last executing test programs: 44.60739771s ago: executing program 4 (id=1301): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) poll(&(0x7f0000001340)=[{r0, 0x9581}], 0x1, 0x800) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_RSS_QUERY_EN={0xc, 0x7, {0x81000000}}]}]}, @IFLA_GROUP={0x8}]}, 0x3c}}, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246) pwritev(r4, &(0x7f00000002c0), 0x0, 0x9, 0x10000004) ioctl$PPPIOCSFLAGS1(r4, 0x40047459, &(0x7f0000000300)=0x8281336) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000340)=0x3) r5 = dup(r4) ioctl$PPPIOCGIDLE64(r5, 0x8010743f, &(0x7f0000000280)) r6 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r6, 0x0, 0x8000000000000c, &(0x7f0000000600)="01", 0x1) getsockopt$inet_opts(r6, 0x0, 0x9, 0xffffffffffffffff, &(0x7f0000000040)=0xa3) r7 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r7, 0x0, 0x8000000000000c, &(0x7f0000000600)='u', 0x1) write$binfmt_script(r4, &(0x7f0000000e00), 0x107) getsockopt$inet_opts(r7, 0x0, 0x9, 0xffffffffffffffff, &(0x7f0000000040)=0xa3) r8 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r8, 0x0, 0x8000000000000c, &(0x7f0000000600)='u', 0xfffffffffffffdeb) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000002c80)="a85e2ee4619fdebb42dec9e5fd6a63541d0b6a018000000000000052b87eb43afa0240dd8793e2bd2daee1902275da55eceb3870dc8bf4ca25f022061aa5e6945a83df3f3b67a4326e99cbd5e1ac91ca1cc2a071d3d6f163d90100001000000000b1492d6b0cff875a2f044cdab789c10004000013a15d5d99059a6d30ee1147982e5448ba62daff2a5069403fb21875c41b0233cd2e886cd51e8a7b7180fc15161342fc0775", 0xa6}, {&(0x7f0000000680)="3a75b19fb2be2d5b3fd46b18754c3c1aba9086251e7c4d40751093005e4e5d9c1ef3421eee1a7d73c14f83ff56382c3433778b25d2c36bf6bff13a2a662dd9557bb0f5217133c7d80dc25e0afcd4841103f5da4af2a86d392615aefbbccc632afd0626c3a37278c4be50aca0b5974b8c56669e079fc331b1175e04b45f6a2054b60aa3ccececf117a4b8b3ef6f818014854d", 0x92}, {&(0x7f0000002e00)="b201c54f415df9915611b8f46a", 0xd}, {&(0x7f0000000380)="d6adeba2563bda8c6ca4a2c77d34ddaaf9eaa7c498a63cab715487de7f8c5b86340e90d8487eb9bfd4208c39b3643d1999cabe6f3f976c005834bf43bf3b7450818861585d733003ba2058fbc77105db3c372020783d2a4c902f680b6adac7cdfff3867b5bb890dcf003c15cdee7754937bb", 0x72}], 0x4, &(0x7f0000000f80)=ANY=[@ANYRESDEC=r5, @ANYRESOCT=r2, @ANYRESOCT=r4, @ANYRES32=0x0, @ANYBLOB="80000000069e4f64000200000000000000000000795b5c0d5311d5a31897000075f337049d3af285a2df03f95ff8616f49b0e0e600"/63, @ANYBLOB="1d3dde6c129930aeb67e7c1df82438", @ANYRES32=r5, @ANYRES32=0x0, @ANYRES16, @ANYRES64=r2, @ANYRES32, @ANYRES8=r7, @ANYRES32, @ANYRES32, @ANYRES64=0x0, @ANYRESDEC=r7, @ANYRESOCT=r8, @ANYRES32=r8, @ANYBLOB="8bbacb2a367dbd14d9082809d8c368170011480e59d46840c387a4a87641ffd9411cf06f354eec27aac5c52b2bc77888568e66c6d1c05f8d940d5d51703872eb3cbf9fcb6b9bef6997afc3e38ace351c29c33011b74c323d1c619665064545bfcc52b119f3e00da22db02075b824418d2d853d6931571cc42691c55483287470b6420b0a3f03b6574009913b3f036f69cbc847de724864851e3c3f896900"/182, @ANYRES32=r5, @ANYRESOCT=r3, @ANYRES32, @ANYRESDEC=0x0, @ANYRES8=r6, @ANYRESDEC=r3, @ANYRESHEX=r4, @ANYBLOB="000000001c0000f5fd0f00feffffe10002040000", @ANYRES32=r5, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC, @ANYRESDEC=0x0, @ANYRESOCT=r5, @ANYRES64=r5, @ANYRES64=r3, @ANYRESHEX=0x0, @ANYRES32=0x0, @ANYBLOB="66d4c2bc22121af8cacca86fd94ec81af7546c6dbfbfbc161ab44732fe0f00000000000025aaa6b0f736138c19c722802b765fa5bbcdfb76c8f1de55b5ef97fe2343fe7ba163ffff0000983ff8010e1640b3c88e752c72ffb96bb654d6579b037b64b87b152f72c36ae6c7786504a87f8335710b95e60e370e7cf0d56afc583a22f27ae89c8b6bd4012abe18c335364309b77dd8ad71ee5f3a65bda5e9f986e2af92c07608c7d110eae38f9c91f51fa20885995b10011bf875c694e634be56f1c96a2a3f10b3d049dbed778ed13be11344f040aa46008f1856b98f159dc5dbd761a865ec087889724aba56a952fb7b4770776b0598f2a7", @ANYRESHEX, @ANYRES64, @ANYRES32=r6, @ANYRESOCT=r3, @ANYRESHEX=r8, @ANYBLOB="2c3d215e20a55e6c5de069b7382d2c5dfde4a2ad6ce9640fd51b70ba7ca7aea1733b8c9cb1e30c7fe2f53ad19952215a1304f4cd9c3f08b4537fbcd907520009bdf01948fff5d3a7e886a97158cb23fa9f2a0fef482cb6609001cdc8bf8f0aead189959179a5bcd35af12c401005bfbd7c8c73af6a6ecf8a29bccfc5203d419140d786a9c89eee4c01c5610ccd383350d31eb7788f760b51848490edc3b9b3647574a95dd904ac0769d064767224ba8a4dc89e886458992dd4798f09769624fac0c66d91923851c87a2b58224be37e1139848ce70df8a382701726bda52e0409e64c501842c2ec92836003ad8316bd039541e7467dbdd56ee47c9e7c68e29a4b2cb9012f6d07f0319f3ec2300414de041a44b62231c98634f4f6c7f5b0029e21ba5bbc2e5288a4148da185c729a2c463dc9843effd9429afc7df7f512b1220c4df98d9b9ec0bd55612d2b71411fb10ef71545b6b24bdff71323ab59934f7e0e07588f648f3f34221c42b857ec1cee2c8af56affba385a2912e0e62001ca5eb42e8bfb97476552af5d8e7035352fac76fdfac08d4e3660859c618c3a3f14946fd6b1899daa2a25dbb0be3e94f231442541755e6256c110dc273c3e8220b72ff18f52300dab01fd24b9fbbb0052631a5d55f45170e975be45e1bfbb3c9ee335654bf2527e223e785102612dfa3f183d8fef48d11e9bf7f6e5de70b3e8239de9df111251a2fc4377da98f70b651e0a5fb3416ea2941c6d90849655f81816b7864608c7b9d149661cd40544df18f66b5deda59db7c346c7dd53543f6adefa1f070c35662139fa78d7119b2893c5d38a15c588058eb7e29459e3a2b4f65e32e5d293c2c92b27c10822a5c529bf2eec76055dec5173563325802173d35e501266f6f56033bf360deaf04848769e0fc523dfffe46dd8d56b37e0a7e7594c00aa553038460f8f507c9b70df0df6f8a1c6e1544e6287a08e1065802eebdd8aca9df2dff13ddace65fca29e467b3a003f828cb307ca569d26b4880a9fc076f81d04268c2e6ace5eee0ad86a8e5247c07810122832973769eb7582e380994b700a25ca4e74e739eebeaed6b87d72e4b81b0a7f469eab9afae7e885e6452221e792de805a0bbfb837cbb7918a18274be82cd65e9899ee41862aa0c3ae33d587b0a97bd6bbec426a9f3bff6580f599547a331065ef305043ea9915c7dfc55955105a440d3ed88118187598619763d79ed7f69f70c614381e3b5e34696b61e531990a2f065820f39814688ebd76d90b9c2fc0ea4ead24cef472bf0f5075fcc6407ba0c0e7302df962096796289d51d502ca8d206b64275d8bb6419c5c8293f2b9409be144ef6b96e1ec3fcd5487ac71a42576e77c2f5ae6a8ca789e56dba127516a0209d130d193b5edd49c1737682e30bc3d3cb09d8a293b4bad246b5df6efee81ff9cb4720ef420c514059b6ea44ed7e0623b79ff8ffa359c357fbfa2efb9b166e8d23a60d5f0eb98a5f9d5ba9040ed323a05e8ddaff00139213175d76bd7d28877100bb3e49c40bfb8692924a0a50371ffc1a966ab3513893b23e65b6f764d4cadd0fa350052b1f6e6dc8da268bc54ca2e64a3b0803733ac24e328e63dc9cfb6febe15c6cedbf1ef74b4513d70b6c44a8f757cf40dbebb6b6b305c10cb18766b29efe14ad29af02e6d37e66211255a165f3ad6bcb8337829fc0bf00c3006cb50fd62f2ff26f088b38749bf0257bdb1e82d11e692cbbd1a481f654d760b7fcff447ddde618f9ea5ded8639eaf2427c5612f35e9d1254f6c9b590c7cbf2eb16a3166826cf8e389b88bc838954a6bfde88058e0e0f2d486a4aee58995ca4a71d9927e651b6b3d6ac89b98e81e062e19c9f0f96585422b2c9e025d3df4757b1748fa46609217486e5eff33f99c0429b3a84a9889384e5b1bf62c253b4cb9bdfc150da7ca102e4dd513d22801ec63ce542e58571d1798e09b5d99df6cb2d2c49aa3f798bebeaf70387eff63c66d411d89a1ec8d4d56bfa510622c904862850308676dc666316936785de75ad0b151aa1f82a97b8fdf219b267589443507bbbb7635b45a5c69af3dd04bfdb25d9363d3dedeb1f06e390737352bd6f7e0b520e78946cc07337a079663d182c6dcdc2681a7af90ee868b0330741154ee28e99b6564936622167617ca9748d4217199de84218be751c1e694467f4ffa1824cb394d253e84619dd05c99c672d46c3a11423bee975089ea846651d6254139efb3cf3d7f73cbfacaa656d5e10a62ae64655c93abc37626f70e1c4073b9fc23af4792f4083597d75d0b37427be11a31c0a9e0f895dc874911b9a02883614951e7b4cc1d7fbb173a917ded99cc23f393b5275313a1ccee0d719c6eaf81619020d99dd928e002290c98f13b4bf5c02a85b96d133a067a673f7fdcdc9e59f1891b412c20c7f75c208a75c4df744d1d5c65c1d76068103064290e0cf9e6617c70d0eb43c12da385cd601624f7e32924a09b492e35d7bbd3d641842777c641cf3cb312fd973ef802d980dfd15dae20a27e9cd49afab0cf7ae2a0f8c33e4b42b134d0117dd9d54f82795a44c11d84cf22c743d72722e70f0d6b964820ac09b40e8239b9b01cb20be2ef3e585c140507b4fda4d89ed7e6f2e09301d49bcba6427c537f1b13941e0ded3a0893eff1a5f8ff7234c8e9a380dc888e88c84fefcde72ac693c78af452d2385aec548ce70ae11f0a316fedd2e5d760b47cbfd3a90a27de8121883a927a5cac134eaf98d4ccfe70a589ccddc78cc13aaab234e75c574211f565c2632b1f5f1422214fae1aa1b22c199b07a4fa74f65fb33d921ea56ac1e6fcc928a4ac0b1c17c912e7ad7d225560e0474e3c515adf90031ab6c5da085545b4e90dde213e4f199a4c72ed6de024392a0d7474a7b6b1a18e6950017c7423a9e6b394805660f673d53f1aa7f10e87407392737551b8b40172e7835c0852b0a61ab808f81eac3ddb04af005fb70fdb36c56f15d031c4619cd175b96b8c98166c93269e63f44c7a6902b977fc6652ef26add518f997b599f53efbff283660e5e317a70ff236d8cf50fa2c5914e9b630cb8700a509b6e2fa22b23570cadecd302258e9f52f1b5259a36b7f2316a98a148a7ce596e4de4e3dc2c31a5ccbd95876faa444d15fd1cfc26911f7cd7c29c8386c43c60fb35bb0ebd65d43daefc6ae130b7e014fc3b27a300d8a44bb8fa8619ec57aa1e07bb85dc7fa154aaf464cfe93f591b9d51755415d089c9c1bf211cfd87fdb6e46111827b8a6490a194f8bb7d1ad446b29953c9f12e22bf42e3f75c991800fb88b04f876916aacd33c049e628b08216ed644a2f53e8171891c8b3f2177514163d63edfca70141c88c67815f8df07e9e85cad0f39c73b1da1470709bd4a94f977c19924c3c75d09fb7cb637a9142406bf42f2dee748134f83bd0cbd0583bd36eece22e945d63af7324cf52e9db4c2f540b0c1cbb2c5d9510a9184cfd6723dd72178dd061e32fca5401aeeccebf6780997f92af2dc2b77db670a4e61d247f93f6d3e84e0ae5840e1ea47bd4a00f2fef01b40f4063de946b2b1c0b1eaa7bd1d3cddef22a999dae48a4a185489d0302ff702ec82e614f9eb38c4d384034b7f397f5e979c94267c07bad173684963e1ddd59dc16120674bdac798a833f13de3fb485c10241a32eec62fce02c3aa47a08e49285d3700048e6a8d8480b926f3c36b4f6fab279f829531ac385ef69384772c4a5f32076d1ee41a509f7624683a31f9155e5cf463c0db45a47da2b38b2d5721488df8180a2b379c9c14a36db4bef997b67a34a4ab92f8cb0ad2dfc55f7dbbae653fe6ecdf2710dad9f7920404f9c48a321b10f2863d5fa75f1a762e1ce633155465957d29807735a62d3c8141bc02944d128190e09cc16a63ca9f30af47c55f903f5f755da00f426d4aff21638acc7a0fa52507d700509b8c237caf7f2ada1607320d0a85033d4663ad50b1eeae6aad059df7bad123e7ccf59580bcdc8a36237e40be696c668f9e0f784d9d3071d02593d5412d221c3d991ea2787ed2043951fc981fc29e5a30690adb4dbb35491d2b3039a41584d7fea3a53ccacdb7cae9552524770068fc8b21ddb82a70c66c04529a80604a2f15c53d2479ef01ec49e776644ef3998376b30749c2ad288d1cad66e9d392e09e9b85e47fd81931d03fc71af69ccee799da146a54175e1ee6c6df0d124b6eb6a74f3b3d63907fa80cd401ae628eb8203c5d786d5896217fdb577b2c8d260eca30e0dd713112d3643a55d009539005508838a010ee20c75c4632f4fc4e6e6248bb23eaf684ba402dbf184dc1bac066f0caace9b1a61db84c75f158b147801f0318b7ffe2867e8c1dadd5166434fec8fa86fc9bb323ffe3e28f24736580bcc59f17c4b77178572587ae2370c040e4c9575b0b52f05aef6463269f21763febbac96c793ebaa3133fc78b7569043e1ccc9a3a7eb3376888b0de1936f458b3bcc11b26e5044603511073e4a849d9e05bf180b17ae08cc5dcadd03fc0452fc274631dcc623cd2c54c9657702d9af69f470a92e51d0603690081402593ab167a91c46e6a3f1bb092a30de1a36df3195c5442cbd59b599bdcd9c4e7e23edd270ccf831bf117931ceb0b59acad3288b3ba754e08e5788d7995e480982323fd96839834a0e370f3aae3cde626c9f1d16a2c254b316fdc0eb4fe16be551783a28fdcdbb2fd2e1a4438cc1c4bd522b906bd26ed0d38838ffda61fc2ffddc9a0796376c69fb98758570f7db330833a448413a4e022234f170724cc778899026aad707565eca067bba6df23d78ed38df0a528a84ce63fdc99bfa25803d51e65e6126ea225c79dce223bb8cce9459d684f5a72a962262d71a67313be40ee50e5b4ddedbf318913acef040f2f4e4b8fe4792231b7e246f167fcdb47be02f7cb909d58cb30336c8f7ad3b0ab3033de490b1ef8c03af1922d5af550f978cd23d45da7b08da9bcae71d19ac88e15bbdba121c9b5416600591692a41edcdf8823d6c95aa972875d55dca47b6d0d41bf2650d7fa3ee423427fde8b07eb47c231dcdcfd98fef3b59aebf280ab0962556dcebb392932051e94fbff4aa6879cdeed9c273c9de583d325a74e1961013ec8f3273a33a9b9dd038c1727e227694520451f76c62f40c2720728dd472a1d9bdf0c9537b1503c6830dc66b74d416d4cfcdc13f4d4e6a1fcb8b7500ef7dc8c4620e42172f38c5a576d6b105e9a59e56fa8a0cbc4b1ebb4db2f7f013df22927eb6ae3d89c8466851ec27898e42f0fef6eee83b1621f05ef622d72bba36aa6b78e5aedda8330f99186e7fccda6fe2e0b2933f101e7700f67ac8cfc0cc9125f3b644a9931187c9771a0e99b4d5fecc2179e5ab39c1b7166f987b5d91e1588cf76e42965dfa404644138b981e04ae9aa8ec60dc2ff5bf47300a985f7a0ea0d96c88dfad023704ae0b24b480866b18dda46d64c2a45a0fa06403ec491b0fd06edb36298289a4959b551a009112e9cc6a6eaa713498b5a5e21403d75382d0a98e5d25d03166bd978a7997cf7cd3888a945ef0ba29d61bccb53e01943f3d994c1917a396938a146bddb93c8d9b5ffd38ee5729c0920b1fb237cffc11e0d1497a6f1696312e933f61935ff59bb51925054f95de452e37ceb0721d6fa84bf28f0afc5df03366d673f62c43e97af03b2884d2a491f823ffc4079536833bcaf9a8bc929d6d802798e7a26ca72111ea3298e7f8572f9a538ea26dd4a7520e272befa3ef0c146ec9633709493a8b17a0cda7612540724f7213170315d3", @ANYRES8=r7, @ANYRES32=0x0, @ANYRESDEC, @ANYBLOB="00090400b444abdfa4a4b530d9c9f06fae8a3a75a937bb4cc5d2248da163e615470ed70303ac5c8840a581135b7b340d941d4fe975c15eeb2b4d3153260b2020b13696a711d40eb7a385a302844c54469bdd54ecfce6f3c404000000651202ef44e1a3c2d72c7164f312519454c32cd22584e56cae9106414254a9a7510ab8423791f59fade46aaf10d94574871fc544ddf616c23595aead626c5dfcedfcffa47280ad2182d72b720f05f6b56d30994219b24af0ce816abbe245c55171d63b0b64c6a722501cb47d419915602bd9bd9aaa772d4c0c8aa409d0c6721ac2282c1e3065c7f44b8dddb9a0bd904300"/247], 0x158, 0x40c8815}, 0x884) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r9) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000180), 0xc, &(0x7f00000002c0)={&(0x7f000001ac80)=ANY=[@ANYBLOB="580000006c189fcbf2142cd36aa6638a3c4d467be65e271b9f196c7de05130b6d634dbadcc5fc91a009f634029ff4897343ed88c891ff9713fd7636120903e36727e0278713f9b8ee97bebe0db6d3882527cd4a7f45b9e8432e4fcb3410d43858026c8f90236a79bf2addba0b6cb938b9b9a2f5a58d60f61d29e16a05b6203edff6ccd506fa3a29aa175f7a6432afd3e91f243f3547459402b2b1267444d7ea49e4c5d284f78638e1f14ea4170f10a50a5f1e3ecf8248e5c8cb376b4ce84f77c1e218920fd90cffacfa7ea12e78e6ee3120db8eac7f17be51f27f18565254806a8e35549c85686005462943f1787b1fdc2dae903231547ebdde843bae5443ab8c70f6a3c0b341867a649a18ace220d89e4eabc3ce15e408a8da18e1dd41a8390536e755087648034b1d4d2207b860dca3d01ad40bb794bd262d3d4", @ANYRES16=r10, @ANYBLOB="00002cbd7000ffdbdfe57ffd38d7f89a43a56146672bba7adbd962757b990d63bb4cd51eee3391d0976c328003f1b5aec182c45212909149fae03ad3efbdab447fc0caf87200d674ee3298ca39549767b0d790d95453ea4412f5b0c36880464bd6ef451a9b80db25e2716fed32231717a9b4c152f425ef68e71dfc7096d2062e7513ced0f3cdfa6e225d8da1852beaf9f12dc1b2acf6d1f70aed332d6c8e24a10b566bd844e40bfba9783bb29e2f68d9f3326982244d25a39f3ebdc128cb0e479442112f79063499e8dcac22f60e99381888623d57195438a6158a607a2fa5e8473eea4e1f641b1ac6493c676c514c3ff6abab0835728147461133a224cd43ed955ebab0ac2daf31f41164e3c5fe0f5c8c902c84e8fa284b56b650ec2296ac8116e13f3baeb62589d0ba239e44942349a70f4748d12adb7bac5be0e7b1053d8eedb8fa0ffa796af808cc0000000000", @ANYRES32=0x0, @ANYBLOB="140002007663616e3400000000000000000dffe2a871c9fb4c3f62b4d014010200736974300000004000000000a25e8d080000001f0000", @ANYBLOB="08000100", @ANYRES32=r11], 0x58}, 0x1, 0x0, 0x0, 0x20000004}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@newtclass={0x40, 0x28, 0x100, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r11, {0x10, 0xfff2}, {0x8, 0x8}, {0xfff2, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x4}}, @tclass_kind_options=@c_taprio={0xb}, @TCA_RATE={0x6, 0x5, {0x2, 0xff}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20e8d08e5cd064cb}, 0x4000040) dup2(r0, r1) 43.359334468s ago: executing program 4 (id=1304): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_read_part_table(0x5bf, &(0x7f0000000000)="$eJzs27GrI0UcB/DvbpLdPPCINpYauMbKK6wf90TuHgcWh2AnaGsjIlgIShIUbdTKxsJ/4JorBCvrQ/wLRDi0ENRKxEItfCOb7Cbrs5IgevD5sEx+85uZ30xgttzwYCuLSTK5lJzWdTXEiz+SzYtPJ+1y25/1+W7C83du3Ly1vF01+1yV/LRO6r5O1zTJY/vCWfbR59N8cOf8vQ8/erPJOutvVkk+SdZJaYejbdfm4+Zvh/6tGorz33riUr/aN511Hs58G11Lf8sm23TaLmrePXr/u6f3Nte7oOw2PWkOuyc5S/Lj4XbXWV3dRbP8fJFZvdwP9bfp+u54f9UmpZTZqMzwFsxGuz31xberbJrdyGS0tnP/JHn1/nNPVqMaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8/5TetnOWR+ZJ1T1V8ulsmDTdPnmmme76v48XHefu6b3F2++8VueN05e/euWt785/mP+SZJJr5w+Vtt3PeyntaNU0qS+SPHpy7P5lKPv6C+P0Mpt8efXrx+tJSlkc8rOqaz9L1nn2sBYAAAAAAAAAAAAAAAAAAACOdOPmreXtuhq+rq+HfMk8qS594F5+LaWcpTTj5Kr/rZJ8n1KNx5pkcSVJ+36TfmCdlHJl/i/9Hf6hPwMAAP//+iNa6w==") r2 = dup(r1) syz_emit_ethernet(0x9a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbff02000000000000000000000000000100004e22006490780200"], 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e999000000000000000000000000000000000000000000000000ac1e270100"/53], 0xb8}}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0, 0x55}], 0x1, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 42.645513886s ago: executing program 4 (id=1306): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000200)=0x0) tgkill(r1, r0, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xb635773f06ebbeee, 0x12, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000001a00010000000000000000000a008000000000000000000008000200ffffffff080001"], 0x2c}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/bus/input/devices\x00', 0x0, 0x0) preadv(r6, &(0x7f00000005c0), 0x0, 0x0, 0x0) preadv(r6, &(0x7f0000000840), 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@grpjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") r7 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r7, 0x7, 0x0, 0x0, 0x0) 41.521395608s ago: executing program 4 (id=1308): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000100)=@framed, 0x0}, 0x90) r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) add_key(&(0x7f0000000140)='ceph\x00', &(0x7f0000000180), &(0x7f0000000040), 0x1d4, r0) 41.325439836s ago: executing program 4 (id=1311): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_PRIORITY={0x8}]}, 0x24}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050000000000000000004400000008000300", @ANYRES32=r4, @ANYBLOB="1400238005000b"], 0x30}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_SUPPRESS_IFGROUP={0x8}]}, 0x24}}, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000040)={0x2, @pix_mp={0x0, 0x0, 0x47425247}}) r7 = dup(r5) ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x0, 0x0, 0x0, 0xfc}}) prctl$PR_SET_MM_MAP(0x3d, 0xe, 0x0, 0x1d) r8 = socket$alg(0x26, 0x5, 0x0) bind$alg(r8, &(0x7f0000001600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(twofish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, 0x0, 0x0) 39.831960603s ago: executing program 4 (id=1318): setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, 0x0, 0x0) creat(0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3000080, &(0x7f0000000200)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYRES8], 0x11, 0x2d2, &(0x7f0000000bc0)="$eJzs3U1rE1scx/HfmaRteht6pw+XC3fZa0E3UutG3KRIXoS4ELWJUAwVbQV1YxVXIrp371vwLQhuFN+Arlz5AiIII+fMZJJJJzMxNDMNfj9gmMycM+d/Mg/n/AfsCMAf60rzy9uL3+w/I1VUkV5cljxJNakq6R/9W3uwf7h32Gm3MvbTDRxbyyisaY4V2t1vp9WtKaoR8e23quqD6zAdQRDsfJV0UHYgKJW7+lN40kJ0dbrttcIjy/Z0wnpHJxzHrDFddfVQy2XHAQAoVzT+e9E4X4/m754nbUbD/qkc/yfVLTuAqQsytw6M/y7LCow9vn+7Tf18z6VwdrvXyxLHaXlu6Pu8wjMrMcE0eVmli8VbvL3XaZ/fvdtpeXqmRmSg2Lr7bIWnbk9OtBspuWmGMfpu0meUS64Pc7YP2yPiX5uwxYmZD+aTuW58vVErnv9VA2MPkztS/tCRCuPfGr1H10vfllJ022g0Gl6iyIpr5L+ohUhOL2vpGYl6Z9SKkg8I/Lw4Xa3VoVph7y7k1FoLa+0sJmpt976NqLWeaMv2Jj6bR7c3beaVuWo29F3v1ByY/3s2vk1lXpn9q8ZshkOB+8XD/synN1d1+/SPjRxHulZProl/xYVRof/IvqdhyJOMbS91S5e0fPDo8Z1Kp9O+bxdupizcq8dr5p5LqWVKWPDUX6Oj/qYFhQ8ij9XqDUpFhnruRHdo7x+5he1VVkgHT82ZUMZC82OxJ1IZCwXdo1Cq/kHPLfq+kIBQNDfvCvO/gXxly0327IefMU/PnZBFewzsHDvOgGqJ+qtu6a/fyuCWRmdw4+Zc/5+VzsSrfgY5LfpRnLMhyJr6Waapz7rB838AAAAAAAAAAAAAAAAAAIBZU8R/Jyi7jwAAAAAAAAAAAAAAAAAAAAAAzLr4/b/qvf9X473/d/gvf1fCN7ycyPt/X++L9/8C0/crAAD//zZmik0=") sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0x43400) 28.701147s ago: executing program 1 (id=1349): set_mempolicy(0x4001, 0x0, 0x0) 28.379766722s ago: executing program 1 (id=1350): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r5, r4, 0x7}, 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r5, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r3}, 0x20) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) sendmmsg$inet(r3, &(0x7f0000004b40)=[{{0x0, 0x0, &(0x7f0000001e00)=[{&(0x7f0000000a40)="ca", 0x1}], 0x1}}], 0x1, 0x0) 27.39727887s ago: executing program 1 (id=1354): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x5) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$packet(0x11, 0x0, 0x300) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x5c, 0x5c, 0x5, [@restrict={0x0, 0x0, 0x0, 0xb, 0x3}, @func_proto, @enum={0x8, 0x7, 0x0, 0x6, 0x4, [{0xf, 0xff}, {}, {0x0, 0x6}, {0x4, 0x10001}, {0x1}, {0x2, 0x7}, {0x10, 0x7}]}]}, {0x0, [0x2e, 0x30, 0x2e]}}, 0x0, 0x79, 0x0, 0x0, 0xfff}, 0x20) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) r6 = socket(0x1e, 0x4, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="150000"], 0x15) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r6, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) 25.357478638s ago: executing program 1 (id=1355): setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, 0x0, 0x0) creat(0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3000080, &(0x7f0000000200)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYRES8], 0x11, 0x2d2, &(0x7f0000000bc0)="$eJzs3U1rE1scx/HfmaRteht6pw+XC3fZa0E3UutG3KRIXoS4ELWJUAwVbQV1YxVXIrp371vwLQhuFN+Arlz5AiIII+fMZJJJJzMxNDMNfj9gmMycM+d/Mg/n/AfsCMAf60rzy9uL3+w/I1VUkV5cljxJNakq6R/9W3uwf7h32Gm3MvbTDRxbyyisaY4V2t1vp9WtKaoR8e23quqD6zAdQRDsfJV0UHYgKJW7+lN40kJ0dbrttcIjy/Z0wnpHJxzHrDFddfVQy2XHAQAoVzT+e9E4X4/m754nbUbD/qkc/yfVLTuAqQsytw6M/y7LCow9vn+7Tf18z6VwdrvXyxLHaXlu6Pu8wjMrMcE0eVmli8VbvL3XaZ/fvdtpeXqmRmSg2Lr7bIWnbk9OtBspuWmGMfpu0meUS64Pc7YP2yPiX5uwxYmZD+aTuW58vVErnv9VA2MPkztS/tCRCuPfGr1H10vfllJ022g0Gl6iyIpr5L+ohUhOL2vpGYl6Z9SKkg8I/Lw4Xa3VoVph7y7k1FoLa+0sJmpt976NqLWeaMv2Jj6bR7c3beaVuWo29F3v1ByY/3s2vk1lXpn9q8ZshkOB+8XD/synN1d1+/SPjRxHulZProl/xYVRof/IvqdhyJOMbS91S5e0fPDo8Z1Kp9O+bxdupizcq8dr5p5LqWVKWPDUX6Oj/qYFhQ8ij9XqDUpFhnruRHdo7x+5he1VVkgHT82ZUMZC82OxJ1IZCwXdo1Cq/kHPLfq+kIBQNDfvCvO/gXxly0327IefMU/PnZBFewzsHDvOgGqJ+qtu6a/fyuCWRmdw4+Zc/5+VzsSrfgY5LfpRnLMhyJr6Waapz7rB838AAAAAAAAAAAAAAAAAAIBZU8R/Jyi7jwAAAAAAAAAAAAAAAAAAAAAAzLr4/b/qvf9X473/d/gvf1fCN7ycyPt/X++L9/8C0/crAAD//zZmik0=") sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0x43400) 23.456784201s ago: executing program 1 (id=1362): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_read_part_table(0x5bf, &(0x7f0000000000)="$eJzs27GrI0UcB/DvbpLdPPCINpYauMbKK6wf90TuHgcWh2AnaGsjIlgIShIUbdTKxsJ/4JorBCvrQ/wLRDi0ENRKxEItfCOb7Cbrs5IgevD5sEx+85uZ30xgttzwYCuLSTK5lJzWdTXEiz+SzYtPJ+1y25/1+W7C83du3Ly1vF01+1yV/LRO6r5O1zTJY/vCWfbR59N8cOf8vQ8/erPJOutvVkk+SdZJaYejbdfm4+Zvh/6tGorz33riUr/aN511Hs58G11Lf8sm23TaLmrePXr/u6f3Nte7oOw2PWkOuyc5S/Lj4XbXWV3dRbP8fJFZvdwP9bfp+u54f9UmpZTZqMzwFsxGuz31xberbJrdyGS0tnP/JHn1/nNPVqMaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8/5TetnOWR+ZJ1T1V8ulsmDTdPnmmme76v48XHefu6b3F2++8VueN05e/euWt785/mP+SZJJr5w+Vtt3PeyntaNU0qS+SPHpy7P5lKPv6C+P0Mpt8efXrx+tJSlkc8rOqaz9L1nn2sBYAAAAAAAAAAAAAAAAAAACOdOPmreXtuhq+rq+HfMk8qS594F5+LaWcpTTj5Kr/rZJ8n1KNx5pkcSVJ+36TfmCdlHJl/i/9Hf6hPwMAAP//+iNa6w==") r2 = dup(r1) syz_emit_ethernet(0x9a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbff02000000000000000000000000000100004e22006490780200"], 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e999000000000000000000000000000000000000000000000000ac1e270100"/53], 0xb8}}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0, 0x55}], 0x1, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x7fff0000}]}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22.670785931s ago: executing program 1 (id=1366): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000280)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x4e, {[@window={0xa, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e) 5.184163561s ago: executing program 2 (id=1420): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_TTL={0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) 4.947763701s ago: executing program 2 (id=1422): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)) getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) accept$alg(r0, 0x0, 0x0) 2.830917351s ago: executing program 3 (id=1432): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000010003000000180001801400020073797a5f74756e00000000000000000005000300b5000000050002"], 0x3c}}, 0x0) 2.543321383s ago: executing program 0 (id=1434): r0 = syz_open_dev$video(&(0x7f0000000040), 0x3, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05640, &(0x7f00000002c0)={0x9}) 2.484831825s ago: executing program 2 (id=1435): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_FLUSH(r0, 0x0, 0xd1, &(0x7f0000000480), 0x4) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x2c}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000001200e9c9"], 0x20}}, 0x0) 2.484353905s ago: executing program 3 (id=1436): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x3}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}]}}, &(0x7f0000000340)=""/142, 0x5a, 0x8e, 0x1}, 0x20) 2.434771006s ago: executing program 0 (id=1437): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r0, &(0x7f0000000180), 0x2000) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0) sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg=@initiation={0x1, 0x2, "4d19308fd4716602fc42c5775b3ff4b8e478957a9fd9906c6ba70a16c9e7ec5e", "c5790620ed1b0020002f7fa35fc287a470366ddc51d8159e9877f3d8ac2693fb8f0141d835bf05f1db39a966306a49f2", "b7f980c9c55898610dabc5ac55d75cb262ebde140eb5113eb922a759", {"76ae2f8d752bcefe6973ea968b32b310", "d379abea32e2772a33f5d6add3496fc6"}}}}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00') preadv(r4, &(0x7f0000000000)=[{0x0}], 0x1, 0x800, 0x0) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) sendmsg$BATADV_CMD_TP_METER(r4, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), 0x0) setuid(0x0) add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) keyctl$chown(0x4, 0x0, 0x0, 0x0) pipe2$9p(0x0, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/warn_count', 0xa43, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newlink={0x48, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FLAGS={0x6, 0x8, 0x3f}, @IFLA_IPTUN_TTL={0x5}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @dev}]}}}]}, 0x48}}, 0x0) 2.351878129s ago: executing program 3 (id=1438): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000080)={0x14, 0x14, 0x1, 0x0, 0x0, {0x1}}, 0x14}}, 0x0) 1.843715569s ago: executing program 3 (id=1439): syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2000480, &(0x7f0000000240), 0x1, 0x75b, &(0x7f0000000840)="$eJzs3c1rHOUfAPDvbJKmv7Q/E0HQegoIGijdmBpbBQ8VDyJYKOjZdtlsQ81utmQ3pQkBLSJ4EVQ8CHrp2Zd68+rLVf8LD9JSNS1WPEhkNrPpttlNN22SRffzgad9npnZPPOdZ2aeZ3eGmQD61nj6Ty7iUER8kESMZtOTiBhq5AYjTqwvd2t1pZimJNbWXvstaSxzc3WlGC2fSR3ICo9FxPfvRhzOba63trQ8VyiXSwtZebJeOT9ZW1o+cq5SmC3NluaPTU1PHz3+7PFjOxfrHz8tH7z24ctPfXXir3cevfL+D0mciIPZvNY4dsp4jGfbZCjdhHd4aacr67Gk1yvAfUkPzYH1ozwOxWgMNHIAwH/ZWxGxBgD0mUT/DwB9pvk7wM3VlWIz9fYXib11/cWI2L8ef/P65vqcweya3f7GddCRm8kdV0aSiBjbgfrHI+Kzb974Ik2xS9chAdp5+1JEnBkb33z+Tzbds7BdT3exzPhdZec/2DvfpuOf59qN/3Ib459oM/4ZbnPs3o97H/+5qztQTUfp+O+FlnvbbrXEnxkbyEr/b4z5hpKz58ql9Nz2UERMxNBwWp7aoo6JG3/f6DSvdfz3+0dvfp7Wn/5/e4nc1cHhOz8zU6gXHiTmVtcvRTw+2C7+ZKP9kw7j31Nd1vHK8+992mleGn8abzNtjn93rV2OeLJt+9++oy3Z8v7EycbuMNncKdr4+udPRjrV39r+aUrrb34X2Atp+49sHf9Y0nq/Zm37dfx4efS7TvPuHX/7/X9f8nojvy+bdrFQry9MRexLXt08/ejtzzbLzeXT+CeeaH/8b7X/p98Jz3QZ/+C1X7+8//h3Vxr/zLbaf/uZK7fmBjrV3137TzdyE9mUbs5/3a7gg2w7AAAAAAAAAAAAAAAAAAAAAAAAAOhWLiIORpLLb+RzuXx+/R3ej8RIrlyt1Q+frS7Oz0TjXdljMZRrPupytOV5qFPZ8/Cb5aN3lZ+JiIcj4uPh/zXK+WK1PNPr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgc6DD+/9Tvwz3eu0AgF2zv9crAADsOf0/APQf/T8A9B/9PwD0H/0/APQf/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC77NTJk2la+3N1pZiWZy4sLc5VLxyZKdXm8pXFYr5YXTifn61WZ8ulfLFaudffK1er56djfvHiZL1Uq0/WlpZPV6qL8/XT5yqF2dLp0tCeRAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA21NbWp4rlMulBRkZGZmNTK/PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Dv8EAAD//z4HKi8=") r0 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0) ftruncate(r0, 0x2007ffb) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x143142, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r0, 0x89f5, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000140)={@broadcast, 0x0, 0x0, 0x20, 0x0, [{@remote}, {@empty}]}}) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)=0x4) brk(0x55555ede5ffe) mlockall(0x6) brk(0x55555ede6001) mlockall(0x7) read$FUSE(r1, &(0x7f0000005280)={0x2020}, 0x2020) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x1000000201005) r3 = openat$cgroup_procs(r2, &(0x7f0000000040)='tasks\x00', 0x2, 0x0) r4 = accept$unix(r2, &(0x7f0000000080), &(0x7f0000000100)=0x6e) ioctl$BTRFS_IOC_SUBVOL_CREATE(r3, 0x5000940e, &(0x7f0000002040)={{r4}, "06d04c0f22415d72cfac6f1b51005220a6c48fe715325ff0bc7385f5dbb1e2e9244a951b338279ed343f6b755a368aa48812fd0671cb7488a5f8080657e7d3e8a724cda242a8aa93f0a054f22e9ed24542d741c6bc170bf40d02c69c5fcbd0d564e87e0240d35c4509efe35e21670512ff749fcfb8e02d2d1d637fb1c9da7500c6e2ac92d162c818f7f671800c44eea40dff34355ad9a76819399c2dee639093b3f4309b355c45f641da6de9af54b81014c1627b500a1216621538bfa0219c4b64531c2084e160072ab4a769cba01242e8bc264ab6efa44324bfcdd06f577ab358610cca23d04755ace0fc2288366914f65278119f855b4e9b7b6d9878cafda66b70428f09c582cf8f101712a2a4b7a92b6da3bcebd34a12f4c227f4994c5d174bcba0ebbda1c2ac4922777b70e6761ace94520fc8454b278f0b5d112770b7fe7b7c0804daed6a6523586a5e61365b1fcebd0c0a87676de45e1bdea217882428466c87529694068578f901af00635e2af423004c41648b3b3c3a5e5f0769dcc13dd8c18ae57ad189d646171c9287b267b4171092171978f50c5132f961203f567a46ad54eaed98395e25f16020d0a932fe24bbce79265c83d6c5e96c652172a24a65cef5704541120c058cb106201ecf865ac09a6a1ccf49a4c793531f16bb8c2c52435f9e492eb8f7a1e51b957ad7e65c51e800f5ad85812d353a274306fd4a25e53713246719e612ae955eda6e7f94d25be00ebc6790dd03d9bc3556180b40cd574c0ca172349ce1ca992005c737f546ef9f28aaf5e0b01fe216a7cf0511b64dd9a01f66ee3b84007e04debc49f26dadea3a2b458e06412e3b2c77c4949461f01bcc2f4be4da3c90cd372fa26aa8cbedd5549d85f685c3f8feeedd60e24c83748a3f33cfbb51bf7aa8b0b996920e65d33bdf33555a037681de4d6f04656f5a8c81ba523bc1ac6996604461983466822dbb0d696bf6e2a63c24c1502bf0a60d1b7c26fca2d56b6573ba230ad36b337117ea3587d69d735e768bb7558c7c21e4b232ec91fc3334c74016489f980dbbc88c60889e3945b247f293ced37f250d8bdb8dec1e5c3ba4c65c9a1ee97cfc17120c8861881e367e7cfc4b6e367f77b9e4e7ef7b65f01c6ebb91ab4388d5695bf3fdf4a203fb45b5585cae9b08787f7b8f5753bac2f8f24a8d901b059edd391a0708c6ea3fa5c23dd7ff6e177ca8baf05ddeef7943f0c85d9651454ece1b7b3dbfce93d8b80396f7cefeb8c2d17cff82f4978ec0123f48a2cfe6707a5fc3d7fd1a17c79a08791be2e1cbd8b9d72a4d9089e1db3fba21c0c026ceec3caea55f853e17988b41baa8a60a8574035ceabd5cacefb50ea3fe717b5a9f3dd3c2b48a1a9a311cc968602d11a7a0d2192b74b02c714ad9751b01a7274aa58ea849dc3fe3d5fcc2c503ab752940197310aac0d763350f39b4728bd17f106ce3f3eea428580caf965c6644b8be7b8c4507840bee9f6177da7ed2ce5f498a8188fd75579e463f3fa789e681c066128224ff629f91f587464154414c29fdacf941c930835065d7e04054b0707d7377c2cb4249a4db833fec40d90fa7bea84f8695cdf1eb284ec3b9bffe36aa81a5616f0e7ba4e727bc0b171ba0792a3732d89997d9c798b3f5c8e436b66b0720f8c2b2fc174965d48e4af4b8e600f6b49fe35fd0b676211cbb3d741b0784482701ee62fb63014339c17559e3c7d72694e436d8bca4a5c693884a8244539499843474588e1a34a4000d8f25704f9823b1ed8b4f508bb0bd821500ac290cca76051ea928f2fdadaf4c996f56b71500c557debfa15ed5a8de275a90f11ca220696e78bb342e341fde4a367389d592fe3baf1e3235b050dbf03f60b64cad61546f42bdbf1638de89f27883f9722b39861ab588a729cac4976f5a5a81e8cedf8d87fe71ef3fc715485691db4065cd5eb0eb1544d011e1b5be45bced90c84ec8f745263aa59af5cb4c68a40c36b23524ee52193d370db296500e421aba00ba1e9cbfdf8f8e8634a0514613434c1c9ef9ae5d51ae88ddb89af4837fdb9610def88bc2348c9f51774c5e3111799a2dee5ff84ca6be5334b1c97f7d81f99009319cca6d1d62e2ee9a8d20a5498720d9435792dc3c531ae4d2edde0ca11b2456bf79c9b30693b9630927b5fe4d0cf7dbebe32d8b362bed9565a1a20c358ab008e2f9d0a86b626334a4babf653bd3494600bfa191e4c817f908f0e8a9f9e5678f523df32c4c57be044fdbc58b1cb0aa8fc1c863fc978c634dbf82bbc8d54d80bc372fe4fc43f6a11a3975856fd39069ba9d416b5f060eded333b6ba71af9d8ad7c133a269a990d0151866c0ace51e656a462096578eb1bc2e976a23ebafe44bdd3c1ca6afb92cc05b0c1535e203ca61fb54fc6bc5bc8b89d04f6523a2aceb238c704e692cd1c871541f013fd006bfc8d7eaeea04a6b8312341e68388680d433592b240a7af1072d62af55b0a63a8d11abaaaac602a0f5fb79c76125d49a126b578fae5eb3d5fe0516fb1c53b29aec0fdc3dbf6f7e53e9f289198048d2ba8b8112e3702c548d248ee8f966e4dcceaae394d0b91f658ca23a20d84a8153ee86568e99955925c65921a6133d95e9b7890bd7dfeb60a41ad8a70e90009848a01c5dd49b8c3e681b40b4564b6c31076245a437d137f53cdb0398ffefe253acc96382855dbdaad9d7c1430c08539505a72227606ac06e5287dcc68166f456000d9b6a12cc9b90d8144ec7f40c215c9b6ea8567717c2365c3760558b20a384903c85b230dae1836937accb51e698bbb57eec50f0ea21397e70a1da5309de47fbbd9787169fe233c685111e07006bd1dc93b686687e1a7723b72815e0f80064f3c1f48dccca4669a6922e7c301a19a83817e72e0a503e0bb0625edbbdb1f09fd28e31fdeed4c882a30af23b6ad678b15a4b54b86f72dcbcd212e1583fb278e466d65eb415309b263dc86e91d4adf8efcada0f5f99e52c729679e13df494f14a3704dce0ca50a99f6738d33bb13646fee65497f849b8c917749408d61af7ed796691134e8630a2e0609f3f373dbaaf478e8013aa8344ff4e8fa1efba4cfdf1fd8eeb0eb27a9d5decbbaa45e0165d2b7f73b0b82a2bdb2f982765779c8776c7ea32e9ee658ea6fcbf7a53d97b8e00a5125821a53f4f71464089781580ff07a0096a5308c411238d8ae30e41b7f3b9c98b2c192302ce363639c277413fb672235781c1df94c28424c9314f778421f62ee267be22efe1c8350c26311bffcc953ebc54243b749f58b96add79d3b2fbbff0c1a6925708e7dc7512ee271d275ad30efe312e7eade3947c56aeda40430895621e1ef3e70a5ec0f79dc633c4e85936d3cd89dd4666ee4744e047947ff73911e7a4e42413b81d8ac027f2502b5d55317e18b872d6aadcb9e51ea49922f1cf80dcca471175a71e4050076c03d95f10873c023614d6a143189e2515e8c395ce8993dab418f6e69265fe02069351537116f673208f0d8cc6b71a98b3681acde7f3a8ce4c788e2637c69c389a7eebd96a705351dcbba42a9d0c1c1f174bbc2288529ca6b08d7a692fd192e011c0d5c21ee70fc998c88436ce69c60f4e113f364bd8cfbfc52a1856ab85bb800191a402a5c57bbf1eec7052cac24b9f43d3fd6de56450f33a41742b5fc19237da7f5426bbd907eb7e3d196da8ca103b9700462527c6a4eb92e8b5e72bfe0ba00dd7ef213c08f956e01280b4d5a42a9d2ff5aff40272de0be4710b50b62c53f542a5703da92ab0ba321621018de50d6432e58c9533cde2d9630d2a461cb876b83086f262a3476442a0a6c68bd8b9668dcfdb94ae0c097607dd45746f87708a349ef625b729c0d3cbde90f8c0373b05653adacf0289b715dcc8b78856458fcf8f2cbc3f34c5d56c0f605fc61457d9a6fcd7d9b6289419b8e2d2ef65276f9c5babc1070508207a502b91be40f4068cbe4e8a57a0eb1f4967827a50f3af11fe01ee74c6adc6ad13c201a9b48fa6fda74536d4da0c33024bd7d3e1c32cc0c41003d4185954fd74856ebb464305864fec4b76461b3647df85643405a240e8a4df03d2b3d93ffd984b1d26ac717c786b50c73cef855c11176aeb61140202617c0ab151cf4bf47b89402e332f1fe5aba96f97306e15576cfc99eb574c891e09de02f8fc8c4f0ce66842cc1407e2ba0eda990e259271c9faf70666833588b1244bcf572dc094c4ede5e0d600e423ab62b7cb50d1c91dee5fc81164b8eff249154bf863f8b66537253408cfce4e9e6264102bad74284fae0eb4a29fb321d607e554a7e11200b139c6b0d01ceef7a891a93f0dc17093849dd492b454054487a5d35a058fc4e2dcaa120115bd871288ddba672b96b5568e9495b956e20f7a37dbc66d99e0dfb4bfb377a4569cb38e85eecacde02f1b1fd47cdd50112c1e48c1ac3458e2cd5d361cde542fef4ffdfc89d80e516bee52e4f20f8bd5670ae250c5c827fd27d1c9ce948802d6922a094d8555cc24c7aaf424ccb8dae0da346874a44b446c3ba771afc23c134504856a9565f7c7d3ee3e8ffcd37534ac0d2d5ffcbdcae60ce6391cfd82930503f15c4696b63c86c9756c87237088c660c4ebba71f074628f0bc09277395a978979cb97ce10f4d7fa585c95dd42fb6bf317e133db79e47f1c86e3defa1ab1525619e4405ae761df9fbb35b1ee945f46cf27d8f9336b181819ca425f66b93cc794667f33963c48dc0f5f6bca9fb2df34c917f2853f9adf234a36bac27295c35a6a2665426e404b33a01396b7b96ae847915c396ea3f4ad5d66298bf12225dd9c57a03dbddd89b5b3c1163157b5d707fe9e9672c94df039e90d535a631891b9bd9e9869b497e06bc6cf425da5a3dbc88b4dae650bcd7a4519dd279cc24e79ca2d604e957aac792a9b31b8b1ee8de60a1c98aa388b0cd54d9ca6d7c0f1693bd00d7fc933dad178353536d42329a15a93aa70ee5271499817b8917ac63cd218ec11078ff71bda579c1dd2263c2fa7cea5573175d01721ed1ad2daf254e9e4e92863adbf2be9169587bf182aab7550c315a958bd9d1ac80b0cacaff6e9f645b2824526a527bd1cdfcecfe3699c0b7d541905d8f91f6e26df5194d472572130d7d7133d99e54024a1ffef4ef7aae31220a477fc0ad986187625a0db81269669f2319818ad4b3017349eed6b28991f76bff96f50aca58145825c10b851db133460e909135b1d85522baaa015a409b0f2ad26731381a7e3eb73a6d960af22116457526ce1ea61f491bb4413f90c43bb96ca561a3f8c6dde3c58ae827efe16e80a6c3b3a0be7a73514e4e49f079529a4e479c7a6748aac849f99a0335d079df1be2a5c693c9bf8a0f69e653c803b6feb088bf2ccec3bf86bc0269b08587998ecf2e3e2eb5bb6df657d18b5edc0188250bd591dd570db1e28a7e07b94a55247a9f8e3c9199ab50433d00491d5221b7d0c66cd79e209116099ae90415edba4fb1345d7eca27fa391ee7f1ab74cec310734642b42ca2a1fccc0ba08201b7531d6a5fec372fb91e04a336d7a55c45c1032142bc93800c0f1a67f9c2f4cb8b7ad8800d9b3878ed6cfdf3bbe8e5f6b6f241b7ac51394b32006e05c20314ef4d7d0677b46b507919978c3162437a646ecf667db7c4d9fe4c91a5904e93e19ab3c84fe65e17366aeba7d494a67f20b7098af55cbbf116ad9d07eb1f5254dcdf1f361f842369d36663fde3e44640b5f6f75baad41cd87b5a917a2a6c51a3cb742641cfdbd64d3b8521b81b6a4e5eac1ccc10a6826d2fcff7a"}) 1.248654192s ago: executing program 2 (id=1440): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x38011, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0xa) getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x8) poll(&(0x7f00000000c0)=[{r0}], 0x1, 0xf45) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000240), 0x4) 986.934782ms ago: executing program 0 (id=1441): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000f7000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000bdb200b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r1, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000500)="7c5331fc9356b5b10006000081001a", 0x0, 0xff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x1) 819.696728ms ago: executing program 0 (id=1442): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x17) 695.102433ms ago: executing program 0 (id=1443): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000061146c0073d19817ecd3f6ac000000000500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={r0, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000100)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, &(0x7f0000000140)=[0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x1c, &(0x7f00000001c0), 0x0, 0x10, &(0x7f0000000200), &(0x7f0000000240), 0x8, 0x40, 0x8, 0x8, &(0x7f0000000280)}}, 0x10) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x7}, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) madvise(&(0x7f00008d7000/0x1000)=nil, 0x1000, 0x4) mremap(&(0x7f000016c000/0x4000)=nil, 0x4000, 0x40000000, 0x3, &(0x7f000063c000/0x3000)=nil) readv(r2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/64, 0x40}], 0x5) mkdirat(r1, &(0x7f0000000180)='./bus\x00', 0x0) renameat2(r1, &(0x7f0000000000)='./file1\x00', r1, &(0x7f0000000100)='./bus/file0\x00', 0x2) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000500)={{}, &(0x7f0000000480), &(0x7f00000004c0)='%pK \x00'}, 0x20) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002740)='stack\x00') bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1a, 0x0, 0x0, 0x0, 0x40c, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3}, 0x48) read$FUSE(r3, &(0x7f0000004940)={0x2020}, 0x2020) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) open(&(0x7f00000000c0)='.\x00', 0x591002, 0x0) 450.500133ms ago: executing program 0 (id=1444): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)) getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) accept$alg(r0, 0x0, 0x0) 380.195845ms ago: executing program 3 (id=1445): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000010003000000180001801400020073797a5f74756e00000000000000000005000300b5000000050002"], 0x3c}}, 0x0) 326.400807ms ago: executing program 2 (id=1446): r0 = syz_open_dev$video(&(0x7f0000000040), 0x3, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05640, &(0x7f00000002c0)={0x9}) 197.326302ms ago: executing program 2 (id=1447): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x1, 0x6}, 0x48) syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c666c7573682c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030306509136530ae7b3166612c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c66736d616769633d3078303030303030303030303030303030312c003c2e8ce7d5d66b6ce203e936b758432e78e91785d72988c4144a21fbd83dacf39091ea7eefcf1998cf6bddec3804014d8eb05a8101014bdbdf24e4fcbe585dd5331a"], 0x6, 0x2a6, &(0x7f0000000440)="$eJzs3T9rW1cUAPDzbFlS20EaOpVCH7RDJ2N77SJTbDDV1KKh7dCa2oZiiYINhv6hqqeuXTr2ExQC2fIlsmTIHsgayBYPhhee9F4kO7JsBcvOn99v8fV999x77vXFxoPO+/Hj3v5OGnvHfzyKej2JhVa04iSJZixE6a84o/VPAABvspMsi6fZ0CxxSUTU55cWADBHM//9vzv3lACAOfvm2+++Wm+3N75O03ps9v4+6uT/2edfh8/X9+Ln6MZurEQjTiOyF4btzSzL+pU014zPev2jTh7Z++F+Mf/6k4hB/Go0ojnoOhu/1d5YTYfG4vt5Hu8X67fy+LVoxIcT1t9qb6xNiI9ONT7/dCz/5WjEg5/il+jGziCJUfyfq2n6Zfbvs9+/z9PL45P+Uac2GDeSLd7wjwYAAAAAAAAAAAAAAAAAAAAAgLfYclE7pxaD+j15V1F/Z/E0/2Yp0lLzbH2eYXxSTnSuPlA/i//K+joraZpmxcBRfCU+qkTldnYNAAAAAAAAAAAAAAAAAAAAr5fDX3/b3+52dw+upVFWAyg/1v+q87TGej6J6YNro7UWiuaUmWOxHJNETE0j38Q1Hctljfcuyvn/O7NOWL98zNK087meRnm79reTyWdYi7KnXl6Se+NjqnHFtaoXPcpmun7ViY8aM++9+sGg0Z8yJpJpiX3xeHhyRU9yfhfVwalODF8qGmPh5+7GTPf55d8ViWodAAAAAAAAAAAAAAAAAAAwV6MP/U54eHxB0MOt4Uv+a3NODgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuyOj9/zM0+kXwFQZX4+DwlrcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAO+B5AAAA///S9mga") r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) r2 = open$dir(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r4}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) write(r1, &(0x7f0000002200)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d", 0x200) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=@can_newroute={0x1c, 0x18, 0xd1fc11e09e109915, 0x0, 0x0, {}, [@CGW_SRC_IF={0x8, 0x12}]}, 0x1c}}, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r7, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) fcntl$setstatus(r7, 0x4, 0x800) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d90000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10) connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c) close(r7) r9 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r9, &(0x7f0000000000)={0x0, 0xf, &(0x7f0000000580)=[{&(0x7f0000000040)={0x18, 0x1d, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x00\x00\x00'}]}, 0x18}], 0x1}, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xe, &(0x7f00000000c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@errors_remount}]}, 0x3, 0x449, &(0x7f00000006c0)="$eJzs28tvG0UYAPBv7SR9E1OVQh9AoCDCK2nSUnrgAgKJA0hIcCjHkKRVqNugJki0iiAgVI6oEicuiCMSfwEnuCDghMS13FGlCuXSwslo7XXiOLYbu0kc6t9PWndmd+qZz7tjz+xkA+hZQ+lLErE3Iq5HxGAlu7rAUOWf20sLk/8sLUwmUSq9/XdSLndraWGyWrT6//ZUM30Ruc+TONKg3rnLV85PFIvTl7L86PyFD0bnLl95fubCxLnpc9MXx0+fPnli7MVT4y9sSJxpXLcOfzx79NDr7157c/LMtfd+/T6pxl8XR3P97VQ51Orgk6VSO++17e2rSSd9XWwIbclXumn5yr4eg5GPlZM3GK991tXGAZuqVCqVDkbsaHJ4sbSzpiBwj0l0behR1R/6dP5b3bZm5LE93Hy5MgFK476dbZUjfZHLyvTXzW830lBEnFn895t0i3XfhwAA6NyP6fjnuUbjv1wcrCl3X7aGUoiI+yNif0SciogDEfFARLnsgxHxUJv11y+SrB3/5G50FNg6peO/l7K1rdXjv+roLwr5LLevHH9/cnamOH08+0yGo39Hmh9rUcdPr/7xZbNjteO/dEvrr44Fs3bc6Ku7Ozc1MT9xNzHXuvlpxOG+RvEnyysBSUQciojDHdYx88x3R5sdu3P8LWzAOlPp24inKud/Merir0par0+O7ozi9PHR6lWx1m+/X32rWf13Ff8GSM//7obX/3L8haR2vXaunXf/+un09eqfXzSd03R6/Q8k76za99HE/PylsYiB5I1Ko2v3j9eVG18pn8Y/fKxx/98fK5/EkYhIL+KHI+KRiHg0a/tjEfF4RBxr8Sn88soT73ce/+ZK459q6/yvJAaifk/jRP78zz+sqrTQTvzp+T9ZTg1ne9bz/beedrV7NQMAAMD/VS4i9kaSG1lO53IjI5W/4T8Qu3PF2bn5Z8/OfnhxqvKMQCH6c9U7XYM190PHsml9IaKcH1/OV46fyO4bf5XfVc6PTM4Wp7odPPS4PU36f+qvfLdbB2w6z2tB79L/oXfp/9C79H/oXQ36/65utAPYeo1+/z/pQjuArVfX/y37QQ8x/4fe1Un/950B94aWfXlg69oBbKm5XXHnh+QlJNYkIrctmiGxSYlufzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsjP8CAAD//8Nb37k=") sendfile(r1, r2, 0x0, 0x11f06) syz_usb_control_io(r0, 0x0, 0x0) 0s ago: executing program 3 (id=1448): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x158) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f00000001c0)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) kernel console output (not intermixed with test programs): Filesystem [ 146.839027][ T4930] loop0: detected capacity change from 0 to 2048 [ 146.889983][ T4938] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 147.261347][ T4945] input: syz0 as /devices/virtual/input/input9 [ 148.320724][ T4941] process 'syz.4.406' launched './file0' with NULL argv: empty string added [ 148.562111][ T4954] xt_hashlimit: invalid rate [ 150.197508][ T4998] xt_hashlimit: invalid rate [ 150.419189][ T5009] loop0: detected capacity change from 0 to 256 [ 150.435894][ T5008] sp0: Synchronizing with TNC [ 150.499708][ T5015] netlink: 'syz.3.434': attribute type 30 has an invalid length. [ 151.273663][ T5048] netlink: 'syz.0.448': attribute type 30 has an invalid length. [ 151.662833][ T5061] input: syz0 as /devices/virtual/input/input10 [ 152.395129][ T5068] loop0: detected capacity change from 0 to 2048 [ 152.531398][ T5068] NILFS (loop0): invalid segment: Checksum error in segment payload [ 152.560919][ T5068] NILFS (loop0): trying rollback from an earlier position [ 152.667820][ T5068] NILFS (loop0): recovery complete [ 152.687433][ T5077] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 152.740159][ T26] audit: type=1800 audit(1719925500.505:6): pid=5068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.454" name="bus" dev="loop0" ino=12 res=0 errno=0 [ 154.163674][ T5101] netlink: 4 bytes leftover after parsing attributes in process `syz.2.468'. [ 156.132743][ T5156] loop0: detected capacity change from 0 to 4096 [ 156.175758][ T5156] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 156.252655][ T5156] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 156.688694][ T4651] ntfs3: loop0: ntfs3_write_inode r=5 failed, -22. [ 156.715366][ T3649] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 157.230458][ T5208] loop0: detected capacity change from 0 to 1024 [ 157.277567][ T5208] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 157.327909][ T5208] EXT4-fs (loop0): barriers disabled [ 157.347317][ T5208] JBD2: no valid journal superblock found [ 157.353194][ T5208] EXT4-fs (loop0): error loading journal [ 157.448672][ T5220] netlink: 4 bytes leftover after parsing attributes in process `syz.4.518'. [ 157.478828][ T3567] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 157.548373][ T5208] loop0: detected capacity change from 0 to 512 [ 157.555027][ T5208] tmpfs: Unknown parameter 'nouid32' [ 157.711368][ T3567] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 159.480673][ T5268] netlink: 52 bytes leftover after parsing attributes in process `syz.4.540'. [ 160.137929][ T5288] loop0: detected capacity change from 0 to 764 [ 160.576878][ T3594] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 160.980526][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 161.158714][ T3594] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 161.177379][ T3559] jfs_flush_journal: synclist not empty [ 161.199827][ T3559] metapage: ffff8880684c05d0: 00001000 00000000 00003a48 00000000 [ 161.204688][ T3594] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 161.237349][ T3559] metapage: ffff8880684c05e0: 5c507a28 ffff8880 5c507a28 ffff8880 [ 161.260656][ T3594] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 161.282820][ T3559] metapage: ffff8880684c05f0: 00000004 00000000 00000000 00000000 [ 161.417429][ T3559] metapage: ffff8880684c0600: 5c8c6000 ffff8880 00000024 00000000 [ 161.425400][ T3559] metapage: ffff8880684c0610: 00000000 dead4ead ffffffff 00000000 [ 161.463043][ T3559] metapage: ffff8880684c0620: ffffffff ffffffff 91e3a440 ffffffff [ 161.487646][ T3594] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 161.501507][ T3559] metapage: ffff8880684c0630: 901f2de0 ffffffff 00000000 00000000 [ 161.511951][ T3594] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.537356][ T3594] usb 2-1: Product: syz [ 161.560809][ T3559] metapage: ffff8880684c0640: 8b24c8e0 ffffffff 00000200 00000000 [ 161.577462][ T3594] usb 2-1: Manufacturer: syz [ 161.587323][ T3594] usb 2-1: SerialNumber: syz [ 161.633507][ T3559] metapage: ffff8880684c0650: 684c0650 ffff8880 684c0650 ffff8880 [ 161.686562][ T3559] metapage: ffff8880684c0660: 01723180 ffffea00 1af8c000 ffff8880 [ 161.735615][ T3559] metapage: ffff8880684c0670: 00001000 00003b14 00000001 00000000 [ 161.757429][ T3559] metapage: ffff8880684c0680: 5c507800 ffff8880 [ 161.822201][ T3559] page: ffffea0001723180: 00fff50000002056 ffffea0001a11f48 [ 161.907827][ T3559] page: ffffea0001723190: ffffea0001a2f9c8 ffff88805da8b498 [ 161.967550][ T3559] page: ffffea00017231a0: 0000000000000024 ffff8880684c05d0 [ 162.012684][ T3559] page: ffffea00017231b0: 00000002ffffffff ffff88807d8ce000 [ 162.024771][ T5326] netlink: 4 bytes leftover after parsing attributes in process `syz.0.564'. [ 162.152401][ T5328] netlink: 52 bytes leftover after parsing attributes in process `syz.4.565'. [ 162.316706][ T3594] usb 2-1: USB disconnect, device number 3 [ 163.588337][ T5018] udevd[5018]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 163.918070][ T5350] netlink: 16 bytes leftover after parsing attributes in process `syz.2.572'. [ 164.161910][ T5360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.576'. [ 164.443541][ T3594] kernel read not supported for file /vcs (pid: 3594 comm: kworker/0:3) [ 164.468065][ T5368] [U]  [ 164.717129][ T5388] netlink: 4 bytes leftover after parsing attributes in process `syz.3.591'. [ 165.064024][ T152] kernel read not supported for file /vcs (pid: 152 comm: kworker/1:2) [ 165.090051][ T5402] [U]  [ 165.477398][ T3562] jfs_flush_journal: synclist not empty [ 165.498264][ T3562] metapage: ffff888068b586c8: 00001000 00000000 00003a48 00000000 [ 165.585090][ T3562] metapage: ffff888068b586d8: 76c38a28 ffff8880 76c38a28 ffff8880 [ 165.637272][ T3562] metapage: ffff888068b586e8: 00000004 00000000 00000000 00000000 [ 165.707362][ T3562] metapage: ffff888068b586f8: 68b53000 ffff8880 00000024 00000000 [ 165.737359][ T3562] metapage: ffff888068b58708: 00000000 dead4ead ffffffff 00000000 [ 165.745349][ T3562] metapage: ffff888068b58718: ffffffff ffffffff 91e3a440 ffffffff [ 165.780423][ T5430] binder: 5426:5430 unknown command 0 [ 165.785882][ T5430] binder: 5426:5430 ioctl c0306201 20000640 returned -22 [ 165.887510][ T3562] metapage: ffff888068b58728: 901f2de0 ffffffff 00000000 00000000 [ 165.957346][ T3562] metapage: ffff888068b58738: 8b24c8e0 ffffffff 00000200 00000000 [ 166.316772][ T3562] metapage: ffff888068b58748: 68b58748 ffff8880 68b58748 ffff8880 [ 166.772263][ T3562] metapage: ffff888068b58758: 01a2d4c0 ffffea00 1f5f2000 ffff8880 [ 166.847335][ T3562] metapage: ffff888068b58768: 00001000 00003b14 00000001 00000000 [ 166.932776][ T3562] metapage: ffff888068b58778: 76c38800 ffff8880 [ 166.980686][ T3562] page: ffffea0001a2d4c0: 00fff50000002056 ffffea0001a2d5c8 [ 167.031370][ T3562] page: ffffea0001a2d4d0: ffffea0001a2d448 ffff88805aa50f98 [ 167.067397][ T3562] page: ffffea0001a2d4e0: 0000000000000024 ffff888068b586c8 [ 167.093040][ T3562] page: ffffea0001a2d4f0: 00000002ffffffff ffff88807747a000 [ 167.380447][ T5464] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 167.504337][ T5468] loop0: detected capacity change from 0 to 64 [ 167.642327][ T5470] netlink: 16 bytes leftover after parsing attributes in process `syz.3.627'. [ 168.617261][ T5498] xt_CT: You must specify a L4 protocol and not use inversions on it [ 169.070850][ T3553] jfs_flush_journal: synclist not empty [ 169.186200][ T3553] metapage: ffff888067dc46c8: 00001000 00000000 00003a48 00000000 [ 169.216090][ T3553] metapage: ffff888067dc46d8: 734e7228 ffff8880 734e7228 ffff8880 [ 169.263164][ T3553] metapage: ffff888067dc46e8: 00000004 00000000 00000000 00000000 [ 169.292493][ T3553] metapage: ffff888067dc46f8: 67d32000 ffff8880 00000024 00000000 [ 169.387235][ T3553] metapage: ffff888067dc4708: 00000000 dead4ead ffffffff 00000000 [ 169.421032][ T3553] metapage: ffff888067dc4718: ffffffff ffffffff 91e3a440 ffffffff [ 169.466610][ T3553] metapage: ffff888067dc4728: 901f2de0 ffffffff 00000000 00000000 [ 169.513505][ T3553] metapage: ffff888067dc4738: 8b24c8e0 ffffffff 00000200 00000000 [ 169.549710][ T5502] binder: 5501:5502 unknown command 0 [ 169.572236][ T3553] metapage: ffff888067dc4748: 67dc4748 ffff8880 67dc4748 ffff8880 [ 169.589120][ T5502] binder: 5501:5502 ioctl c0306201 20000640 returned -22 [ 169.656844][ T3553] metapage: ffff888067dc4758: 019f4c80 ffffea00 5f714000 ffff8880 [ 169.707756][ T3553] metapage: ffff888067dc4768: 00001000 00003b14 00000001 00000000 [ 169.752322][ T3553] metapage: ffff888067dc4778: 734e7000 ffff8880 [ 169.792486][ T3553] page: ffffea00019f4c80: 00fff50000002056 ffffea00019f70c8 [ 169.820763][ T3553] page: ffffea00019f4c90: ffffea00019f4c48 ffff88805aa562d8 [ 169.849668][ T3553] page: ffffea00019f4ca0: 0000000000000024 ffff888067dc46c8 [ 169.895258][ T3553] page: ffffea00019f4cb0: 00000002ffffffff ffff88807eb9c000 [ 170.598227][ T5546] xt_CT: You must specify a L4 protocol and not use inversions on it [ 172.824248][ T5568] netlink: 4 bytes leftover after parsing attributes in process `syz.2.667'. [ 172.874506][ T5562] binder: 5556:5562 unknown command 0 [ 172.905390][ T5562] binder: 5556:5562 ioctl c0306201 20000640 returned -22 [ 172.974016][ T5568] team1: Mode changed to "broadcast" [ 173.733651][ T3602] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 174.696986][ T5591] sched: RT throttling activated [ 175.444752][ T3602] usb 2-1: Using ep0 maxpacket: 16 [ 175.584090][ T5609] netlink: 4 bytes leftover after parsing attributes in process `syz.4.682'. [ 175.690141][ T5613] team1: Mode changed to "broadcast" [ 175.706602][ T5612] binder: 5606:5612 unknown command 0 [ 175.747769][ T5612] binder: 5606:5612 ioctl c0306201 20000640 returned -22 [ 175.777465][ T3602] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=93.21 [ 175.786610][ T3602] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.834978][ T3602] usb 2-1: Product: syz [ 175.843384][ T3602] usb 2-1: Manufacturer: syz [ 175.869546][ T3602] usb 2-1: SerialNumber: syz [ 175.895003][ T3602] usb 2-1: config 0 descriptor?? [ 175.961784][ T3602] usb_ehset_test: probe of 2-1:0.0 failed with error -32 [ 176.173893][ T3602] usb 2-1: USB disconnect, device number 4 [ 178.101003][ T5621] loop0: detected capacity change from 0 to 32768 [ 178.108050][ T5634] device wireguard0 entered promiscuous mode [ 178.297806][ T5621] XFS (loop0): Mounting V5 Filesystem [ 178.591477][ T5621] XFS (loop0): Starting recovery (logdev: internal) [ 178.652616][ T5654] netlink: 12 bytes leftover after parsing attributes in process `syz.2.696'. [ 178.690940][ T5621] XFS (loop0): Ending recovery (logdev: internal) [ 178.879062][ T3649] XFS (loop0): Unmounting Filesystem [ 178.920426][ T3564] Bluetooth: Frame is too long (len 16, expected len 4) [ 179.186563][ T5663] netlink: 4 bytes leftover after parsing attributes in process `syz.1.698'. [ 179.677412][ T3599] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 179.782566][ T4155] jfs_flush_journal: synclist not empty [ 179.827839][ T4155] metapage: ffff888067dc47c0: 00001000 00000000 00003a48 00000000 [ 181.893893][ T3599] usb 2-1: Using ep0 maxpacket: 16 [ 181.908791][ T4155] metapage: ffff888067dc47d0: 5d309a28 ffff8880 5d309a28 ffff8880 [ 181.949744][ T5690] device wireguard0 entered promiscuous mode [ 182.057447][ T4155] metapage: ffff888067dc47e0: 00000004 00000000 00000000 00000000 [ 182.075729][ T4155] metapage: ffff888067dc47f0: 5313b000 ffff8880 00000024 00000000 [ 182.114610][ T4155] metapage: ffff888067dc4800: 00000000 dead4ead ffffffff 00000000 [ 182.159754][ T4155] metapage: ffff888067dc4810: ffffffff ffffffff 91e3a440 ffffffff [ 182.203202][ T4155] metapage: ffff888067dc4820: 901f2de0 ffffffff 00000000 00000000 [ 182.211598][ T4155] metapage: ffff888067dc4830: 8b24c8e0 ffffffff 00000200 00000000 [ 182.227559][ T4155] metapage: ffff888067dc4840: 67dc4840 ffff8880 67dc4840 ffff8880 [ 182.236227][ T4155] metapage: ffff888067dc4850: 014c4ec0 ffffea00 75de0000 ffff8880 [ 182.250764][ T4155] metapage: ffff888067dc4860: 00001000 00003b14 00000001 00000000 [ 182.259770][ T4155] metapage: ffff888067dc4870: 5d309800 ffff8880 [ 182.266311][ T4155] page: ffffea00014c4ec0: 00fff50000002056 ffffea00014c5308 [ 182.274223][ T3599] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=93.21 [ 182.287650][ T4155] page: ffffea00014c4ed0: ffffea00018c92c8 ffff88805aa40f98 [ 182.297613][ T3599] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 182.305652][ T3599] usb 2-1: Product: syz [ 182.336367][ T4155] page: ffffea00014c4ee0: 0000000000000024 ffff888067dc47c0 [ 182.367941][ T3599] usb 2-1: Manufacturer: syz [ 182.372597][ T3599] usb 2-1: SerialNumber: syz [ 182.418098][ T4155] page: ffffea00014c4ef0: 00000002ffffffff ffff888073386000 [ 182.427000][ T3599] usb 2-1: config 0 descriptor?? [ 182.475651][ T3599] usb 2-1: can't set config #0, error -71 [ 182.489287][ T3599] usb 2-1: USB disconnect, device number 5 [ 182.977299][ T3599] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 184.388388][ T3599] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 184.427327][ T3599] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 184.476146][ T3599] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 184.692015][ T3599] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 184.898729][ T3599] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.918205][ T3599] usb 3-1: Product: syz [ 184.922432][ T3599] usb 3-1: Manufacturer: syz [ 184.927064][ T3599] usb 3-1: SerialNumber: syz [ 185.683520][ T3599] usb 3-1: USB disconnect, device number 2 [ 186.678125][ T3564] Bluetooth: hci4: command 0x0406 tx timeout [ 187.228916][ T3564] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 187.241718][ T3564] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 187.250518][ T3564] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 187.269473][ T3565] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 187.279288][ T3565] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 187.286689][ T3565] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 187.627587][ T3602] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 187.819720][ T26] audit: type=1804 audit(1719925535.585:7): pid=5806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.756" name="/newroot/112/bus/file0" dev="overlay" ino=603 res=1 errno=0 [ 187.890710][ T5782] chnl_net:caif_netlink_parms(): no params data found [ 188.017602][ T3602] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 188.049289][ T3602] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 188.063933][ T3602] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 188.143651][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.151882][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.205680][ T5782] device bridge_slave_0 entered promiscuous mode [ 188.227614][ T3602] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 188.236722][ T3602] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.277452][ T3602] usb 2-1: Product: syz [ 188.286183][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.303026][ T3602] usb 2-1: Manufacturer: syz [ 188.321596][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.329050][ T3602] usb 2-1: SerialNumber: syz [ 188.363025][ T5782] device bridge_slave_1 entered promiscuous mode [ 188.462457][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.496603][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.551957][ T5823] loop0: detected capacity change from 0 to 8192 [ 188.597835][ T5823] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 188.645327][ T5782] team0: Port device team_slave_0 added [ 188.695661][ T5782] team0: Port device team_slave_1 added [ 188.852990][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.867266][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.949589][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 189.026567][ T3602] usb 2-1: USB disconnect, device number 6 [ 189.032992][ T26] audit: type=1326 audit(1719925536.795:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5841 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 189.117328][ T26] audit: type=1326 audit(1719925536.795:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5841 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 189.212469][ T26] audit: type=1326 audit(1719925536.795:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5841 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 189.281061][ T26] audit: type=1326 audit(1719925536.795:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5841 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 189.337402][ T26] audit: type=1326 audit(1719925536.795:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5841 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 189.390581][ T48] Bluetooth: hci9: command tx timeout [ 189.808215][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 189.832437][ T3541] udevd[3541]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 189.931912][ T26] audit: type=1326 audit(1719925536.805:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5841 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 189.954760][ T26] audit: type=1326 audit(1719925536.805:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5841 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 189.977007][ T26] audit: type=1326 audit(1719925536.805:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5841 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 190.017444][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.067772][ T26] audit: type=1326 audit(1719925536.805:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5841 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 190.137256][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 190.285166][ T5782] device hsr_slave_0 entered promiscuous mode [ 190.310864][ T5782] device hsr_slave_1 entered promiscuous mode [ 190.336169][ T5782] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 190.347578][ T5782] Cannot create hsr debugfs directory [ 190.829176][ T5782] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.092487][ T5782] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.192596][ T5869] loop0: detected capacity change from 0 to 512 [ 191.277875][ T5869] EXT4-fs: Ignoring removed bh option [ 191.307458][ T5869] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 191.321601][ T5782] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.385949][ T5869] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz.0.777: bad orphan inode 17 [ 191.433895][ T5869] EXT4-fs (loop0): Remounting filesystem read-only [ 191.447575][ T3564] Bluetooth: hci9: command tx timeout [ 191.484828][ T5869] ext4_test_bit(bit=16, block=4) = 1 [ 191.490509][ T5869] is_bad_inode(inode)=0 [ 191.513590][ T5869] NEXT_ORPHAN(inode)=1048336 [ 191.522303][ T5782] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.534849][ T5869] max_ino=32 [ 191.538952][ T5869] i_nlink=0 [ 191.542183][ T5869] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 191.593019][ T935] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz1 [ 191.607341][ T3599] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 191.742585][ T3649] EXT4-fs (loop0): unmounting filesystem. [ 191.843798][ T5782] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 191.863294][ T5887] loop0: detected capacity change from 0 to 512 [ 191.883723][ T5782] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 191.892241][ T5887] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 191.906800][ T5782] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 191.966619][ T5782] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 191.977634][ T3599] usb 3-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config [ 191.989322][ T5887] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.784: iget: bad i_size value: -67835469387268086 [ 192.012632][ T3599] usb 3-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 192.045889][ T3599] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 192.058749][ T5887] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.784: couldn't read orphan inode 15 (err -117) [ 192.077329][ T3599] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.123106][ T5887] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 192.149299][ T5887] ext2 filesystem being mounted at /147/file0 supports timestamps until 2038 (0x7fffffff) [ 192.283124][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.318805][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.338885][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.376426][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.397505][ T3599] usb 3-1: string descriptor 0 read error: -71 [ 192.411957][ T3599] aiptek 3-1:17.0: interface has no int in endpoints, but must have minimum 1 [ 192.449124][ T3602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.459977][ T3602] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.468745][ T3599] usb 3-1: USB disconnect, device number 3 [ 192.470633][ T3602] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.481806][ T3602] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.154135][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 193.168119][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 193.210324][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 193.278351][ T3598] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.285578][ T3598] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.377508][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 193.407594][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 193.424615][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 193.452014][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 193.469203][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 193.499898][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 193.510583][ T3649] EXT4-fs (loop0): unmounting filesystem. [ 193.513020][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 193.535581][ T3564] Bluetooth: hci9: command tx timeout [ 193.572322][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 193.602777][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 193.639472][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 193.668700][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 193.686142][ T5782] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 193.971205][ T26] kauditd_printk_skb: 39 callbacks suppressed [ 193.971222][ T26] audit: type=1326 audit(1719925541.735:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5915 comm="syz.4.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 194.088282][ T26] audit: type=1326 audit(1719925541.785:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5915 comm="syz.4.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 194.226067][ T26] audit: type=1326 audit(1719925541.785:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5915 comm="syz.4.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 194.254116][ T1253] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.254198][ T1253] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.698907][ T26] audit: type=1326 audit(1719925541.785:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5915 comm="syz.4.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 195.042697][ T26] audit: type=1326 audit(1719925541.785:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5915 comm="syz.4.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 195.129448][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 195.159382][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 195.165450][ T26] audit: type=1326 audit(1719925541.785:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5915 comm="syz.4.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 195.174413][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.232649][ T26] audit: type=1326 audit(1719925541.785:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5915 comm="syz.4.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 195.308065][ T26] audit: type=1326 audit(1719925541.785:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5915 comm="syz.4.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 195.324039][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 195.362293][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 195.385975][ T26] audit: type=1326 audit(1719925541.785:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5915 comm="syz.4.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 195.445562][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 195.448970][ T26] audit: type=1326 audit(1719925541.785:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5915 comm="syz.4.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x7ffc0000 [ 195.482905][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 195.502679][ T5782] device veth0_vlan entered promiscuous mode [ 195.543097][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 195.560941][ T935] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz1 [ 195.563893][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 195.618019][ T48] Bluetooth: hci9: command tx timeout [ 195.627112][ T5782] device veth1_vlan entered promiscuous mode [ 195.700834][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 195.710685][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 195.720541][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 195.729986][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 195.741908][ T5782] device veth0_macvtap entered promiscuous mode [ 195.791078][ T5782] device veth1_macvtap entered promiscuous mode [ 195.835566][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.877261][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.907241][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.942488][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.975610][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.006733][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.056959][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.100040][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.127637][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.151651][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.187741][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.210196][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.230738][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.254406][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.256107][ T5921] loop0: detected capacity change from 0 to 40427 [ 196.277431][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.298379][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.322841][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.335552][ T48] Bluetooth: hci0: command 0x0406 tx timeout [ 196.347504][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.362034][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 196.363287][ T5921] F2FS-fs (loop0): invalid crc value [ 196.373443][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 196.384036][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 196.392402][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 196.428327][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 196.441595][ T5921] F2FS-fs (loop0): Found nat_bits in checkpoint [ 196.464700][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.496764][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.527332][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.557286][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.599658][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.636724][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.665952][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.666604][ T5921] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 196.703572][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.734804][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.774633][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.815124][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.837482][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.857204][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.877512][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.902784][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.925706][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.946570][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.966568][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.014297][ T5921] F2FS-fs (loop0): Corrupted max_depth of 3: 4294967295 [ 197.023646][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.041701][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 197.057504][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 197.082723][ T5782] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.162924][ T5782] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.291104][ T5782] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.507050][ T5782] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.144402][ T4610] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 198.191178][ T4610] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.240179][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 198.261476][ T4610] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 198.276192][ T4610] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.313407][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 199.784745][ T5996] capability: warning: `syz.1.820' uses deprecated v2 capabilities in a way that may be insecure [ 200.128344][ T935] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 200.377305][ T935] usb 5-1: Using ep0 maxpacket: 32 [ 200.497613][ T935] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 200.520151][ T935] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 200.557387][ T935] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 200.588006][ T935] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.627360][ T935] usb 5-1: config 0 descriptor?? [ 200.657897][ T6002] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 200.678466][ T935] hub 5-1:0.0: USB hub found [ 200.870743][ T6012] loop0: detected capacity change from 0 to 32768 [ 200.930830][ T6012] ERROR: (device loop0): dbAlloc: the hint is outside the map [ 200.930830][ T6012] [ 200.997627][ T935] hub 5-1:0.0: config failed, can't read hub descriptor (err -22) [ 201.070003][ T46] read_mapping_page failed! [ 201.074941][ T46] ERROR: (device loop0): txCommit: [ 201.074941][ T46] [ 201.137619][ T46] jfs_write_inode: jfs_commit_inode failed! [ 201.415904][ T935] hid-generic 0003:046D:C314.0003: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.4-1/input0 [ 202.597433][ T14] usb 5-1: USB disconnect, device number 3 [ 203.490980][ T4526] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz1 [ 203.823322][ T6057] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.020919][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 204.049298][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.056505][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.228849][ T6081] usb usb9: usbfs: process 6081 (syz.4.857) did not claim interface 0 before use [ 205.511398][ T6106] netlink: 20 bytes leftover after parsing attributes in process `syz.3.868'. [ 206.583021][ T6146] netlink: 20 bytes leftover after parsing attributes in process `syz.1.885'. [ 208.963294][ T6201] netlink: 8 bytes leftover after parsing attributes in process `syz.3.909'. [ 209.341147][ T6221] netlink: 14601 bytes leftover after parsing attributes in process `syz.1.918'. [ 209.687734][ T6230] netlink: 12 bytes leftover after parsing attributes in process `syz.4.922'. [ 209.777237][ T3598] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 209.833599][ T48] Bluetooth: hci6: Ignoring HCI_Connection_Complete for existing connection [ 210.057434][ T3598] usb 4-1: Using ep0 maxpacket: 32 [ 210.198427][ T3598] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 210.222286][ T3598] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 210.267337][ T3598] usb 4-1: New USB device found, idVendor=05ac, idProduct=022b, bcdDevice= 0.00 [ 210.294041][ T3598] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.319567][ T3598] usb 4-1: config 0 descriptor?? [ 210.619007][ T6254] netlink: 14601 bytes leftover after parsing attributes in process `syz.2.931'. [ 210.796040][ T3598] apple 0003:05AC:022B.0005: hidraw0: USB HID v0.00 Device [HID 05ac:022b] on usb-dummy_hcd.3-1/input0 [ 210.994135][ T3598] usb 4-1: USB disconnect, device number 7 [ 211.141354][ T48] Bluetooth: hci6: Ignoring HCI_Connection_Complete for existing connection [ 211.171912][ T6268] netlink: 12 bytes leftover after parsing attributes in process `syz.4.938'. [ 211.650538][ T48] Bluetooth: hci6: Ignoring HCI_Connection_Complete for existing connection [ 212.016231][ T3564] Bluetooth: hci6: command tx timeout [ 212.213353][ T6282] netlink: 14601 bytes leftover after parsing attributes in process `syz.3.944'. [ 212.392168][ T3565] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 212.403772][ T3565] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 212.412912][ T3565] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 212.423349][ T3565] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 212.433757][ T3565] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 212.441447][ T3565] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 212.629655][ T6294] netlink: 44 bytes leftover after parsing attributes in process `syz.4.948'. [ 212.686571][ T6294] netlink: 44 bytes leftover after parsing attributes in process `syz.4.948'. [ 212.903252][ T6286] chnl_net:caif_netlink_parms(): no params data found [ 212.947428][ T3598] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 213.203711][ T6286] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.227355][ T3598] usb 3-1: Using ep0 maxpacket: 32 [ 213.288037][ T6286] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.336239][ T6286] device bridge_slave_0 entered promiscuous mode [ 213.357562][ T3598] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.378673][ T6286] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.392594][ T3598] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.415032][ T6286] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.433545][ T3598] usb 3-1: New USB device found, idVendor=05ac, idProduct=022b, bcdDevice= 0.00 [ 213.457475][ T6286] device bridge_slave_1 entered promiscuous mode [ 213.506373][ T3598] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.554762][ T3598] usb 3-1: config 0 descriptor?? [ 215.681197][ T48] Bluetooth: hci6: command 0x0406 tx timeout [ 215.687711][ T3558] Bluetooth: hci10: command tx timeout [ 215.903301][ T6286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.985348][ T6286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.007407][ T3598] usbhid 3-1:0.0: can't add hid device: -71 [ 216.013445][ T3598] usbhid: probe of 3-1:0.0 failed with error -71 [ 216.067975][ T3598] usb 3-1: USB disconnect, device number 4 [ 216.324801][ T6286] team0: Port device team_slave_0 added [ 216.385165][ T6286] team0: Port device team_slave_1 added [ 216.529210][ T6286] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 216.536655][ T6286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.615304][ T6286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 216.660322][ T6286] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 216.671693][ T6286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.721104][ T6286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 216.746389][ T6343] netlink: 8 bytes leftover after parsing attributes in process `syz.2.965'. [ 216.796122][ T6344] Zero length message leads to an empty skb [ 216.886937][ T6286] device hsr_slave_0 entered promiscuous mode [ 216.901326][ T6286] device hsr_slave_1 entered promiscuous mode [ 216.914475][ T6286] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 216.922625][ T6346] netlink: 44 bytes leftover after parsing attributes in process `syz.2.966'. [ 216.932385][ T6286] Cannot create hsr debugfs directory [ 216.938422][ T6346] netlink: 44 bytes leftover after parsing attributes in process `syz.2.966'. [ 217.297497][ T6286] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.538239][ T6286] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.740834][ T6286] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.872768][ T3564] Bluetooth: hci10: command tx timeout [ 219.096942][ T6286] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.539386][ T6286] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 219.572641][ T6286] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 219.625041][ T6286] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 220.055801][ T3565] Bluetooth: hci10: command tx timeout [ 220.211379][ T6286] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 220.668321][ T6388] mmap: syz.1.980 (6388) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 220.697881][ T6286] 8021q: adding VLAN 0 to HW filter on device bond0 [ 220.753809][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 220.766930][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 220.791689][ T6286] 8021q: adding VLAN 0 to HW filter on device team0 [ 220.825863][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 220.856308][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 220.881171][ T3598] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.888418][ T3598] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.939853][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 220.950228][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 220.970452][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 220.996064][ T4523] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.003360][ T4523] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.028103][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 221.037888][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 221.053321][ T6400] netlink: 'syz.2.984': attribute type 6 has an invalid length. [ 221.086139][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 221.115858][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 221.149191][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 221.168351][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 221.197601][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 221.226911][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 221.248159][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 221.274116][ T6286] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 221.306480][ T6286] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 221.326590][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 221.336440][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 222.215463][ T3565] Bluetooth: hci5: command 0x0406 tx timeout [ 222.221974][ T3558] Bluetooth: hci10: command tx timeout [ 222.675282][ T4523] kernel write not supported for file bpf-prog (pid: 4523 comm: kworker/1:12) [ 222.827630][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 223.031575][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 223.064081][ T6286] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.071629][ T6429] netlink: 'syz.2.995': attribute type 6 has an invalid length. [ 223.307105][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 223.335878][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 223.868089][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 223.876714][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 223.958638][ T6286] device veth0_vlan entered promiscuous mode [ 223.983166][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 224.011756][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 224.039227][ T6286] device veth1_vlan entered promiscuous mode [ 224.174747][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 224.188268][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 224.234141][ T6286] device veth0_macvtap entered promiscuous mode [ 224.287807][ T6286] device veth1_macvtap entered promiscuous mode [ 224.336120][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.070139][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.285717][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.367245][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.383685][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.417289][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.447299][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.467236][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.492451][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.527269][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.547387][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.580064][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.593223][ T3540] kernel write not supported for file bpf-prog (pid: 3540 comm: kworker/1:3) [ 225.612548][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.633316][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.653681][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.685220][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.698887][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.709556][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.719815][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.736820][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.753807][ T6286] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 225.776356][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 225.791833][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 225.808308][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 225.829032][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 225.881420][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.917424][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.940894][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.965392][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.986884][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.027310][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.047260][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.104182][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.115658][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.133096][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.143375][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.154164][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.165880][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.178999][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.188980][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.204216][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.227204][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.267597][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.279684][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.290191][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.301843][ T6286] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.310823][ T6466] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1004'. [ 226.343457][ T6468] netlink: 'syz.4.1007': attribute type 6 has an invalid length. [ 226.353948][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 226.366215][ T4523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 226.390263][ T6286] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.401105][ T6286] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.437211][ T6286] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.462402][ T6286] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.653684][ T6482] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 226.685382][ T3854] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.704395][ T3854] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.916715][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 226.943570][ T1185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.975576][ T1185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.323882][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 228.741174][ T3559] jfs_flush_journal: synclist not empty [ 228.948002][ T3559] metapage: ffff8880684c05d0: 00001000 00000000 00003a48 00000000 [ 229.036310][ T3559] metapage: ffff8880684c05e0: 5c507a28 ffff8880 5c507a28 ffff8880 [ 229.074123][ T3559] metapage: ffff8880684c05f0: 00000004 00000000 00000000 00000000 [ 229.147636][ T3559] metapage: ffff8880684c0600: 5c8c6000 ffff8880 00000024 00000000 [ 229.172562][ T6530] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1022'. [ 229.245596][ T3559] metapage: ffff8880684c0610: 00000000 dead4ead ffffffff 00000000 [ 229.305404][ T3559] metapage: ffff8880684c0620: ffffffff ffffffff 91e3a440 ffffffff [ 229.318232][ T3559] metapage: ffff8880684c0630: 901f2de0 ffffffff 00000000 00000000 [ 229.373918][ T3559] metapage: ffff8880684c0640: 8b24c8e0 ffffffff 00000200 00000000 [ 229.398589][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.425422][ T3559] metapage: ffff8880684c0650: 684c0650 ffff8880 684c0650 ffff8880 [ 229.444644][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.453101][ T3559] metapage: ffff8880684c0660: 01723180 ffffea00 1af8c000 ffff8880 [ 229.453173][ T3559] metapage: ffff8880684c0670: 00001000 00003b14 00000001 00000000 [ 229.453193][ T3559] metapage: ffff8880684c0680: 5c507800 ffff8880 [ 229.453213][ T3559] page: ffffea0001723180: 00fff50000002056 ffffea0001a11f48 [ 229.453232][ T3559] page: ffffea0001723190: ffffea0001a2f9c8 ffff88805da8b498 [ 229.453251][ T3559] page: ffffea00017231a0: 0000000000000024 ffff8880684c05d0 [ 229.453270][ T3559] page: ffffea00017231b0: 00000002ffffffff ffff88807d8ce000 [ 229.529389][ T6540] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 229.539500][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.546950][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.561789][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.569416][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.576853][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.585722][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.587559][ T4523] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 229.600897][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.601033][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.601059][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.601084][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.655134][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.667277][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.686439][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.694239][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.712400][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.720107][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.737367][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.761333][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.784272][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.802799][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.816662][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.834848][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.847511][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.865336][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.885675][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.895832][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.916157][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.926746][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.936145][ T6496] loop3: detected capacity change from 0 to 40427 [ 229.942883][ T4523] usb 1-1: Using ep0 maxpacket: 32 [ 229.947042][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.956022][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.969253][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.976965][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.984842][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 229.992789][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 230.005846][ T6496] F2FS-fs (loop3): Found nat_bits in checkpoint [ 230.011068][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 230.020512][ T14] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 230.031287][ T3599] kernel write not supported for file bpf-prog (pid: 3599 comm: kworker/0:6) [ 230.047594][ T14] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz0] on syz0 [ 230.090651][ T4523] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 230.137438][ T4523] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 230.180489][ T4523] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 230.226054][ T4523] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.271915][ T4523] usb 1-1: config 0 descriptor?? [ 230.337560][ T6535] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 230.406034][ T4523] hub 1-1:0.0: USB hub found [ 230.877376][ T3599] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 231.369996][ T4523] hub 1-1:0.0: config failed, can't read hub descriptor (err -22) [ 231.397562][ T3599] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 10 [ 231.426117][ T3599] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 231.668259][ T3599] usb 3-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=82.8f [ 231.740535][ T3599] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.949406][ T3599] usb 3-1: Product: syz [ 232.048740][ T3599] usb 3-1: Manufacturer: syz [ 232.153268][ T3599] usb 3-1: SerialNumber: syz [ 232.435273][ T4523] hid-generic 0003:046D:C314.0007: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.0-1/input0 [ 232.436230][ T3599] usb 3-1: config 0 descriptor?? [ 232.491366][ T4523] usb 1-1: USB disconnect, device number 3 [ 232.559803][ T3599] kobil_sct 3-1:0.0: KOBIL USB smart card terminal converter detected [ 232.615599][ T3599] usb 3-1: KOBIL USB smart card terminal converter now attached to ttyUSB0 [ 232.835768][ T3599] usb 3-1: USB disconnect, device number 5 [ 232.873794][ T3599] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0 [ 232.909596][ T3599] kobil_sct 3-1:0.0: device disconnected [ 233.028472][ T6590] gfs2: gfs2 mount does not exist [ 233.482291][ T3594] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 233.787640][ T6613] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1045'. [ 233.867546][ T3594] usb 2-1: New USB device found, idVendor=05dc, idProduct=0001, bcdDevice= 0.01 [ 233.884269][ T3594] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.944821][ T3594] usb 2-1: config 0 descriptor?? [ 234.018427][ T3594] ums-jumpshot 2-1:0.0: USB Mass Storage device detected [ 234.124283][ T3594] ums-jumpshot 2-1:0.0: Quirks match for vid 05dc pid 0001: 2 [ 234.249118][ T3594] usb 2-1: USB disconnect, device number 7 [ 234.502976][ T6635] gfs2: gfs2 mount does not exist [ 234.903650][ T6649] sp0: Synchronizing with TNC [ 235.038614][ T6653] 9pnet_virtio: no channels available for device @ [ 235.176225][ T6657] device vlan1 entered promiscuous mode [ 235.194568][ T6657] device macvtap0 entered promiscuous mode [ 235.227549][ T6657] device macvtap0 left promiscuous mode [ 235.457414][ T6669] gfs2: gfs2 mount does not exist [ 235.679782][ T6658] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1061'. [ 235.841706][ T6573] device hsr_slave_0 left promiscuous mode [ 235.882015][ T6573] device hsr_slave_1 left promiscuous mode [ 235.918168][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 235.946089][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 235.984979][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 236.017395][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 236.028228][ T6573] device bridge_slave_1 left promiscuous mode [ 236.034528][ T6573] bridge0: port 2(bridge_slave_1) entered disabled state [ 236.056110][ T6573] device bridge_slave_0 left promiscuous mode [ 236.067586][ T6573] bridge0: port 1(bridge_slave_0) entered disabled state [ 236.168242][ T6573] device veth1_macvtap left promiscuous mode [ 236.187577][ T6573] device veth0_macvtap left promiscuous mode [ 236.193756][ T6573] device veth1_vlan left promiscuous mode [ 236.217255][ T4523] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 236.234447][ T6573] device veth0_vlan left promiscuous mode [ 236.448271][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.455936][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.486975][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.500980][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.509154][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.520860][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.536208][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.550007][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.558823][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.566831][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.575091][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.583089][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.591144][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.599089][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.606614][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.618026][ T4523] usb 3-1: New USB device found, idVendor=05dc, idProduct=0001, bcdDevice= 0.01 [ 236.626537][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.638236][ T4523] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.638409][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.655563][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.663367][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.669556][ T4523] usb 3-1: config 0 descriptor?? [ 236.671416][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.684105][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.692010][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.707598][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.708725][ T4523] ums-jumpshot 3-1:0.0: USB Mass Storage device detected [ 236.720894][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.737216][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.751392][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.765680][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.768132][ T4523] ums-jumpshot 3-1:0.0: Quirks match for vid 05dc pid 0001: 2 [ 236.778899][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.795991][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.811390][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.829295][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.847053][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.862824][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.870828][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.885377][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.901052][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.916567][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.942819][ T3594] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 236.956181][ T4523] usb 3-1: USB disconnect, device number 6 [ 236.967805][ T3594] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz0 [ 237.271213][ T6709] gfs2: gfs2 mount does not exist [ 237.342298][ T6699] loop3: detected capacity change from 0 to 40427 [ 237.367280][ T6699] F2FS-fs (loop3): Found nat_bits in checkpoint [ 237.454711][ T6699] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 237.528276][ T5782] syz-executor: attempt to access beyond end of device [ 237.528276][ T5782] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 237.718393][ T6573] team0 (unregistering): Port device team_slave_1 removed [ 237.836411][ T6573] team0 (unregistering): Port device team_slave_0 removed [ 237.986588][ T6573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 238.125456][ T6573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 239.436464][ T6573] bond0 (unregistering): Released all slaves [ 240.520495][ T6703] device vlan2 entered promiscuous mode [ 240.554684][ T6703] device macvtap0 entered promiscuous mode [ 240.594800][ T6703] device macvtap0 left promiscuous mode [ 240.842750][ T6766] netlink: 'syz.4.1101': attribute type 4 has an invalid length. [ 241.145143][ T26] kauditd_printk_skb: 35 callbacks suppressed [ 241.145160][ T26] audit: type=1326 audit(1719925588.905:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6776 comm="syz.0.1106" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7effb5b75f19 code=0x0 [ 242.318449][ T6792] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1111'. [ 242.487239][ T3558] Bluetooth: hci6: command 0x0406 tx timeout [ 242.505932][ T6797] gfs2: gfs2 mount does not exist [ 242.588625][ T3558] Bluetooth: hci7: Ignoring HCI_Connection_Complete for existing connection [ 242.674305][ T6803] PKCS7: Unknown OID: [4] 2.19.13055.170809666(bad) [ 242.702093][ T6803] PKCS7: Only support pkcs7_signedData type [ 242.859134][ T6810] loop3: detected capacity change from 0 to 16 [ 242.901029][ T6811] netlink: 'syz.0.1118': attribute type 3 has an invalid length. [ 242.931931][ T6810] erofs: (device loop3): erofs_read_inode: bogus i_mode (0) @ nid 36 [ 242.957364][ T6811] netlink: 'syz.0.1118': attribute type 1 has an invalid length. [ 242.976645][ T6811] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1118'. [ 243.046720][ T6817] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 243.046720][ T6817] The task syz.2.1120 (6817) triggered the difference, watch for misbehavior. [ 243.167037][ T6820] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1122'. [ 243.222686][ T6820] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1122'. [ 243.262019][ T26] audit: type=1326 audit(1719925591.025:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.4.1124" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6405375f19 code=0x0 [ 244.374875][ T3558] Bluetooth: hci7: command tx timeout [ 244.848954][ T6849] netlink: 'syz.2.1132': attribute type 3 has an invalid length. [ 244.856826][ T26] audit: type=1326 audit(1719925592.615:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effb5b75f19 code=0x7ffc0000 [ 244.879932][ T6849] netlink: 'syz.2.1132': attribute type 1 has an invalid length. [ 244.904956][ T6849] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1132'. [ 244.948273][ T26] audit: type=1326 audit(1719925592.615:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effb5b75f19 code=0x7ffc0000 [ 244.970601][ C0] vkms_vblank_simulate: vblank timer overrun [ 245.087259][ T26] audit: type=1326 audit(1719925592.615:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7effb5b75f19 code=0x7ffc0000 [ 245.586747][ T6869] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1139'. [ 245.617303][ T3594] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 245.647748][ T6869] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1139'. [ 245.857202][ T3594] usb 4-1: Using ep0 maxpacket: 16 [ 245.977464][ T3594] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 246.007451][ T3594] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 246.026993][ T3594] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 246.237506][ T3594] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 246.257201][ T3594] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.276958][ T3594] usb 4-1: Product: syz [ 246.297303][ T3594] usb 4-1: Manufacturer: syz [ 246.310463][ T3594] usb 4-1: SerialNumber: syz [ 246.358847][ T3594] cdc_ncm 4-1:1.0: skipping garbage [ 246.364209][ T3594] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found [ 246.388111][ T3594] cdc_ncm 4-1:1.0: bind() failure [ 246.727335][ T48] Bluetooth: hci7: command 0x0406 tx timeout [ 246.932976][ T6889] netlink: 'syz.4.1146': attribute type 3 has an invalid length. [ 246.977217][ T6889] netlink: 'syz.4.1146': attribute type 1 has an invalid length. [ 247.021831][ T6889] netlink: 181400 bytes leftover after parsing attributes in process `syz.4.1146'. [ 247.367732][ T48] Bluetooth: hci10: command tx timeout [ 247.401588][ T6902] netlink: 'syz.4.1152': attribute type 29 has an invalid length. [ 247.451409][ T6902] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1152'. [ 247.697217][ T3598] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 248.108979][ T3598] usb 2-1: New USB device found, idVendor=05dc, idProduct=0001, bcdDevice= 0.01 [ 248.136285][ T3598] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.164637][ T3598] usb 2-1: config 0 descriptor?? [ 248.208501][ T3598] ums-jumpshot 2-1:0.0: USB Mass Storage device detected [ 248.248301][ T3598] ums-jumpshot 2-1:0.0: Quirks match for vid 05dc pid 0001: 2 [ 248.288152][ T3594] usb 4-1: USB disconnect, device number 8 [ 248.435641][ T3651] usb 2-1: USB disconnect, device number 8 [ 248.736563][ T6573] device hsr_slave_0 left promiscuous mode [ 248.743670][ T6573] device hsr_slave_1 left promiscuous mode [ 248.758183][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 248.806118][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 248.832287][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 248.854834][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 248.871628][ T3565] Bluetooth: hci7: command 0x0406 tx timeout [ 248.906533][ T6573] device bridge_slave_1 left promiscuous mode [ 248.923867][ T6573] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.011153][ T6931] overlayfs: bad mount option "redirect_dir=./file1" [ 249.227498][ T6573] device bridge_slave_0 left promiscuous mode [ 249.324487][ T6573] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.613028][ T6573] device veth1_macvtap left promiscuous mode [ 249.654622][ T6573] device veth0_macvtap left promiscuous mode [ 249.662137][ T6573] device veth1_vlan left promiscuous mode [ 249.668127][ T6573] device veth0_vlan left promiscuous mode [ 249.771683][ T6930] loop3: detected capacity change from 0 to 2048 [ 249.859966][ T6930] Alternate GPT is invalid, using primary GPT. [ 249.876748][ T6930] loop3: p1 p2 p3 [ 251.353112][ T6952] ebt_limit: overflow, try lower: 0/0 [ 252.373135][ T6573] team0 (unregistering): Port device team_slave_1 removed [ 252.472761][ T6573] team0 (unregistering): Port device team_slave_0 removed [ 252.571220][ T6573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 252.697927][ T6573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 252.861743][ T6967] overlayfs: bad mount option "redirect_dir=./file1" [ 252.988890][ T3565] Bluetooth: hci8: command 0x0406 tx timeout [ 254.624449][ T6573] bond0 (unregistering): Released all slaves [ 255.083045][ T6981] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1181'. [ 255.134457][ T6981] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1181'. [ 255.694879][ T1253] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.705119][ T1253] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.139405][ T48] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 256.150766][ T48] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 256.159258][ T48] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 256.167820][ T48] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 256.177307][ T48] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 256.186685][ T48] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 256.247025][ T7000] loop3: detected capacity change from 0 to 2048 [ 256.453173][ T26] audit: type=1326 audit(1719925604.215:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7004 comm="syz.2.1190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbf3d75f19 code=0x7ffc0000 [ 256.542380][ T7008] overlayfs: bad mount option "redirect_dir=./file1" [ 256.830366][ T7000] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 256.844007][ T26] audit: type=1326 audit(1719925604.415:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7004 comm="syz.2.1190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7fdbf3d75f19 code=0x7ffc0000 [ 257.134397][ T7000] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038 (0x7fffffff) [ 259.488833][ T48] Bluetooth: hci2: command tx timeout [ 259.781971][ T7009] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 288: padding at end of block bitmap is not set [ 259.782521][ T6993] chnl_net:caif_netlink_parms(): no params data found [ 259.891700][ T5782] EXT4-fs (loop3): unmounting filesystem. [ 260.191628][ T6993] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.257373][ T6993] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.326514][ T6993] device bridge_slave_0 entered promiscuous mode [ 260.657233][ T6993] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.818192][ T6993] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.947422][ T6993] device bridge_slave_1 entered promiscuous mode [ 261.093226][ T7044] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1199'. [ 261.218868][ T7044] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1199'. [ 261.527330][ T48] Bluetooth: hci2: command tx timeout [ 261.733014][ T6993] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 261.780826][ T6993] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 261.949635][ T6993] team0: Port device team_slave_0 added [ 262.012547][ T6993] team0: Port device team_slave_1 added [ 262.033085][ T7052] overlayfs: bad mount option "redirect_dir=./file1" [ 262.901001][ T7055] netlink: 'syz.4.1202': attribute type 29 has an invalid length. [ 262.931120][ T6993] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 262.941986][ T6993] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.023619][ T6993] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 263.080187][ T6993] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 263.097268][ T6993] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.186702][ T6993] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 263.360825][ T6993] device hsr_slave_0 entered promiscuous mode [ 263.388330][ T6993] device hsr_slave_1 entered promiscuous mode [ 263.407264][ T6993] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 263.415757][ T6993] Cannot create hsr debugfs directory [ 263.607360][ T48] Bluetooth: hci2: command tx timeout [ 264.077289][ T3597] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 264.387477][ T3597] usb 5-1: Using ep0 maxpacket: 8 [ 264.637425][ T3597] usb 5-1: config 135 has an invalid interface number: 230 but max is 0 [ 264.645827][ T3597] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 264.706406][ T3597] usb 5-1: config 135 has no interface number 0 [ 264.734204][ T3597] usb 5-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 264.833318][ T6993] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.191012][ T6993] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.819998][ T3597] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 265.830495][ T48] Bluetooth: hci2: command tx timeout [ 265.836809][ T3597] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.845049][ T3597] usb 5-1: Product: syz [ 265.849612][ T3597] usb 5-1: Manufacturer: syz [ 265.854234][ T3597] usb 5-1: SerialNumber: syz [ 265.900803][ T7082] netlink: 'syz.1.1213': attribute type 29 has an invalid length. [ 265.912397][ T3597] usb 5-1: Found UVC 0.00 device syz (18ec:3288) [ 265.933485][ T3597] usb 5-1: No valid video chain found. [ 266.090497][ T6993] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.215026][ T14] usb 5-1: USB disconnect, device number 4 [ 266.351658][ T6993] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.061285][ T3565] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 267.073769][ T3565] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 267.095006][ T3565] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 267.106689][ T6993] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 267.120512][ T3565] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 267.129186][ T3565] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 267.139755][ T3565] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 267.157717][ T6993] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 267.331433][ T7103] netlink: 'syz.1.1223': attribute type 29 has an invalid length. [ 267.355159][ T6993] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 267.494685][ T6993] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 267.927638][ T3598] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 267.941466][ T6993] 8021q: adding VLAN 0 to HW filter on device bond0 [ 268.186927][ T7124] netlink: 'syz.3.1233': attribute type 29 has an invalid length. [ 268.253670][ T6993] 8021q: adding VLAN 0 to HW filter on device team0 [ 268.291302][ T7127] overlayfs: bad mount option "redirect_dir=./file1" [ 268.437370][ T3598] usb 5-1: Using ep0 maxpacket: 32 [ 268.581940][ T7098] chnl_net:caif_netlink_parms(): no params data found [ 268.619609][ T3598] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 268.730463][ T3598] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 269.003210][ T3598] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 269.148600][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 269.156648][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 269.180772][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 269.207426][ T3565] Bluetooth: hci3: command tx timeout [ 269.211209][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 269.237902][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.245102][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 269.293767][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 269.302927][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 269.307373][ T3598] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 269.320721][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.327911][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 269.335969][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 269.345120][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 269.350950][ T3598] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 269.354507][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 269.384680][ T3598] usb 5-1: Product: syz [ 269.386907][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 269.399111][ T3598] usb 5-1: Manufacturer: syz [ 269.408254][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 269.414082][ T3598] usb 5-1: SerialNumber: syz [ 269.438308][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 269.461695][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 269.478041][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 269.478910][ T3598] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found [ 269.496669][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 269.516810][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 269.524980][ T3598] cdc_ncm 5-1:1.0: bind() failure [ 269.599384][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 269.628374][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 269.693076][ T6993] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 269.801617][ T7098] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.813503][ T7098] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.822685][ T7098] device bridge_slave_0 entered promiscuous mode [ 269.832407][ T7098] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.840230][ T7098] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.849235][ T7098] device bridge_slave_1 entered promiscuous mode [ 269.920139][ T7098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 269.988260][ T7098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 270.082910][ T7143] loop5: detected capacity change from 0 to 7 [ 270.127955][ T7143] Dev loop5: unable to read RDB block 7 [ 270.137715][ T7143] loop5: unable to read partition table [ 270.143594][ T7143] loop5: partition table beyond EOD, truncated [ 270.182893][ T7098] team0: Port device team_slave_0 added [ 270.190773][ T7143] loop_reread_partitions: partition scan of loop5 (被xڬdƤݡ [ 270.190773][ T7143] ) failed (rc=-5) [ 270.209226][ T7153] loop3: detected capacity change from 0 to 2048 [ 270.279227][ T7153] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 270.292787][ T7098] team0: Port device team_slave_1 added [ 270.313126][ T7153] EXT4-fs (loop3): unmounting filesystem. [ 270.331122][ T7160] program syz.1.1242 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 270.384869][ T7098] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 270.447468][ T7098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 270.547454][ T7098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 270.598619][ T7098] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 270.605719][ T7098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 270.688215][ T7098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 270.813157][ T7098] device hsr_slave_0 entered promiscuous mode [ 270.828750][ T7098] device hsr_slave_1 entered promiscuous mode [ 270.937725][ T7098] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 270.983438][ T7098] Cannot create hsr debugfs directory [ 271.456354][ T6993] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 271.781804][ T48] Bluetooth: hci3: command tx timeout [ 271.878863][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 271.886514][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 271.999451][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 272.038396][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 272.156514][ T7184] program syz.1.1251 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 272.243508][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 272.278360][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 272.290686][ T6993] device veth0_vlan entered promiscuous mode [ 272.329935][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 272.350527][ T4519] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 272.530989][ T7098] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.603023][ T6993] device veth1_vlan entered promiscuous mode [ 272.635332][ T3651] usb 5-1: USB disconnect, device number 5 [ 272.653091][ T7194] loop3: detected capacity change from 0 to 64 [ 273.150265][ T7202] syz.3.1256: attempt to access beyond end of device [ 273.150265][ T7202] loop3: rw=34817, sector=39, nr_sectors = 30 limit=64 [ 273.718186][ T7204] overlayfs: upper fs does not support tmpfile. [ 273.752503][ T7202] syz.3.1256: attempt to access beyond end of device [ 273.752503][ T7202] loop3: rw=34817, sector=72, nr_sectors = 2 limit=64 [ 273.801953][ T7098] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.847649][ T48] Bluetooth: hci3: command tx timeout [ 273.872014][ T7202] syz.3.1256: attempt to access beyond end of device [ 273.872014][ T7202] loop3: rw=34817, sector=76, nr_sectors = 473 limit=64 [ 273.905335][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 273.921908][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 273.944312][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 273.961328][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 273.999155][ T6993] device veth0_macvtap entered promiscuous mode [ 274.113132][ T7098] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.157600][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 274.169234][ T6993] device veth1_macvtap entered promiscuous mode [ 274.312465][ T7098] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.402601][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.432119][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.465099][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.518799][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.569779][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.599797][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.652578][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.677206][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.718495][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.740271][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.774892][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.802475][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.859342][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.896178][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.925290][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.936792][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.947251][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.959660][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.008704][ T6993] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 275.055903][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 275.078299][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 275.106635][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.124402][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.969527][ T48] Bluetooth: hci3: command tx timeout [ 275.997462][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.020752][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.043618][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.066613][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.088647][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.111429][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.132810][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.157292][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.186637][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.208323][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.228017][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.253539][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.274126][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.295151][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.315619][ T6993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.336788][ T6993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.497077][ T6993] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 276.559707][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 276.586330][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 276.641461][ T6993] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.652608][ T6993] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.662592][ T6993] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.676281][ T6993] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.997933][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.242915][ T7245] overlayfs: missing 'workdir' [ 278.902933][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 278.975429][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 279.014808][ T7098] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 279.100116][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 279.109190][ T7098] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 279.134454][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.165833][ T7098] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 279.217433][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 279.229196][ T7098] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 279.422386][ T7250] ebt_limit: overflow, try lower: 0/0 [ 279.597813][ T7098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 279.657690][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 279.676766][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 279.715969][ T7098] 8021q: adding VLAN 0 to HW filter on device team0 [ 279.789351][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 279.799549][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 279.825455][ T3597] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.832681][ T3597] bridge0: port 1(bridge_slave_0) entered forwarding state [ 280.717525][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 280.726058][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 280.736150][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 280.745355][ T3597] bridge0: port 2(bridge_slave_1) entered blocking state [ 280.752592][ T3597] bridge0: port 2(bridge_slave_1) entered forwarding state [ 280.761476][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 280.843188][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 280.878591][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 280.956098][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 281.031437][ T7274] overlayfs: bad mount option "redirect_dir=./file1" [ 281.839075][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 281.848980][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 281.881504][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 281.902879][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 281.913214][ T7278] loop3: detected capacity change from 0 to 64 [ 281.922591][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 281.971963][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 282.036456][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 282.057292][ T7098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 282.102987][ T7282] syz.3.1289: attempt to access beyond end of device [ 282.102987][ T7282] loop3: rw=34817, sector=39, nr_sectors = 30 limit=64 [ 282.130645][ T7283] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 282.149827][ T7282] syz.3.1289: attempt to access beyond end of device [ 282.149827][ T7282] loop3: rw=34817, sector=72, nr_sectors = 2 limit=64 [ 282.499575][ T7282] syz.3.1289: attempt to access beyond end of device [ 282.499575][ T7282] loop3: rw=34817, sector=76, nr_sectors = 500 limit=64 [ 282.944807][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 283.949692][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 283.999923][ T7098] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 284.119001][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 284.134746][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 284.195435][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 284.216659][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 284.266314][ T7098] device veth0_vlan entered promiscuous mode [ 284.289791][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 284.316463][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 284.378245][ T7098] device veth1_vlan entered promiscuous mode [ 284.491565][ T7316] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 284.587814][ T7098] device veth0_macvtap entered promiscuous mode [ 284.618103][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 284.629132][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 284.704375][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 284.728356][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 284.751872][ T7098] device veth1_macvtap entered promiscuous mode [ 284.761393][ T7320] overlayfs: bad mount option "redirect_dir=./file1" [ 285.557292][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 285.609549][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 285.700410][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.742881][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.787679][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.824380][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.867219][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.894619][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.936719][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.969807][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.044616][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.098801][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.110795][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.123403][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.135795][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.147653][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.158283][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.169476][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.183424][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.195233][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.206067][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 286.217471][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.247923][ T7098] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 286.272112][ T7328] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1305'. [ 286.320425][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 286.361021][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 286.393912][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 286.435965][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.466575][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 286.507283][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 286.532694][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.537282][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.568605][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.587188][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.618062][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.643867][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.695123][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.747353][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.777337][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.817378][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.830288][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.841071][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.852193][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.863176][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.874947][ T7098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.886056][ T7098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.898145][ T7098] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 287.934810][ T7349] input: syz1 as /devices/virtual/input/input15 [ 288.470601][ T7344] netlink: 'syz.4.1311': attribute type 11 has an invalid length. [ 288.692105][ T7351] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 288.779930][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 288.821835][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 288.836187][ T7098] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.889769][ T7098] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.913830][ T7098] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.961030][ T7098] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.223920][ T6574] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 289.253547][ T6574] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 289.303239][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 289.357796][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 289.376261][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 289.461804][ T3594] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 290.997330][ T3594] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 291.247357][ T3594] usb 4-1: Using ep0 maxpacket: 16 [ 291.627530][ T3594] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 291.639399][ T3594] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.657332][ T3594] usb 4-1: Product: syz [ 291.664654][ T3594] usb 4-1: Manufacturer: syz [ 291.677337][ T3594] usb 4-1: SerialNumber: syz [ 291.698076][ T3594] usb 4-1: config 0 descriptor?? [ 291.749473][ T3594] visor 4-1:0.0: Sony Clie 3.5 converter detected [ 292.026639][ T3562] jfs_flush_journal: synclist not empty [ 292.037433][ T3562] metapage: ffff888068b586c8: 00001000 00000000 00003a48 00000000 [ 292.065847][ T3562] metapage: ffff888068b586d8: 76c38a28 ffff8880 76c38a28 ffff8880 [ 292.110780][ T3562] metapage: ffff888068b586e8: 00000004 00000000 00000000 00000000 [ 292.150970][ T3562] metapage: ffff888068b586f8: 68b53000 ffff8880 00000024 00000000 [ 292.177480][ T3562] metapage: ffff888068b58708: 00000000 dead4ead ffffffff 00000000 [ 292.186596][ T3562] metapage: ffff888068b58718: ffffffff ffffffff 91e3a440 ffffffff [ 292.197072][ T3562] metapage: ffff888068b58728: 901f2de0 ffffffff 00000000 00000000 [ 292.197646][ T3594] usb 4-1: clie_3_5_startup: get interface number failed: -71 [ 292.213352][ T3562] metapage: ffff888068b58738: 8b24c8e0 ffffffff 00000200 00000000 [ 292.239017][ T3594] visor: probe of 4-1:0.0 failed with error -71 [ 292.261525][ T3594] usb 4-1: USB disconnect, device number 9 [ 292.290699][ T3562] metapage: ffff888068b58748: 68b58748 ffff8880 68b58748 ffff8880 [ 292.306769][ T3562] metapage: ffff888068b58758: 01a2d4c0 ffffea00 1f5f2000 ffff8880 [ 292.315509][ T3562] metapage: ffff888068b58768: 00001000 00003b14 00000001 00000000 [ 292.350598][ T3562] metapage: ffff888068b58778: 76c38800 ffff8880 [ 292.380974][ T3562] page: ffffea0001a2d4c0: 00fff50000002056 ffffea0001a2d5c8 [ 292.399654][ T7400] netlink: 'syz.2.1327': attribute type 11 has an invalid length. [ 292.439176][ T3562] page: ffffea0001a2d4d0: ffffea0001a2d448 ffff88805aa50f98 [ 292.478427][ T3562] page: ffffea0001a2d4e0: 0000000000000024 ffff888068b586c8 [ 292.497997][ T3562] page: ffffea0001a2d4f0: 00000002ffffffff ffff88807747a000 [ 292.560046][ T4605] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 293.867864][ T4605] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 294.035911][ T4605] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 294.142963][ T7423] loop3: detected capacity change from 0 to 512 [ 295.112791][ T4605] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 295.152541][ T7423] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 295.160910][ T7423] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 295.191250][ T4605] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.204276][ T7423] EXT4-fs (loop3): 1 truncate cleaned up [ 295.210499][ T7423] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 295.245493][ T7421] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 295.287346][ T4605] usb 1-1: can't set config #27, error -71 [ 295.299273][ T4605] usb 1-1: USB disconnect, device number 4 [ 295.430139][ T5782] EXT4-fs (loop3): unmounting filesystem. [ 295.605019][ T7434] device pim6reg1 entered promiscuous mode [ 297.094404][ T7446] netlink: 'syz.0.1339': attribute type 11 has an invalid length. [ 297.229930][ T7441] loop3: detected capacity change from 0 to 4096 [ 297.307460][ T7441] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 298.350680][ T7441] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 298.617352][ T7441] ntfs3: loop3: Failed to load root. [ 298.757252][ T14] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 298.997201][ T14] usb 1-1: Using ep0 maxpacket: 16 [ 300.017532][ T14] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 300.037047][ T14] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.087184][ T14] usb 1-1: Product: syz [ 300.101764][ T14] usb 1-1: Manufacturer: syz [ 300.182820][ T14] usb 1-1: SerialNumber: syz [ 300.230553][ T14] usb 1-1: config 0 descriptor?? [ 300.240063][ T7474] loop3: detected capacity change from 0 to 2048 [ 300.296769][ T14] visor 1-1:0.0: Sony Clie 3.5 converter detected [ 300.385304][ T7474] loop3: p3 < > p4 < > [ 300.418498][ T7474] loop3: partition table partially beyond EOD, truncated [ 300.429585][ T7474] loop3: p3 start 4284289 is beyond EOD, truncated [ 300.522700][ T3003] loop3: p3 < > p4 < > [ 300.527019][ T3003] loop3: partition table partially beyond EOD, truncated [ 300.572858][ T3003] loop3: p3 start 4284289 is beyond EOD, truncated [ 300.747379][ T14] usb 1-1: clie_3_5_startup: get interface number failed: -71 [ 300.762276][ T14] visor: probe of 1-1:0.0 failed with error -71 [ 300.828729][ T14] usb 1-1: USB disconnect, device number 5 [ 300.883218][ T48] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 300.896127][ T48] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 300.905143][ T48] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 300.916685][ T48] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 300.926774][ T48] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 300.935637][ T48] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 301.421038][ T7491] netlink: 'syz.3.1352': attribute type 11 has an invalid length. [ 303.608910][ T48] Bluetooth: hci4: command tx timeout [ 304.025285][ T7515] loop3: detected capacity change from 0 to 4096 [ 304.059702][ T7515] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 304.206720][ T7515] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 304.371030][ T7515] ntfs3: loop3: Failed to load root. [ 305.371226][ T7484] chnl_net:caif_netlink_parms(): no params data found [ 305.687649][ T48] Bluetooth: hci4: command tx timeout [ 306.085152][ T7484] bridge0: port 1(bridge_slave_0) entered blocking state [ 306.109233][ T7484] bridge0: port 1(bridge_slave_0) entered disabled state [ 306.118475][ T7484] device bridge_slave_0 entered promiscuous mode [ 306.288664][ T7484] bridge0: port 2(bridge_slave_1) entered blocking state [ 306.316053][ T7484] bridge0: port 2(bridge_slave_1) entered disabled state [ 306.395090][ T7484] device bridge_slave_1 entered promiscuous mode [ 308.429953][ T7549] input: syz1 as /devices/virtual/input/input16 [ 309.270073][ T48] Bluetooth: hci4: command tx timeout [ 309.427395][ T7553] syz.1.1366 uses obsolete (PF_INET,SOCK_PACKET) [ 309.471194][ T5062] device hsr_slave_0 left promiscuous mode [ 309.507465][ T5062] device hsr_slave_1 left promiscuous mode [ 309.534475][ T5062] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 309.542711][ T5062] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 309.553942][ T5062] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 309.562644][ T5062] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 309.572746][ T5062] device bridge_slave_1 left promiscuous mode [ 309.579458][ T5062] bridge0: port 2(bridge_slave_1) entered disabled state [ 309.596874][ T5062] device bridge_slave_0 left promiscuous mode [ 309.623049][ T5062] bridge0: port 1(bridge_slave_0) entered disabled state [ 309.683745][ T7563] netlink: 'syz.3.1370': attribute type 3 has an invalid length. [ 309.718130][ T5062] device veth1_macvtap left promiscuous mode [ 309.738559][ T5062] device veth0_macvtap left promiscuous mode [ 309.751456][ T5062] device veth1_vlan left promiscuous mode [ 309.764337][ T5062] device veth0_vlan left promiscuous mode [ 309.882192][ T7565] loop3: detected capacity change from 0 to 64 [ 310.045267][ T7566] syz.3.1371: attempt to access beyond end of device [ 310.045267][ T7566] loop3: rw=34817, sector=39, nr_sectors = 30 limit=64 [ 310.096679][ T7566] syz.3.1371: attempt to access beyond end of device [ 310.096679][ T7566] loop3: rw=34817, sector=72, nr_sectors = 2 limit=64 [ 310.194064][ T7566] syz.3.1371: attempt to access beyond end of device [ 310.194064][ T7566] loop3: rw=34817, sector=76, nr_sectors = 500 limit=64 [ 311.287601][ T48] Bluetooth: hci4: command tx timeout [ 311.634353][ T5062] team0 (unregistering): Port device team_slave_1 removed [ 311.838273][ T7585] input: syz1 as /devices/virtual/input/input17 [ 311.989993][ T5062] team0 (unregistering): Port device team_slave_0 removed [ 313.744281][ T7593] netlink: 'syz.2.1380': attribute type 3 has an invalid length. [ 313.766599][ T5062] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 313.956967][ T5062] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 314.087559][ T3565] Bluetooth: hci9: command 0x0406 tx timeout [ 315.232072][ T7610] loop3: detected capacity change from 0 to 64 [ 315.481631][ T7615] syz.3.1387: attempt to access beyond end of device [ 315.481631][ T7615] loop3: rw=34817, sector=39, nr_sectors = 30 limit=64 [ 315.507715][ T7615] syz.3.1387: attempt to access beyond end of device [ 315.507715][ T7615] loop3: rw=34817, sector=72, nr_sectors = 2 limit=64 [ 315.959562][ T7615] syz.3.1387: attempt to access beyond end of device [ 315.959562][ T7615] loop3: rw=34817, sector=76, nr_sectors = 500 limit=64 [ 317.194186][ T1253] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.200786][ T1253] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.276588][ T7625] netlink: 'syz.2.1392': attribute type 3 has an invalid length. [ 317.564874][ T5062] bond0 (unregistering): Released all slaves [ 317.784526][ T48] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 317.796400][ T48] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 317.806158][ T48] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 317.820821][ T48] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 317.835353][ T7484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 317.845799][ T48] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 317.853533][ T48] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 317.863383][ T7617] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1389'. [ 317.872750][ T7618] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1389'. [ 318.074994][ T7484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 318.108859][ T7635] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1396'. [ 318.280945][ T7484] team0: Port device team_slave_0 added [ 318.343014][ T7484] team0: Port device team_slave_1 added [ 318.511334][ T7484] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 318.535740][ T7484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.650225][ T7484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 319.791788][ T7640] loop3: detected capacity change from 0 to 32768 [ 319.801284][ T7484] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 319.808843][ T7484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 319.857332][ T7484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 319.928532][ T3565] Bluetooth: hci6: command tx timeout [ 319.943911][ T7656] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1403'. [ 319.964661][ T7640] XFS (loop3): Mounting V5 Filesystem [ 319.974926][ T7656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1403'. [ 320.141678][ T7640] XFS (loop3): Ending clean mount [ 320.168930][ T7640] XFS (loop3): Quotacheck needed: Please wait. [ 320.175156][ T7484] device hsr_slave_0 entered promiscuous mode [ 320.207883][ T7484] device hsr_slave_1 entered promiscuous mode [ 320.272513][ T7640] XFS (loop3): Quotacheck: Done. [ 320.404112][ T26] audit: type=1800 audit(1719925668.165:108): pid=7640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1398" name="bus" dev="loop3" ino=9290 res=0 errno=0 [ 320.524010][ T26] audit: type=1804 audit(1719925668.275:109): pid=7640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1398" name="/newroot/132/file0/bus" dev="loop3" ino=9290 res=1 errno=0 [ 320.874530][ T5782] XFS (loop3): Unmounting Filesystem [ 321.028277][ T7484] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.173423][ T7628] chnl_net:caif_netlink_parms(): no params data found [ 321.330429][ T7484] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.670846][ T7484] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.059001][ T3565] Bluetooth: hci6: command tx timeout [ 322.644437][ T7484] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.825753][ T7628] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.881418][ T7628] bridge0: port 1(bridge_slave_0) entered disabled state [ 322.934503][ T7628] device bridge_slave_0 entered promiscuous mode [ 322.995468][ T7628] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.034986][ T7628] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.076261][ T7628] device bridge_slave_1 entered promiscuous mode [ 323.308623][ T7628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 323.335707][ T7628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 323.362011][ T7696] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1415'. [ 323.376999][ T7696] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1415'. [ 323.533258][ T7484] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 323.585845][ T7628] team0: Port device team_slave_0 added [ 323.593833][ T7484] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 323.620711][ T7628] team0: Port device team_slave_1 added [ 323.641120][ T7484] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 323.714609][ T7484] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 323.785383][ T7628] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 323.837312][ T7628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 323.937969][ T7628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 324.087583][ T7628] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 324.096960][ T48] Bluetooth: hci6: command tx timeout [ 324.121923][ T7628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 324.155605][ T7628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 325.143835][ T7628] device hsr_slave_0 entered promiscuous mode [ 325.188446][ T7628] device hsr_slave_1 entered promiscuous mode [ 325.196817][ T7628] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 325.205367][ T7628] Cannot create hsr debugfs directory [ 325.500848][ T7484] 8021q: adding VLAN 0 to HW filter on device bond0 [ 325.545589][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 325.558725][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 325.582247][ T7484] 8021q: adding VLAN 0 to HW filter on device team0 [ 325.628785][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 325.644450][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 325.663540][ T935] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.670757][ T935] bridge0: port 1(bridge_slave_0) entered forwarding state [ 325.791229][ T7628] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.839232][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 325.858026][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 325.874804][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 325.908166][ T7587] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.915334][ T7587] bridge0: port 2(bridge_slave_1) entered forwarding state [ 325.941941][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 326.043028][ T7628] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.082224][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 326.098532][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 326.130106][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 326.167549][ T48] Bluetooth: hci6: command tx timeout [ 326.184852][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 326.219619][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 326.313369][ T7628] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.458603][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 326.509862][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 326.544235][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 326.604488][ T7628] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.635253][ T7484] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 326.659053][ T7484] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 327.609589][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 327.635699][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 327.698598][ T7753] loop3: detected capacity change from 0 to 2048 [ 327.789836][ T7753] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 327.882126][ T7751] IPv6: sit1: Disabled Multicast RS [ 328.063607][ T26] audit: type=1804 audit(1719925675.825:110): pid=7753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1439" name="/newroot/140/file0/bus" dev="loop3" ino=18 res=1 errno=0 [ 328.663994][ T7628] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 328.699200][ T5782] EXT4-fs (loop3): unmounting filesystem. [ 328.716636][ T7628] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 328.767359][ T7628] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 328.816060][ T7628] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 328.932168][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 328.942841][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 328.969473][ T7484] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 329.251731][ T3598] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 329.289999][ T27] INFO: task syz-executor:4155 blocked for more than 145 seconds. [ 329.307218][ T27] Not tainted 6.1.96-syzkaller #0 [ 329.323181][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 329.568447][ T27] task:syz-executor state:D stack:21208 pid:4155 ppid:1 flags:0x00004004 [ 329.704110][ T3598] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 329.729907][ T27] Call Trace: [ 329.761350][ T27] [ 329.773245][ T3598] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 329.808532][ T27] __schedule+0x142d/0x4550 [ 329.850762][ T27] ? __mutex_lock+0x6b4/0xd80 [ 329.880619][ T3598] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 330.048356][ T27] ? __sched_text_start+0x8/0x8 [ 330.064624][ T27] ? __mutex_trylock_common+0x8d/0x2e0 [ 330.082681][ T27] ? do_raw_spin_unlock+0x137/0x8a0 [ 330.090578][ T3598] usb 3-1: New USB device found, idVendor=056a, idProduct=00d5, bcdDevice= 0.00 [ 330.112395][ T27] schedule+0xbf/0x180 [ 330.125501][ T27] schedule_preempt_disabled+0xf/0x20 [ 330.133353][ T3598] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.154419][ T27] __mutex_lock+0x6b9/0xd80 [ 330.172021][ T3598] usb 3-1: config 0 descriptor?? [ 330.187128][ T27] ? __mutex_lock+0x53c/0xd80 [ 330.193741][ T27] ? lmLogClose+0xae/0x530 [ 330.202202][ T27] ? mutex_lock_nested+0x10/0x10 [ 330.218212][ T27] ? updateSuper+0x139/0x750 [ 330.227436][ T27] lmLogClose+0xae/0x530 [ 330.231760][ T27] jfs_umount+0x298/0x370 [ 330.243341][ T27] jfs_put_super+0x86/0x180 [ 330.252544][ T27] ? jfs_free_inode+0x20/0x20 [ 330.267234][ T27] generic_shutdown_super+0x130/0x340 [ 330.272712][ T27] kill_block_super+0x7a/0xe0 [ 330.287150][ T27] deactivate_locked_super+0xa0/0x110 [ 330.292619][ T27] cleanup_mnt+0x490/0x520 [ 330.297261][ T27] ? lockdep_hardirqs_on+0x94/0x130 [ 330.302658][ T27] task_work_run+0x246/0x300 [ 330.307350][ T27] ? task_work_cancel+0x2b0/0x2b0 [ 330.313135][ T27] ? exit_to_user_mode_loop+0x39/0x100 [ 330.318748][ T27] exit_to_user_mode_loop+0xde/0x100 [ 330.324075][ T27] exit_to_user_mode_prepare+0xb1/0x140 [ 330.329866][ T27] syscall_exit_to_user_mode+0x60/0x270 [ 330.335457][ T27] do_syscall_64+0x47/0xb0 [ 330.339999][ T27] ? clear_bhb_loop+0x45/0xa0 [ 330.344719][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 330.350742][ T27] RIP: 0033:0x7f8293d77247 [ 330.355196][ T27] RSP: 002b:00007ffdd61a4a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 330.366854][ T27] RAX: 0000000000000000 RBX: 00007f8293de365d RCX: 00007f8293d77247 [ 330.387188][ T27] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdd61a4b40 [ 330.395220][ T27] RBP: 00007ffdd61a4b40 R08: 0000000000000000 R09: 0000000000000000 [ 330.417214][ T27] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdd61a5c10 [ 330.425260][ T27] R13: 00007f8293de365d R14: 000000000001ca21 R15: 0000000000000005 [ 330.454981][ T27] [ 330.458305][ T27] [ 330.458305][ T27] Showing all locks held in the system: [ 330.478586][ T27] 1 lock held by rcu_tasks_kthre/12: [ 330.492863][ T27] #0: ffffffff8d12ae90 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 330.557151][ T27] 1 lock held by rcu_tasks_trace/13: [ 330.562511][ T27] #0: ffffffff8d12b690 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 330.630769][ T27] 1 lock held by khungtaskd/27: [ 330.641893][ T27] #0: ffffffff8d12acc0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 330.663471][ T27] 3 locks held by kworker/0:2/935: [ 330.674394][ T27] #0: ffff888012470938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 330.685421][ T7628] 8021q: adding VLAN 0 to HW filter on device bond0 [ 330.696139][ T27] #1: ffffc90004537d20 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 330.725850][ T27] #2: ffff88807bde4240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x2cd/0x4120 [ 330.739544][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 330.746734][ T27] 2 locks held by getty/3304: [ 330.746781][ T27] #0: ffff88814b789098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 330.777916][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 330.782295][ T27] #1: [ 330.790518][ T7628] 8021q: adding VLAN 0 to HW filter on device team0 [ 330.792065][ T27] ffffc900031262f0 [ 330.810739][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 330.813438][ T27] ( [ 330.815426][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 330.836544][ T27] &ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0 [ 330.854071][ T7587] bridge0: port 1(bridge_slave_0) entered blocking state [ 330.854195][ T27] 2 locks held by syz-executor/3553: [ 330.861348][ T7587] bridge0: port 1(bridge_slave_0) entered forwarding state [ 330.897395][ T27] #0: ffff88805f7140e0 (&type->s_umount_key#70){++++}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 330.899469][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 330.928825][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 330.932295][ T27] #1: [ 330.948008][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 330.948417][ T27] ffffffff8d5110c8 [ 330.951501][ T7587] bridge0: port 2(bridge_slave_1) entered blocking state [ 330.969814][ T7587] bridge0: port 2(bridge_slave_1) entered forwarding state [ 330.983915][ T27] (jfs_log_mutex){+.+.}-{3:3}, at: lmLogClose+0xae/0x530 [ 330.995995][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 331.008889][ T27] 4 locks held by udevd/3566: [ 331.024114][ T27] #0: ffff888067c30668 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xae/0xd10 [ 331.039338][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 331.055534][ T27] #1: ffff88807a1f3888 (&of->mutex){+.+.}-{3:3}, at: kernfs_seq_start+0x4f/0x3a0 [ 331.057701][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 331.075573][ T27] #2: ffff88805edd6748 (kn->active#5){.+.+}-{0:0}, at: kernfs_seq_start+0x6e/0x3a0 [ 331.096697][ T27] #3: ffff888020e0c190 (&dev->mutex){....}-{3:3}, at: uevent_show+0x176/0x330 [ 331.117851][ T27] 3 locks held by kworker/0:5/3597: [ 331.130187][ T27] 5 locks held by kworker/1:5/3598: [ 331.132554][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 331.150679][ T27] #0: ffff888143ea8938 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.168241][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 331.174257][ T27] #1: ffffc900042efd20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.197663][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 331.203783][ T27] #2: ffff8880223e0190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5730 [ 331.235784][ T27] #3: ffff888020e0c190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8a/0x570 [ 331.250814][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 331.257447][ T27] #4: ffff8880498eb118 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8a/0x570 [ 331.259751][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 331.279928][ T27] 2 locks held by syz-executor/3649: [ 331.288390][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 331.292765][ T27] #0: ffff88801b6e60e0 (&type->s_umount_key#70){++++}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 331.307936][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 331.336826][ T27] #1: ffffffff8d5110c8 (jfs_log_mutex){+.+.}-{3:3}, at: lmLogClose+0xae/0x530 [ 331.338836][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 331.364090][ T27] 2 locks held by kworker/u4:7/3664: [ 331.370344][ T27] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.381933][ T27] #1: ffffc90004547d20 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.401649][ T27] 2 locks held by syz-executor/4155: [ 331.402540][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 331.407605][ T27] #0: ffff888075de00e0 (&type->s_umount_key#70){++++}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 331.416814][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 331.428443][ T27] #1: ffffffff8d5110c8 (jfs_log_mutex){+.+.}-{3:3}, at: lmLogClose+0xae/0x530 [ 331.448490][ T27] 3 locks held by kworker/1:11/4522: [ 331.453940][ T27] #0: ffff88814b4eb138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.465872][ T27] #1: ffffffff8d12acc0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x16a/0x470 [ 331.468636][ T7628] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 331.476228][ T27] #2: ffff888025c627d8 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0xad/0x12e0 [ 331.493273][ T27] 3 locks held by kworker/1:14/4526: [ 331.499125][ T27] #0: ffff888012470938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.517697][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 331.527594][ T27] #1: ffffc900046c7d20 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.544584][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 331.546610][ T27] #2: [ 331.554925][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 331.566793][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 331.567328][ T27] ffff8880749a9240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x2cd/0x4120 [ 331.587997][ T7484] device veth0_vlan entered promiscuous mode [ 331.611742][ T7484] device veth1_vlan entered promiscuous mode [ 331.613382][ T27] 2 locks held by kworker/u4:16/4994: [ 331.627876][ T27] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.655366][ T27] #1: ffffc9001b797d20 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.694571][ T27] 4 locks held by kworker/u4:17/5062: [ 331.701405][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 331.710923][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 331.718808][ T27] #0: ffff888012616938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.735378][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 331.742585][ T27] #1: ffffc9000358fd20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 331.761741][ T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 331.767478][ T27] #2: ffffffff8e28da10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60 [ 331.780588][ T27] #3: ffffffff8d130180 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x48/0x5f0 [ 331.783154][ T7484] device veth0_macvtap entered promiscuous mode [ 331.791847][ T27] 1 lock held by syz.0.1133/6852: [ 331.807659][ T27] #0: ffff88805f7140e0 (&type->s_umount_key#70){++++}-{3:3}, at: iterate_supers+0xac/0x1e0 [ 331.821806][ T7587] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 331.829571][ T27] 1 lock held by syz.2.1190/7005: [ 331.829593][ T27] #0: ffff88805f7140e0 (&type->s_umount_key#70){++++}-{3:3}, at: iterate_supers+0xac/0x1e0 [ 331.829679][ T27] 5 locks held by kworker/0:10/7587: [ 331.829694][ T27] 1 lock held by modprobe/7796: [ 331.830754][ T27] [ 331.851730][ T7484] device veth1_macvtap entered promiscuous mode [ 331.912007][ T27] ============================================= [ 331.912007][ T27] [ 331.933379][ T27] NMI backtrace for cpu 0 [ 331.937764][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 6.1.96-syzkaller #0 [ 331.945577][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 331.955633][ T27] Call Trace: [ 331.958952][ T27] [ 331.961885][ T27] dump_stack_lvl+0x1e3/0x2cb [ 331.966584][ T27] ? nf_tcp_handle_invalid+0x642/0x642 [ 331.972059][ T27] ? panic+0x764/0x764 [ 331.976130][ T27] ? vprintk_emit+0x622/0x740 [ 331.980844][ T27] ? printk_sprint+0x490/0x490 [ 331.985632][ T27] ? nmi_cpu_backtrace+0x252/0x560 [ 331.990775][ T27] nmi_cpu_backtrace+0x4e1/0x560 [ 331.995750][ T27] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 332.001981][ T27] ? _printk+0xd1/0x111 [ 332.006163][ T27] ? panic+0x764/0x764 [ 332.010331][ T27] ? __wake_up_klogd+0xcc/0x100 [ 332.015190][ T27] ? panic+0x764/0x764 [ 332.019268][ T27] ? nmi_trigger_cpumask_backtrace+0xe2/0x3f0 [ 332.025369][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 332.031590][ T27] nmi_trigger_cpumask_backtrace+0x1b0/0x3f0 [ 332.037696][ T27] watchdog+0xf88/0xfd0 [ 332.041886][ T27] ? watchdog+0x1f8/0xfd0 [ 332.046234][ T27] kthread+0x28d/0x320 [ 332.050311][ T27] ? hungtask_pm_notify+0x50/0x50 [ 332.055351][ T27] ? kthread_blkcg+0xd0/0xd0 [ 332.059949][ T27] ret_from_fork+0x1f/0x30 [ 332.064391][ T27] [ 332.068590][ T27] Sending NMI from CPU 0 to CPUs 1: [ 332.073848][ C1] NMI backtrace for cpu 1 [ 332.073859][ C1] CPU: 1 PID: 4522 Comm: kworker/1:11 Not tainted 6.1.96-syzkaller #0 [ 332.073878][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 332.073890][ C1] Workqueue: events nsim_dev_trap_report_work [ 332.073917][ C1] RIP: 0010:lockdep_softirqs_on+0x29/0x590 [ 332.073946][ C1] Code: 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec 80 00 00 00 49 89 fe 65 48 8b 04 25 28 00 00 00 48 89 44 24 60 <48> ba 00 00 00 00 00 fc ff df 48 c7 44 24 20 b3 8a b5 41 48 c7 44 [ 332.073961][ C1] RSP: 0018:ffffc900045d7a00 EFLAGS: 00000086 [ 332.073975][ C1] RAX: 8ead3801b5f34d00 RBX: 1ffff920008baf5c RCX: 0000000000000001 [ 332.073988][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8651a5f5 [ 332.074000][ C1] RBP: ffffc900045d7ab0 R08: dffffc0000000000 R09: ffffed100ed71ac3 [ 332.074014][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 332.074027][ C1] R13: 1ffff920008baf60 R14: ffffffff8651a5f5 R15: 0000000000000201 [ 332.074040][ C1] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 332.074055][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 332.074067][ C1] CR2: 00007f65405c0068 CR3: 00000000624ef000 CR4: 00000000003506e0 [ 332.074083][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 332.074094][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 332.074104][ C1] Call Trace: [ 332.074110][ C1] [ 332.074116][ C1] ? nmi_cpu_backtrace+0x3de/0x560 [ 332.074145][ C1] ? read_lock_is_recursive+0x10/0x10 [ 332.074172][ C1] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 332.074200][ C1] ? nmi_handle+0x25/0x440 [ 332.074236][ C1] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 332.074262][ C1] ? nmi_handle+0x12e/0x440 [ 332.074289][ C1] ? nmi_handle+0x25/0x440 [ 332.074315][ C1] ? lockdep_softirqs_on+0x29/0x590 [ 332.074339][ C1] ? default_do_nmi+0x62/0x150 [ 332.074357][ C1] ? exc_nmi+0xa8/0x100 [ 332.074373][ C1] ? end_repeat_nmi+0x16/0x31 [ 332.074398][ C1] ? nsim_dev_trap_report_work+0x755/0xa90 [ 332.074424][ C1] ? nsim_dev_trap_report_work+0x755/0xa90 [ 332.074444][ C1] ? lockdep_softirqs_on+0x29/0x590 [ 332.074476][ C1] ? lockdep_softirqs_on+0x29/0x590 [ 332.074502][ C1] ? lockdep_softirqs_on+0x29/0x590 [ 332.074527][ C1] [ 332.074532][ C1] [ 332.074544][ C1] ? __local_bh_enable_ip+0x102/0x1f0 [ 332.074569][ C1] ? lockdep_hardirqs_off+0x70/0x100 [ 332.074590][ C1] __local_bh_enable_ip+0x11f/0x1f0 [ 332.074618][ C1] ? nsim_dev_trap_report_work+0x755/0xa90 [ 332.074639][ C1] ? _local_bh_enable+0xa0/0xa0 [ 332.074665][ C1] ? do_raw_spin_unlock+0x137/0x8a0 [ 332.074684][ C1] ? in_aton+0x39b/0x430 [ 332.074699][ C1] ? nsim_dev_trap_report_work+0x69f/0xa90 [ 332.074724][ C1] nsim_dev_trap_report_work+0x755/0xa90 [ 332.074755][ C1] ? process_one_work+0x7a9/0x11d0 [ 332.074775][ C1] process_one_work+0x8a9/0x11d0 [ 332.074804][ C1] ? worker_detach_from_pool+0x260/0x260 [ 332.074828][ C1] ? _raw_spin_lock_irqsave+0x120/0x120 [ 332.074848][ C1] ? kthread_data+0x4e/0xc0 [ 332.074876][ C1] ? wq_worker_running+0x97/0x190 [ 332.074908][ C1] worker_thread+0xa47/0x1200 [ 332.074932][ C1] ? __sched_text_start+0x8/0x8 [ 332.074971][ C1] kthread+0x28d/0x320 [ 332.074985][ C1] ? worker_clr_flags+0x190/0x190 [ 332.075004][ C1] ? kthread_blkcg+0xd0/0xd0 [ 332.075021][ C1] ret_from_fork+0x1f/0x30 [ 332.075053][ C1] [ 332.429535][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 332.436496][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.96-syzkaller #0 [ 332.444336][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 332.454602][ T27] Call Trace: [ 332.457912][ T27] [ 332.460878][ T27] dump_stack_lvl+0x1e3/0x2cb [ 332.465609][ T27] ? nf_tcp_handle_invalid+0x642/0x642 [ 332.471117][ T27] ? panic+0x764/0x764 [ 332.475225][ T27] ? llist_add_batch+0x160/0x1d0 [ 332.480302][ T27] ? vscnprintf+0x59/0x80 [ 332.484676][ T27] panic+0x318/0x764 [ 332.488608][ T27] ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0 [ 332.494808][ T27] ? memcpy_page_flushcache+0xfc/0xfc [ 332.500222][ T27] ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0 [ 332.506698][ T27] ? nmi_trigger_cpumask_backtrace+0x33a/0x3f0 [ 332.512929][ T27] ? nmi_trigger_cpumask_backtrace+0x33f/0x3f0 [ 332.519883][ T27] watchdog+0xfc7/0xfd0 [ 332.524882][ T27] ? watchdog+0x1f8/0xfd0 [ 332.529279][ T27] kthread+0x28d/0x320 [ 332.533409][ T27] ? hungtask_pm_notify+0x50/0x50 [ 332.538471][ T27] ? kthread_blkcg+0xd0/0xd0 [ 332.543087][ T27] ret_from_fork+0x1f/0x30 [ 332.547547][ T27] [ 332.550813][ T27] Kernel Offset: disabled [ 332.555140][ T27] Rebooting in 86400 seconds..