ T7933] loop1: detected capacity change from 0 to 64 [ 162.382546][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 162.467433][ T7939] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 3, id = 0 [ 162.553583][ T7921] loop0: detected capacity change from 0 to 32768 [ 162.626252][ T7921] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1347 (7921) [ 162.685762][ T7921] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 162.726250][ T7921] BTRFS info (device loop0): using free space tree [ 162.742185][ T7921] BTRFS info (device loop0): has skinny extents [ 162.917961][ T7954] netlink: 'syz.1.1359': attribute type 10 has an invalid length. [ 162.926552][ T7954] device syz_tun entered promiscuous mode [ 162.963758][ T7954] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 162.995267][ T7921] BTRFS info (device loop0): enabling ssd optimizations [ 163.057426][ T7923] loop4: detected capacity change from 0 to 32768 [ 163.139227][ T7923] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 163.151629][ T7923] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 163.163271][ T7968] syz_tun: Device is already in use. [ 163.236951][ T7923] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 163.256975][ T4368] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 163.266566][ T4368] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 163.278865][ T7970] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1362'. [ 163.422545][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 163.480706][ T4368] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 214ms [ 163.494628][ T4368] gfs2: fsid=syz:syz.0: jid=0: Done [ 163.513002][ T7923] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 163.762694][ T7986] IPv6: addrconf: prefix option has invalid lifetime [ 163.981603][ T7994] netlink: 'syz.1.1368': attribute type 1 has an invalid length. [ 164.327530][ T8005] device wlan0 entered promiscuous mode [ 164.356431][ T8005] device wlan0 left promiscuous mode [ 164.462543][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 164.953457][ T8027] netlink: 'syz.2.1381': attribute type 9 has an invalid length. [ 164.961231][ T8027] netlink: 'syz.2.1381': attribute type 7 has an invalid length. [ 164.989937][ T8027] netlink: 'syz.2.1381': attribute type 8 has an invalid length. [ 165.010462][ T8030] netlink: 'syz.4.1383': attribute type 1 has an invalid length. [ 165.447604][ T8058] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1392'. [ 165.502627][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 165.639750][ T8065] netlink: 'syz.3.1396': attribute type 1 has an invalid length. [ 165.806518][ T8075] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1400'. [ 165.862697][ T8075] netlink: 'syz.4.1400': attribute type 2 has an invalid length. [ 166.127177][ T8093] loop3: detected capacity change from 0 to 64 [ 166.395707][ T8113] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1419'. [ 166.542624][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 166.737204][ T8136] loop0: detected capacity change from 0 to 64 [ 167.075222][ T8145] loop1: detected capacity change from 0 to 512 [ 167.105926][ T8147] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1433'. [ 167.224560][ T8145] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 167.245987][ T8145] UDF-fs: Scanning with blocksize 512 failed [ 167.269036][ T8145] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 167.297745][ T8145] UDF-fs: Scanning with blocksize 1024 failed [ 167.358159][ T8145] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 167.376426][ T8145] UDF-fs: Scanning with blocksize 2048 failed [ 167.423280][ T8145] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 167.454409][ T8145] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 167.523861][ T8155] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 167.535941][ T8155] team0: Device ipvlan2 is already an upper device of the team interface [ 167.582563][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 167.820941][ T8168] netlink: 'syz.3.1442': attribute type 9 has an invalid length. [ 167.845208][ T8168] netlink: 'syz.3.1442': attribute type 7 has an invalid length. [ 167.863388][ T8168] netlink: 'syz.3.1442': attribute type 8 has an invalid length. [ 167.864241][ T8170] loop4: detected capacity change from 0 to 64 [ 168.003240][ T8174] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1445'. [ 168.174483][ T8180] loop2: detected capacity change from 0 to 512 [ 168.228685][ T8180] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 168.272345][ T8180] UDF-fs: Scanning with blocksize 512 failed [ 168.316498][ T8180] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 168.385928][ T8180] UDF-fs: Scanning with blocksize 1024 failed [ 168.431457][ T8180] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 168.463066][ T8180] UDF-fs: Scanning with blocksize 2048 failed [ 168.490782][ T8180] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 168.557429][ T8180] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 168.622601][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 168.796902][ T8210] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1461'. [ 168.851071][ T8213] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1460'. [ 169.250198][ T8235] loop0: detected capacity change from 0 to 64 [ 169.359341][ T8238] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1472'. [ 169.662620][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 170.156409][ T8262] loop3: detected capacity change from 0 to 64 [ 170.256984][ T8266] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1484'. [ 170.702539][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 170.816792][ T8289] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1495'. [ 170.858760][ T8293] loop2: detected capacity change from 0 to 64 [ 170.946876][ T8295] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 171.368753][ T8314] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1506'. [ 171.579287][ T8323] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1509'. [ 171.742585][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 171.968508][ T8351] netlink: 'syz.3.1522': attribute type 1 has an invalid length. [ 172.086683][ T8351] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1522'. [ 172.782609][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 172.852328][ T8397] netlink: 'syz.3.1541': attribute type 1 has an invalid length. [ 173.174124][ T8412] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1547'. [ 173.550696][ T8429] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1554'. [ 173.585571][ T8429] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1554'. [ 173.612459][ T8429] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1554'. [ 173.671255][ T8432] netlink: 'syz.3.1556': attribute type 1 has an invalid length. [ 173.822873][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 174.381231][ T8462] netlink: 'syz.1.1569': attribute type 1 has an invalid length. [ 174.614772][ T8473] netlink: 276 bytes leftover after parsing attributes in process `syz.1.1572'. [ 174.624233][ T8467] netlink: 'syz.3.1570': attribute type 6 has an invalid length. [ 174.632302][ T8467] netlink: 'syz.3.1570': attribute type 7 has an invalid length. [ 174.723099][ T8467] netlink: 'syz.3.1570': attribute type 8 has an invalid length. [ 174.863125][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 175.358399][ T8501] device bridge3 entered promiscuous mode [ 175.730902][ T8524] netlink: 'syz.4.1592': attribute type 4 has an invalid length. [ 175.804574][ T8524] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1592'. [ 175.828328][ T8532] device bridge2 entered promiscuous mode [ 175.902526][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 176.005882][ T8550] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1603'. [ 176.042530][ T8550] bond0: option use_carrier: invalid value (16) [ 176.125796][ T8556] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1605'. [ 176.942536][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 177.067039][ T8594] __nla_validate_parse: 1 callbacks suppressed [ 177.067061][ T8594] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1619'. [ 177.393266][ T8606] process 'syz.2.1624' launched './file1' with NULL argv: empty string added [ 177.469235][ T8610] loop1: detected capacity change from 0 to 64 [ 177.564992][ T8611] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1626'. [ 177.765097][ T8619] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (16) [ 177.859840][ T8621] netlink: 'syz.3.1631': attribute type 1 has an invalid length. [ 177.904513][ T8625] loop4: detected capacity change from 0 to 64 [ 177.948199][ T8624] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1632'. [ 177.982529][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 178.019912][ T8629] NILFS (nbd2): device size too small [ 178.325262][ T8639] netlink: 'syz.2.1637': attribute type 4 has an invalid length. [ 178.401537][ T8639] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1637'. [ 178.604689][ T8649] loop2: detected capacity change from 0 to 64 [ 178.853912][ T8652] gfs2: not a GFS2 filesystem [ 179.022548][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 179.036609][ T8656] netlink: 'syz.1.1645': attribute type 1 has an invalid length. [ 179.331681][ T8662] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1646'. [ 179.469224][ T8671] loop4: detected capacity change from 0 to 64 [ 179.662786][ T13] Bluetooth: hci3: command 0x201b tx timeout [ 179.758077][ T8681] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1656'. [ 179.965273][ T8694] netlink: 'syz.4.1657': attribute type 1 has an invalid length. [ 180.062538][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 180.243966][ T8704] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1663'. [ 180.321103][ T8704] bridge4: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 180.353607][ T8704] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 180.395225][ T8704] device bridge4 entered promiscuous mode [ 180.418380][ T8712] loop3: detected capacity change from 0 to 64 [ 180.428905][ T8707] device bond0 entered promiscuous mode [ 180.448158][ T8707] device bond_slave_0 entered promiscuous mode [ 180.461521][ T8707] device bond_slave_1 entered promiscuous mode [ 180.502566][ T8707] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 180.511811][ T8707] device bond0 left promiscuous mode [ 180.527647][ T8707] device bond_slave_0 left promiscuous mode [ 180.562933][ T8707] device bond_slave_1 left promiscuous mode [ 180.621408][ T8717] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1670'. [ 180.831302][ T8729] netlink: 'syz.1.1673': attribute type 10 has an invalid length. [ 180.994277][ T8739] loop0: detected capacity change from 0 to 64 [ 181.102540][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 181.257043][ T8745] device bridge0 entered promiscuous mode [ 181.302575][ T13] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 181.332985][ T8745] team0: Port device bridge0 added [ 181.451314][ T8728] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1674'. [ 181.552524][ T13] usb 2-1: Using ep0 maxpacket: 16 [ 181.673026][ T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.718157][ T8770] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1693'. [ 181.718211][ T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 181.738219][ T13] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 181.751680][ T13] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 181.777402][ T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.799257][ T13] usb 2-1: config 0 descriptor?? [ 181.886601][ T21] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 182.142577][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 182.172814][ T21] usb 4-1: Using ep0 maxpacket: 16 [ 182.285514][ T13] hid-generic 0003:0955:7214.0003: unknown main item tag 0x0 [ 182.306032][ T13] hid-generic 0003:0955:7214.0003: unknown main item tag 0x0 [ 182.332359][ T13] hid-generic 0003:0955:7214.0003: unknown main item tag 0x0 [ 182.372611][ T13] hid-generic 0003:0955:7214.0003: unknown main item tag 0x0 [ 182.380141][ T13] hid-generic 0003:0955:7214.0003: unknown main item tag 0x0 [ 182.444387][ T13] hid-generic 0003:0955:7214.0003: hidraw0: USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0 [ 182.512896][ T21] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 182.513223][ T13] usb 2-1: USB disconnect, device number 3 [ 182.532250][ T21] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 182.573674][ T21] usb 4-1: Product: syz [ 182.591886][ T21] usb 4-1: Manufacturer: syz [ 182.612504][ T21] usb 4-1: SerialNumber: syz [ 182.647965][ T21] r8152-cfgselector 4-1: config 0 descriptor?? [ 182.952583][ T21] r8152-cfgselector 4-1: Unknown version 0x0000 [ 182.982787][ T21] r8152-cfgselector 4-1: Unknown version 0x0000 [ 182.989488][ T21] r8152-cfgselector 4-1: bad CDC descriptors [ 183.052837][ T21] r8152-cfgselector 4-1: Unknown version 0x0000 [ 183.070687][ T21] r8152-cfgselector 4-1: USB disconnect, device number 2 [ 183.182691][ C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 183.556403][ T8828] kAFS: unparsable volume name [ 183.777111][ T8837] program syz.3.1721 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 183.838972][ T4184] ------------[ cut here ]------------ [ 183.845220][ T4184] WARNING: CPU: 0 PID: 4184 at net/bluetooth/hci_conn.c:443 hci_conn_timeout+0x250/0x450 [ 183.856585][ T4184] Modules linked in: [ 183.860530][ T4184] CPU: 0 PID: 4184 Comm: kworker/u5:7 Not tainted 5.15.171-syzkaller #0 [ 183.869341][ T4184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 183.880591][ T4184] Workqueue: hci2 hci_conn_timeout [ 183.887719][ T4184] RIP: 0010:hci_conn_timeout+0x250/0x450 [ 183.893655][ T4184] Code: e9 8d e8 d3 d0 77 f8 48 8b 35 64 ec 96 04 bf 08 00 00 00 48 89 da 5b 41 5c 41 5d 41 5e 41 5f 5d e9 d5 48 00 f8 e8 20 f9 2d f8 <0f> 0b e9 34 fe ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c dd fd ff [ 183.915413][ T4184] RSP: 0018:ffffc90002fd7c28 EFLAGS: 00010293 [ 183.921559][ T4184] RAX: ffffffff89527a90 RBX: ffff88802b174138 RCX: ffff88802b019dc0 [ 183.929676][ T4184] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000 [ 183.937772][ T4184] RBP: 00000000ffffffff R08: ffffffff895278a1 R09: ffffed100562e803 [ 183.945913][ T4184] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 183.954332][ T4184] R13: ffff88802c188c28 R14: ffff88802b174000 R15: ffff88802c188c18 [ 183.962342][ T4184] FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 183.971408][ T4184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.978103][ T4184] CR2: 00007fb64366d178 CR3: 0000000022b9c000 CR4: 00000000003506f0 [ 183.986393][ T4184] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 183.994564][ T4184] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 184.002663][ T4184] Call Trace: [ 184.005965][ T4184] [ 184.006075][ T8844] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1724'. [ 184.008909][ T4184] ? __warn+0x15b/0x300 [ 184.022068][ T4184] ? hci_conn_timeout+0x250/0x450 [ 184.027342][ T4184] ? report_bug+0x1b7/0x2e0 [ 184.031888][ T4184] ? handle_bug+0x3d/0x70 [ 184.037579][ T4184] ? exc_invalid_op+0x16/0x40 [ 184.042335][ T4184] ? asm_exc_invalid_op+0x16/0x20 [ 184.047487][ T4184] ? hci_conn_timeout+0x61/0x450 [ 184.052914][ T4184] ? hci_conn_timeout+0x250/0x450 [ 184.057981][ T4184] ? hci_conn_timeout+0x250/0x450 [ 184.063213][ T4184] ? hci_conn_timeout+0x250/0x450 [ 184.068273][ T4184] process_one_work+0x8a1/0x10c0 [ 184.073597][ T4184] ? worker_detach_from_pool+0x260/0x260 [ 184.079374][ T4184] ? _raw_spin_lock_irqsave+0x120/0x120 [ 184.085061][ T4184] ? kthread_data+0x4e/0xc0 [ 184.089603][ T4184] ? wq_worker_running+0x97/0x170 [ 184.094774][ T4184] worker_thread+0xaca/0x1280 [ 184.099483][ T4184] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 184.105560][ T4184] kthread+0x3f6/0x4f0 [ 184.109654][ T4184] ? rcu_lock_release+0x20/0x20 [ 184.114601][ T4184] ? kthread_blkcg+0xd0/0xd0 [ 184.119245][ T4184] ret_from_fork+0x1f/0x30 [ 184.123810][ T4184] [ 184.126860][ T4184] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 184.134147][ T4184] CPU: 0 PID: 4184 Comm: kworker/u5:7 Not tainted 5.15.171-syzkaller #0 [ 184.142494][ T4184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 184.152570][ T4184] Workqueue: hci2 hci_conn_timeout [ 184.157715][ T4184] Call Trace: [ 184.161013][ T4184] [ 184.163960][ T4184] dump_stack_lvl+0x1e3/0x2d0 [ 184.168660][ T4184] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 184.174312][ T4184] ? panic+0x860/0x860 [ 184.178633][ T4184] ? hci_conn_timeout+0x1c0/0x450 [ 184.183681][ T4184] ? hci_conn_timeout+0x1c0/0x450 [ 184.188822][ T4184] panic+0x318/0x860 [ 184.192926][ T4184] ? __warn+0x16a/0x300 [ 184.197103][ T4184] ? fb_is_primary_device+0xd0/0xd0 [ 184.202351][ T4184] ? ret_from_fork+0x1f/0x30 [ 184.206977][ T4184] ? hci_conn_timeout+0x250/0x450 [ 184.212245][ T4184] __warn+0x2b2/0x300 [ 184.216259][ T4184] ? hci_conn_timeout+0x250/0x450 [ 184.221305][ T4184] report_bug+0x1b7/0x2e0 [ 184.225668][ T4184] handle_bug+0x3d/0x70 [ 184.229844][ T4184] exc_invalid_op+0x16/0x40 [ 184.234375][ T4184] asm_exc_invalid_op+0x16/0x20 [ 184.239252][ T4184] RIP: 0010:hci_conn_timeout+0x250/0x450 [ 184.244913][ T4184] Code: e9 8d e8 d3 d0 77 f8 48 8b 35 64 ec 96 04 bf 08 00 00 00 48 89 da 5b 41 5c 41 5d 41 5e 41 5f 5d e9 d5 48 00 f8 e8 20 f9 2d f8 <0f> 0b e9 34 fe ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c dd fd ff [ 184.264540][ T4184] RSP: 0018:ffffc90002fd7c28 EFLAGS: 00010293 [ 184.270632][ T4184] RAX: ffffffff89527a90 RBX: ffff88802b174138 RCX: ffff88802b019dc0 [ 184.278714][ T4184] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000 [ 184.286710][ T4184] RBP: 00000000ffffffff R08: ffffffff895278a1 R09: ffffed100562e803 [ 184.294707][ T4184] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 184.302701][ T4184] R13: ffff88802c188c28 R14: ffff88802b174000 R15: ffff88802c188c18 [ 184.310699][ T4184] ? hci_conn_timeout+0x61/0x450 [ 184.315665][ T4184] ? hci_conn_timeout+0x250/0x450 [ 184.320725][ T4184] ? hci_conn_timeout+0x250/0x450 [ 184.325783][ T4184] process_one_work+0x8a1/0x10c0 [ 184.330768][ T4184] ? worker_detach_from_pool+0x260/0x260 [ 184.336435][ T4184] ? _raw_spin_lock_irqsave+0x120/0x120 [ 184.342005][ T4184] ? kthread_data+0x4e/0xc0 [ 184.346526][ T4184] ? wq_worker_running+0x97/0x170 [ 184.351717][ T4184] worker_thread+0xaca/0x1280 [ 184.356401][ T4184] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 184.362412][ T4184] kthread+0x3f6/0x4f0 [ 184.366531][ T4184] ? rcu_lock_release+0x20/0x20 [ 184.371389][ T4184] ? kthread_blkcg+0xd0/0xd0 [ 184.376506][ T4184] ret_from_fork+0x1f/0x30 [ 184.380932][ T4184] [ 184.384255][ T4184] Kernel Offset: disabled [ 184.388855][ T4184] Rebooting in 86400 seconds..