last executing test programs: 3.788743958s ago: executing program 4 (id=356): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0x3, &(0x7f0000000e80)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_sysctl=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) madvise(&(0x7f00005ac000/0x3000)=nil, 0x3000, 0x2) setuid(0xee00) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000100)='tasks\x00', 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50) r4 = dup(r3) sendmsg$inet_sctp(r4, &(0x7f0000001280)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0x100, @loopback, 0x3}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000040)="99", 0x1}], 0x1, &(0x7f00000012c0)=[@sndrcv={0x30, 0x84, 0x1, {0x2, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0xb4ed}}, @init={0x18, 0x84, 0x0, {0xfff8, 0x3, 0xe, 0x2}}], 0x48, 0x4855}, 0x8850) 3.571603302s ago: executing program 4 (id=361): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001880)={'vlan0\x00', 0x0}) r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r1, r3, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x303}}, 0x30) bpf$LINK_DETACH(0x22, &(0x7f0000000080)=r4, 0x4) close_range(r0, 0xffffffffffffffff, 0x0) 3.188726773s ago: executing program 4 (id=365): r0 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r0, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) 3.142384104s ago: executing program 4 (id=369): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 3.122194998s ago: executing program 4 (id=372): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0xc, 0x9, 0x0, 0x1, 0x2000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xc, 0x9, 0x0, 0x0, 0x80ffffff}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x5}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 2.995107786s ago: executing program 1 (id=377): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000006c0)}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000004000000000000000300000784"], 0x0, 0x5, 0x0, 0x0, 0x41100, 0x9}, 0x94) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x4014001}, 0x9590f6cc3ea35512) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="540000001200b7a339f2d30afddbdf4d200f070700000000000025862f00000001ffffffc3000000060000000087c32be695bfd3ead0084f", @ANYRES32=0x0, @ANYBLOB="de00fbffa611195cc93f034708000000080003"], 0x54}, 0x1, 0x0, 0x0, 0x4008000}, 0x40000) 2.926005782s ago: executing program 1 (id=379): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) pselect6(0x81, &(0x7f0000000000)={0xa, 0x7ff, 0x100, 0xffffffff, 0x8, 0xba4, 0xffffffffffffffff, 0xfffffffffffffff8}, 0x0, &(0x7f00000000c0)={0x6b40, 0x3, 0x0, 0x8, 0x1, 0x4000006, 0x8, 0x8080}, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001000ff"], 0x38}, 0x1, 0x0, 0x0, 0x20000094}, 0x4c004) 2.883383956s ago: executing program 1 (id=381): r0 = socket$inet_sctp(0x2, 0x1, 0x84) listen(r0, 0xda90) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x7}}], 0x10) 2.85150427s ago: executing program 1 (id=382): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 2.794088801s ago: executing program 4 (id=383): r0 = socket(0x2, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={'bridge0\x00', &(0x7f0000000300)=@ethtool_cmd={0x4c, 0x0, 0x2, 0x6, 0x3, 0x3, 0x3, 0xfd, 0x7, 0x3, 0x3ff, 0x4, 0xff, 0x24, 0x5, 0x5, [0x8, 0x9]}}) 2.756880417s ago: executing program 1 (id=385): syz_open_dev$loop(&(0x7f0000000500), 0x7, 0x880) r0 = syz_open_dev$loop(&(0x7f0000000000), 0x7f, 0x2a42) ioctl$IOC_PR_RELEASE(r0, 0x401070ca, 0x0) ioctl$BLKBSZSET(r0, 0x40081271, &(0x7f0000000100)=0x8) 2.44886143s ago: executing program 1 (id=390): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x61}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r3, 0x18000000000002a0, 0x4f, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.212186766s ago: executing program 2 (id=423): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) mlock(&(0x7f00007fe000/0x800000)=nil, 0x800000) syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x6040000}) 1.103849032s ago: executing program 2 (id=424): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYBLOB="01000000100000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c00000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468000000000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000110001002bbd7000fbdbdf2500000000", @ANYRES32=r2], 0x20}, 0x1, 0x200000000000000, 0x0, 0x4}, 0x40cc040) 793.531284ms ago: executing program 2 (id=425): socket$packet(0x11, 0x3, 0x300) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) pipe2$9p(&(0x7f0000000200), 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x80, 0x1, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x8, 0x9, 0x0, 0x2, 0x7fffffff}, 0x0, 0x0) 722.101033ms ago: executing program 2 (id=426): timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) r1 = socket$inet_sctp(0x2, 0x1, 0x84) close(0xffffffffffffffff) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x1, 0x30}, 0xc) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000001c0)={0x0, 0x1}, 0x8) r2 = dup(r1) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x39fab) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r2, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0, @ib={0x1b, 0x3, 0x6c, {"ca45c8de46648218b728c18f25921c67"}, 0x3ff, 0x3, 0x6}, @in6={0xa, 0x4e22, 0x9, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfffffc50}}}, 0x118) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) dup(r3) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x85, &(0x7f0000000600)={0x0, @in6={{0xa, 0x4e23, 0x7, @empty, 0x2001}}, 0x6, 0x6}, 0x90) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0) 721.945982ms ago: executing program 3 (id=427): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000003800)=@newtaction={0x78, 0x31, 0x1, 0xfffffffd, 0x25dfdbfb, {0x0, 0x0, 0x11}, [{0x64, 0x1, [@m_police={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x3, {0x1}}, {0xc}}}, @m_pedit={0x30, 0x2, 0x0, 0x0, {{0xa}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2}}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x8800}, 0x0) 710.36841ms ago: executing program 3 (id=429): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newtfilter={0x24, 0x2c, 0x1, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x4, 0xa}, {}, {0xfff2, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20008000) 595.072747ms ago: executing program 3 (id=430): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001680)) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000340)={0x1, 0x1, 0x0, 0x0, 0x0, 0x8000000}) 546.118209ms ago: executing program 0 (id=431): r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c) sendmsg$inet(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000006c0)="e8da0b70de94907ea28b5cdc8243e43fec642d3711198d0d84216e66b570d96ff4aebb8727c68030", 0x28}], 0x1, &(0x7f0000000680)=[@ip_tos_u8={{0x11}}], 0x18}, 0x2000c044) 501.684517ms ago: executing program 0 (id=432): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x5, &(0x7f0000000840)=ANY=[@ANYBLOB="18020000fdffffff000000001ac300008500000036000000850000000500000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000008c0)={r0, r2, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x49}}, 0x30) syz_emit_ethernet(0x46, &(0x7f0000000040)=ANY=[], 0x0) 500.999947ms ago: executing program 3 (id=433): syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file1\x00', 0xa0c416, &(0x7f0000000240)=ANY=[@ANYBLOB="646f747300000000732c646d6173a594e5e0d4ee303030303032fd33a1ddfe6717c3d234e02f30303030302c6e6f646f74732cb7f973636172642c6e66733d6e6f73", @ANYRES32, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff3030303030313737373737373737f9909fdfd4291a9ccfbbdb0556c0f39fdb37372c004c0f1208ec0c34b7df4ba1b5e6b76697434de7574db9bcaef6a61212c3f260bebc7ac5b1b113e1119b83f1cf9f686b3dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7acab1c2e7b6a547f8120c12a14b06fb302b8adb87fa67ab868940868fee39f0796736ccd4adf62186a216263c1322da47b156791f49bf9e904cf364616ba0d1bf1348f2e7305e9f22d6495da942b5034e13663b99da29b77f44729d2d624e275c0a7bd51391746002809f9ccbc48c93edf96a9ac580d0821f5c4caa4780ac2b7947ff520b17e3de63455fc5162ed9dd00f909ec0444b769ae353ef7f79bd4ad30ac1bf3def59632a6a7f6a069774c022bb68bb06c4204677147fda0e2825b3b223782ddc9a5762d74f50933517388aa6508249ce", @ANYRES16=0x0, @ANYRESHEX], 0x5, 0x29d, &(0x7f0000000740)="$eJzs3E9P03AYwPFnHWwDw5+TiV58ohe9NDiP6mEaSIxLNIMl6sGkhKJ1cyNto5sxsWdPvA7izaOJ8Q3wLrwRE8OJkzVspZQxQMZgOL6fhPRpn98PnrYpeX6QbuPZ6tvKsmcuW74YORVDJJAtkWlxZEcq2mZacSY+LvfzEsitmXebn+efv3hcKBZnS6pzhYU7eVWdvPb9/ccv13/4l958FcnK+vTLjd/5n+uX169s/Fl47XjqZKRW99XSxXrdtxarti45XsVUfVq1Lc9Wp+bZ7p78crW+stJUq7Y0Mb7i2p6nVq2phjTVr2suqqqmpmnqxPh2nJMLJHPsGeW1UskqnEoxODdct2ClRWRs39NQXhtMRQAAYJAO7v+NeMxO/2909v8iR/T/n6JRk9+69v+e9t7/pyXu/yt2q//33aZarywn2f/jUL31/8bpFIOTSAWJnQd7Uq5bGOs+if4fAAAAAAAAAAAAAAAAAAAAAID/wVYYToVhOLW9NUQkjPazIpJO7HeZeqHerR9WyfsfJr6y0Q0+5P5jCCRe3MuJ/Aoa5UY51dq283OPirMz2pJ48W+z0Sin4/ztdl735kdlPMrnu+YzcvNGO7+de/ikmMyvNspjsnRo5UG/LgEAAAAAAEPP1Nh0fDAn8freNDUrnfnW+r0dBbt/H+hY34/I1ZGzOw8AAAAAAHAwr/mhYlWrtns2QfoMf1bPgUhv0++G2b6UkRaRI8aU5kUGf6H2BVk5F2UMOjBO8bG617dvGKZE2kdGo18GHU8BAAAAgOGyux44/lz+vQ8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH+c7HPO/m3woM8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/+BgAA//894bte") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x25) openat$dir(0xffffffffffffff9c, 0x0, 0x1a9800, 0x0) syz_open_dev$loop(0x0, 0x7, 0x180862) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x60840, 0x8) io_setup(0x2e, &(0x7f0000000200)=0x0) io_submit(r2, 0x1, &(0x7f0000000100)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x4000000, 0x0, 0x0, r1}]) 390.127424ms ago: executing program 0 (id=434): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) mlock(&(0x7f00007fe000/0x800000)=nil, 0x800000) syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x80001) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x6040000}) 266.086784ms ago: executing program 3 (id=435): socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001100)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00aa19ce670d25010000020000040000009fc404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e468eea3fcfcf498278a315f5b87e1c26433a8acd715f5888b2007f00000000000000000100000000000000010015d60605000053350000000034a70c2ab40c7cf5691db43a5c00000000000000f030007ce2c6f800000000000000e75a89faff01218087560cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bef5d7d617da7a6520655a805608df4d431623c850af895abba14f6fbd7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf050000008600a62e96b7cb8e52cbdc2ba9d580609e31c30879d6fce424c2208af6c3784a1975fa657de38a3a32e4fd67ce446adb431d07db79241aca1dd9ba02453bbb5ee8babe1745e645f091231b986e952afdac972f342c6f184777d05d988d6edc71df0100000013a38300cabf2b554380ad215c789bef4cc574109b8df8d9a9db669557b3809d8c396d2c0361629d1822f722ec23812770d72cd00100000078a75dea785be550dbb420287e0789b8c7044f563a1f68d4efe895fdbc463f747c08f4010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b8a0ae6fb5425f1d581961471cdb51f8940290e99ccff4123f955267fe4a75c11448741f064fc7ce7e62ee4df874e086287547d4099aeec9f1538ee25a2a5ccf4a9b604e88e12ff25184d4e3c6f7f623559435b2c505fb711300000000040000000000000000000000000000e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7a49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd029406000000433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671a5767014b09ddbf69b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7b49991be06b950ccd48f4e49833f3c4a02bbd06c84680549f9eb16682ecb722e8ffaca907a3eaaebfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c52108d9c0d51dc30209872ec602af42eb29d54a37be0fdfdcd74c2d859a566ee5c30677173a2592a4617ae08bec07422d52d2ba7271550a5c20e3a8d1c8c8fd3025ff00607b2249ae9a18391e01b21b36169790b8e96f7955754b6b01a75165d3573d1dec5cf1b08b6115b43203a5654cce2277eb4c02ef4817b4cb989ac178895810eff7b697f2dc9b308aa2460e3cb85cdc4833571a62bf310700000000000000cc7f923284230ada8c756096a66119d4b6b2f159585c3cf8e7bfdd619e294b1d21cd491b8cfd4a253856e485fe29c6ad177a9fb078ca905782b9ed3c30675b89a784bb8031cac0de95178a5acff029a0f0fe972df22b20afe95fba722056f94ab15f1cf605c33df627311f1b614684d77549"], &(0x7f0000000140)='GPL\x00'}, 0x48) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4) setsockopt$packet_int(r0, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10) sendmmsg$inet(r1, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}], 0x1, 0x0) 152.926263ms ago: executing program 0 (id=436): r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000600)={0x0, {}, 0x0, {}, 0x7f, 0x1, 0x1f, 0x0, "3908f8ad30f3672a77795905b237da39839d3a4d03dec2f167958e51cff8e10c0ef004a6d4c532f76ecd3768845920b66a89c61aca4449403c7df913c8db6eba", "3f591cc951c04bf78bcee4829c75572cd34cb9668b3640d4d4a0dbb6260d6daa", [0x100000000]}) 104.440199ms ago: executing program 3 (id=437): mlock(&(0x7f00007fe000/0x800000)=nil, 0x800000) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) syz_emit_ethernet(0x80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x1, 0x61, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x4d, 0x0, @wg=@initiation={0x1, 0x1, "65a252e7cb7a5918c004a9971a46afced2c32642b1ec9fe34818d8ccd82041b7", "c930713c550e74ee13c2638ac75b2a9666efd31a34fce4498df8105d8bd8ed283a220c3a9becd8a70d3607ea8270d351", "ae12e16b560f2f8ac4ca3e745ce285f12f6e8719e7f1e7f286a68f76", {"980aa8fb8f80d69f1fb587086447e93e", "55e824bb69e833bd36300b088233545a"}}}}}}}, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) 29.966032ms ago: executing program 0 (id=438): r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0xc00, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) read$FUSE(r0, &(0x7f00000076c0)={0x2020}, 0x2020) 29.771865ms ago: executing program 2 (id=439): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000180)={@my=0x1}) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000280)={@my=0x1}) 24.033325ms ago: executing program 0 (id=440): syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYRES8=0x0, @ANYBLOB="c014ef4404236f9d646fae87879085133ad8975219d7c5b0e17dd86d11bede6adfc32eed7f19fa34880cce7ec7990f63e5d7996e33044ee8a4b2e6b43a7c6d25d508062bd3333b86453bc2f02b2617adecd3d5a0ea7561f9f63dea03c7f7d0fdec633a94741d77d3104ba57f74dce4b01be342dcc7b2df0a450ac40e4fbe4bebd4f60df318fb469f802375dc7a08f4649f9ed5b384d30b0fd964d74d91db023b617888d7b56cb0", @ANYRESOCT], 0x1, 0x578, &(0x7f0000000640)="$eJzs3d9u08gewPGfSwolR0LocIRQVWAo50hFKsFJISjiyseZpAOOHdkOaq9QRVNUkcKKstK2N7vcsLvS7kNwuw+xT7DvsVdo32C7sp30D20aoG2CyvcT7Y5jj2d+40T+aUpsCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEMut2nbREs/4rQXVn1sNg8bO2+7e+1bIrT3FIf2KWMl/MjEhV7JVV/4jMtbdfDn537RMZe+mZCIpJmTzX5cvPriUG+vtf0jAQ7G+sfl8qdNpvxp1ICfo6rn+2+raN1FgGk5dKxMFqlIu23fma5GqGU9Hi1GsG8oNtRMHoZpxb6lipTKndGExaPn1quPp3sr7t0u2XVYPC03thFHg33lYiNx543nGr6d1ks1JnfvJF/GRiVWsnYZSK6ud9tygASSVih9TqTSoUskulYrFUqlYvle5d9+2c/tW2B+QfTV6X9o//tzaGtQfTqPjPYEDRzDWzf/iiRFfWrIg6sCXK1UJJZBGn+1dvfz/vzv60H535/9elr+ys3lS0vx/LXt3rV/+7xPLsb+sflvWZUM25bksSUc60pZXw4roC3nVRYsvRiIJxEhDnHSN6q5RUpGylMWWJzIvNYlESU2MeKIlkkWJJBadfqNcCUWLI7EEEoqSGXHlligpSkUqMidKtBRkUQJpiS91qYqTtrIiq+lxnzvkM9quVOw7jHzve9eW0iGjPc78j6/VsZ6/gaPY6uX/hdyoQwEAAAAAACfESv/6bonIuFxNl2rG0/aowwIAAAAAAMcomfnLVFKMJ0tXxWL+DwAAAADAaWOl19hZIpKX69nSiljp5VL8EQAAAAAAgFMi/ff/a0mR3gPluljbt0th/g8AAAAAwCnx08B77EfNc9bvf0kYjltvmgv/tdacpJ6zdibbLyve7LQY1yatC91G0qKcFbmcq6esiazS9k0w33eLlUFxWAcF8MN2ADI4gEs5+UVuZHVuLGflcm9L1ku+ZjxdcAPvQVEc58JYrBfib1+sfifp8H/2GxcsWVnttAtPX3aW01jSgb9Zs7LmrE+I5XV6v4X0mos9I/b+zlaPpxdidPvNZ/3au8fffVbC2Cf0+VamszrT3Tve5veOf6J2vtvIzuiTbdtRTMhqp1084sjfys2szs2Zm1nxYRTG06VCv8+geyxKu6P4rGOxPwpr37EYFMVcvyjOflwUADAqK32y0E7+35d3P+Nc+3nZXT4xu7+VmazOzGR6Ys1NHpBX7EFndPuI2e23fc9AOiCKYhJF0u+v2/1mWfVdssO7vv1GXslKDuGZ12vfyOX1jc3bq2tLz9rP2i9Kpbmyfde275VkPB1Gt9gV6dY5cg8AIDP4GTsDa1h3s1n1RZGDZ9X/3v5JQUGeykvpyLLMplcbpL84OLDV/K6fIcwOmLXm0zSZPeFl9pC55dn0Kodeu6VD6+6NYW4YHwUAAEMzPSAPf0z+nx0w796by/fOjs9Kv7rFoR8LAAC+Fjp8b+XjH60wNM0nxUql6MTzWoWB+0iFplrXyvixDt15x69r1QyDOHADL1l4bKo6UlGr2QzCWNWCUDWDyCykT35X3Ue/R7rh+LFxo6annUgrN/Bjx41V1UTnVbP1f89E8zpMd46a2jU14zqxCXwVBa3Q1QWlIq13VTRV7cemZpJFXzVD03DCRfU48FoNrSyxJDTNOMga7PVl/FoQNtJmC6M+2AAAfCHWNzafL3U67VcnuDDqMQIAgL3I0gAAAAAAAAAAAAAAAAAAAAAAfPmGcf0fC6NY6N2Afgh99W4FPeohn/CCNdQB5kRklEMeeOr4/kRPTABO3D8BAAD//9u0Si4=") open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000180)=ANY=[@ANYBLOB="20000000020000001d"], 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x2400c800) open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0) 0s ago: executing program 2 (id=441): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x18, 0x17, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFTA_FLOWTABLE_HOOK={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x44885}, 0x840) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.212' (ED25519) to the list of known hosts. [ 24.655263][ T6516] cgroup: Unknown subsys name 'net' [ 24.777866][ T6516] cgroup: Unknown subsys name 'cpuset' [ 24.779823][ T6516] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 24.937214][ T6516] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 26.104310][ T6534] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 26.104857][ T6534] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 26.120457][ T6541] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 26.120611][ T6541] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 26.131196][ T6539] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 26.131741][ T6539] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 26.132205][ T6539] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 26.132647][ T6539] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 26.132850][ T6539] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 26.133374][ T6531] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 26.133529][ T6531] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 26.133831][ T6531] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 26.134709][ T6544] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 26.135291][ T6544] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 26.135594][ T6544] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 26.135744][ T6544] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 26.136035][ T6544] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 26.136941][ T6544] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 26.141568][ T6543] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 26.141874][ T6543] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 26.142707][ T6541] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 26.147259][ T6541] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 26.153859][ T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 26.156805][ T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 26.163805][ T6541] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 26.315265][ T6528] chnl_net:caif_netlink_parms(): no params data found [ 26.332701][ T6529] chnl_net:caif_netlink_parms(): no params data found [ 26.372722][ T6538] chnl_net:caif_netlink_parms(): no params data found [ 26.403996][ T6527] chnl_net:caif_netlink_parms(): no params data found [ 26.411286][ T6528] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.412807][ T6528] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.414298][ T6528] bridge_slave_0: entered allmulticast mode [ 26.418063][ T6528] bridge_slave_0: entered promiscuous mode [ 26.419145][ T6530] chnl_net:caif_netlink_parms(): no params data found [ 26.425869][ T6529] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.425920][ T6529] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.425986][ T6529] bridge_slave_0: entered allmulticast mode [ 26.426482][ T6529] bridge_slave_0: entered promiscuous mode [ 26.427274][ T6529] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.427295][ T6529] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.427350][ T6529] bridge_slave_1: entered allmulticast mode [ 26.427882][ T6529] bridge_slave_1: entered promiscuous mode [ 26.428336][ T6528] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.428365][ T6528] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.428432][ T6528] bridge_slave_1: entered allmulticast mode [ 26.428861][ T6528] bridge_slave_1: entered promiscuous mode [ 26.474904][ T6528] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 26.475848][ T6528] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 26.483571][ T6529] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 26.489384][ T6538] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.489488][ T6538] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.489543][ T6538] bridge_slave_0: entered allmulticast mode [ 26.489971][ T6538] bridge_slave_0: entered promiscuous mode [ 26.503233][ T6529] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 26.504947][ T6538] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.505017][ T6538] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.505075][ T6538] bridge_slave_1: entered allmulticast mode [ 26.505492][ T6538] bridge_slave_1: entered promiscuous mode [ 26.511876][ T6528] team0: Port device team_slave_0 added [ 26.512709][ T6528] team0: Port device team_slave_1 added [ 26.517053][ T6527] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.518232][ T6527] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.519417][ T6527] bridge_slave_0: entered allmulticast mode [ 26.520893][ T6527] bridge_slave_0: entered promiscuous mode [ 26.534813][ T6538] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 26.538637][ T6527] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.538712][ T6527] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.538798][ T6527] bridge_slave_1: entered allmulticast mode [ 26.539249][ T6527] bridge_slave_1: entered promiscuous mode [ 26.539701][ T6528] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 26.539718][ T6528] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 26.539736][ T6528] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 26.556645][ T6529] team0: Port device team_slave_0 added [ 26.558625][ T6529] team0: Port device team_slave_1 added [ 26.560602][ T6538] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 26.564284][ T6528] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 26.564610][ T6528] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 26.564629][ T6528] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 26.572975][ T6527] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 26.587955][ T6527] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 26.591091][ T6530] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.591172][ T6530] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.591225][ T6530] bridge_slave_0: entered allmulticast mode [ 26.591686][ T6530] bridge_slave_0: entered promiscuous mode [ 26.592402][ T6530] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.592417][ T6530] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.592464][ T6530] bridge_slave_1: entered allmulticast mode [ 26.593054][ T6530] bridge_slave_1: entered promiscuous mode [ 26.600692][ T6538] team0: Port device team_slave_0 added [ 26.600976][ T6529] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 26.600991][ T6529] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 26.601020][ T6529] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 26.601539][ T6529] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 26.601545][ T6529] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 26.601556][ T6529] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 26.632602][ T6538] team0: Port device team_slave_1 added [ 26.640614][ T6529] hsr_slave_0: entered promiscuous mode [ 26.640991][ T6529] hsr_slave_1: entered promiscuous mode [ 26.645986][ T6528] hsr_slave_0: entered promiscuous mode [ 26.646297][ T6528] hsr_slave_1: entered promiscuous mode [ 26.648568][ T6528] debugfs: 'hsr0' already exists in 'hsr' [ 26.649538][ T6528] Cannot create hsr debugfs directory [ 26.651126][ T6527] team0: Port device team_slave_0 added [ 26.652576][ T6527] team0: Port device team_slave_1 added [ 26.670843][ T6530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 26.671751][ T6530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 26.679225][ T6538] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 26.680389][ T6538] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 26.684495][ T6538] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 26.700226][ T6538] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 26.700255][ T6538] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 26.700269][ T6538] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 26.709549][ T6527] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 26.709572][ T6527] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 26.709597][ T6527] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 26.712510][ T6530] team0: Port device team_slave_0 added [ 26.713722][ T6530] team0: Port device team_slave_1 added [ 26.721283][ T6527] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 26.722478][ T6527] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 26.726635][ T6527] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 26.754094][ T6538] hsr_slave_0: entered promiscuous mode [ 26.754450][ T6538] hsr_slave_1: entered promiscuous mode [ 26.754638][ T6538] debugfs: 'hsr0' already exists in 'hsr' [ 26.754650][ T6538] Cannot create hsr debugfs directory [ 26.755849][ T6530] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 26.755856][ T6530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 26.755866][ T6530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 26.756971][ T6530] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 26.756982][ T6530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 26.756996][ T6530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 26.783528][ T6527] hsr_slave_0: entered promiscuous mode [ 26.783815][ T6527] hsr_slave_1: entered promiscuous mode [ 26.784401][ T6527] debugfs: 'hsr0' already exists in 'hsr' [ 26.784412][ T6527] Cannot create hsr debugfs directory [ 26.821178][ T6530] hsr_slave_0: entered promiscuous mode [ 26.821480][ T6530] hsr_slave_1: entered promiscuous mode [ 26.821648][ T6530] debugfs: 'hsr0' already exists in 'hsr' [ 26.821658][ T6530] Cannot create hsr debugfs directory [ 26.869141][ T6529] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 26.872798][ T6529] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 26.875246][ T6529] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 26.879931][ T6529] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 26.929294][ T6528] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 26.931654][ T6528] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 26.934505][ T6528] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 26.948597][ T6528] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 26.965090][ T6529] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.965204][ T6529] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.965372][ T6529] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.965401][ T6529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.979897][ T6528] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.979945][ T6528] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.980024][ T6528] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.980053][ T6528] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.986175][ T6527] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 26.994426][ T6527] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 26.997193][ T6527] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 27.008627][ T6527] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 27.017605][ T6529] 8021q: adding VLAN 0 to HW filter on device bond0 [ 27.030750][ T254] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.033478][ T254] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.035908][ T254] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.038336][ T254] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.049696][ T6529] 8021q: adding VLAN 0 to HW filter on device team0 [ 27.053167][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.053269][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.059013][ T6538] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 27.061313][ T6538] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 27.063828][ T6538] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 27.066005][ T6538] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 27.081186][ T2087] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.081231][ T2087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.095954][ T6528] 8021q: adding VLAN 0 to HW filter on device bond0 [ 27.118408][ T6530] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 27.121071][ T6530] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 27.123792][ T6530] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 27.126157][ T6530] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 27.145044][ T6538] 8021q: adding VLAN 0 to HW filter on device bond0 [ 27.150440][ T6538] 8021q: adding VLAN 0 to HW filter on device team0 [ 27.152760][ T6528] 8021q: adding VLAN 0 to HW filter on device team0 [ 27.174475][ T2087] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.174519][ T2087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.174986][ T2087] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.175002][ T2087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.189910][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.189953][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.190271][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.190286][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.210706][ T6530] 8021q: adding VLAN 0 to HW filter on device bond0 [ 27.214966][ T6530] 8021q: adding VLAN 0 to HW filter on device team0 [ 27.223507][ T6538] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 27.225208][ T6538] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 27.234309][ T6527] 8021q: adding VLAN 0 to HW filter on device bond0 [ 27.239708][ T6527] 8021q: adding VLAN 0 to HW filter on device team0 [ 27.249642][ T254] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.249704][ T254] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.253186][ T2056] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.253240][ T2056] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.261704][ T2056] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.261753][ T2056] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.265465][ T2056] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.265517][ T2056] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.283943][ T6530] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 27.285885][ T6530] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 27.299075][ T6527] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 27.299118][ T6527] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 27.308243][ T6529] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 27.334061][ T6528] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 27.349104][ T6528] veth0_vlan: entered promiscuous mode [ 27.351829][ T6528] veth1_vlan: entered promiscuous mode [ 27.366252][ T6529] veth0_vlan: entered promiscuous mode [ 27.388513][ T6528] veth0_macvtap: entered promiscuous mode [ 27.393806][ T6528] veth1_macvtap: entered promiscuous mode [ 27.395389][ T6529] veth1_vlan: entered promiscuous mode [ 27.399815][ T6530] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 27.405418][ T6538] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 27.413264][ T6527] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 27.428895][ T6528] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 27.429939][ T6528] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 27.433114][ T41] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.434766][ T41] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.439923][ T6529] veth0_macvtap: entered promiscuous mode [ 27.442536][ T6529] veth1_macvtap: entered promiscuous mode [ 27.446276][ T41] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.453885][ T41] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.465928][ T6529] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 27.478898][ T6529] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 27.490235][ T254] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.490312][ T254] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.490328][ T254] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.490341][ T254] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.495355][ T6538] veth0_vlan: entered promiscuous mode [ 27.499333][ T6538] veth1_vlan: entered promiscuous mode [ 27.511474][ T6530] veth0_vlan: entered promiscuous mode [ 27.527272][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 27.527307][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 27.542503][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 27.542526][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 27.549383][ T6530] veth1_vlan: entered promiscuous mode [ 27.552852][ T6538] veth0_macvtap: entered promiscuous mode [ 27.562338][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 27.562367][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 27.570814][ T6538] veth1_macvtap: entered promiscuous mode [ 27.578009][ T6538] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 27.582418][ T6538] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 27.592818][ T254] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 27.592843][ T254] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 27.599673][ T6530] veth0_macvtap: entered promiscuous mode [ 27.600646][ T254] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.600679][ T254] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.600697][ T254] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.600712][ T254] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.605923][ T6530] veth1_macvtap: entered promiscuous mode [ 27.613050][ T6527] veth0_vlan: entered promiscuous mode [ 27.619655][ T6530] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 27.623202][ T6530] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 27.627923][ T6528] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 27.638035][ T6527] veth1_vlan: entered promiscuous mode [ 27.639540][ T14] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.641175][ T14] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.641226][ T14] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.641256][ T14] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.660881][ T6527] veth0_macvtap: entered promiscuous mode [ 27.661855][ T6527] veth1_macvtap: entered promiscuous mode [ 27.701485][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 27.701513][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 27.715910][ T2087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 27.716321][ T2087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 27.734833][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 27.734861][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 27.739545][ T6527] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 27.740540][ T6527] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 27.763433][ T2087] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.763489][ T2087] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.763563][ T2087] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 27.763579][ T2087] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 28.033610][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 28.033639][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 28.043125][ T6650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6'. [ 28.075710][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 28.075737][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 28.098526][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 28.098559][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 28.167176][ T6534] Bluetooth: hci1: command tx timeout [ 28.167409][ T52] Bluetooth: hci2: command tx timeout [ 28.167593][ T52] Bluetooth: hci0: command tx timeout [ 28.167706][ T6541] Bluetooth: hci4: command tx timeout [ 28.186178][ T6662] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 28.191406][ T6662] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 28.257031][ T6541] Bluetooth: hci3: command tx timeout [ 28.365057][ T6665] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5'. [ 29.479713][ T6675] loop3: detected capacity change from 0 to 128 [ 30.246541][ T6541] Bluetooth: hci4: command tx timeout [ 30.246938][ T6534] Bluetooth: hci0: command tx timeout [ 30.246963][ T6534] Bluetooth: hci1: command tx timeout [ 30.246981][ T6534] Bluetooth: hci2: command tx timeout [ 30.330208][ T6541] Bluetooth: hci3: command tx timeout [ 30.566818][ T6691] loop3: detected capacity change from 0 to 40427 [ 30.583941][ T6691] F2FS-fs (loop3): invalid crc value [ 30.628411][ T6691] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 30.632681][ T6691] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 30.659876][ T6528] syz-executor: attempt to access beyond end of device [ 30.659876][ T6528] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 30.660430][ T6528] CPU: 1 UID: 0 PID: 6528 Comm: syz-executor Not tainted syzkaller #0 PREEMPT [ 30.660440][ T6528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 30.660445][ T6528] Call trace: [ 30.660448][ T6528] show_stack+0x2c/0x3c (C) [ 30.660461][ T6528] __dump_stack+0x30/0x40 [ 30.660467][ T6528] dump_stack_lvl+0xd8/0x12c [ 30.660472][ T6528] dump_stack+0x1c/0x28 [ 30.660477][ T6528] f2fs_handle_critical_error+0x34c/0x4b8 [ 30.660486][ T6528] f2fs_stop_checkpoint+0x5c/0x70 [ 30.660491][ T6528] f2fs_write_end_io+0x768/0xa70 [ 30.660498][ T6528] bio_endio+0x858/0x894 [ 30.660505][ T6528] submit_bio_noacct+0x158/0x177c [ 30.660511][ T6528] submit_bio+0x3b4/0x550 [ 30.660516][ T6528] f2fs_submit_write_bio+0x13c/0x324 [ 30.660523][ T6528] __submit_merged_bio+0x254/0x704 [ 30.660529][ T6528] __submit_merged_write_cond+0x23c/0x4ac [ 30.660538][ T6528] f2fs_write_data_pages+0x1d28/0x2634 [ 30.660545][ T6528] do_writepages+0x270/0x468 [ 30.660553][ T6528] filemap_fdatawrite+0x14c/0x1f4 [ 30.660560][ T6528] f2fs_sync_dirty_inodes+0x2b8/0x788 [ 30.660566][ T6528] f2fs_write_checkpoint+0x690/0x16a0 [ 30.660571][ T6528] kill_f2fs_super+0x21c/0x584 [ 30.660578][ T6528] deactivate_locked_super+0xc4/0x12c [ 30.660584][ T6528] deactivate_super+0xe0/0x100 [ 30.660589][ T6528] cleanup_mnt+0x31c/0x3ac [ 30.660594][ T6528] __cleanup_mnt+0x20/0x30 [ 30.660600][ T6528] task_work_run+0x1dc/0x260 [ 30.660606][ T6528] exit_to_user_mode_loop+0xfc/0x168 [ 30.660613][ T6528] el0_svc+0x170/0x254 [ 30.660622][ T6528] el0t_64_sync_handler+0x84/0x12c [ 30.660629][ T6528] el0t_64_sync+0x198/0x19c [ 30.661682][ T6528] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 30.874807][ T6703] loop3: detected capacity change from 0 to 512 [ 30.883697][ T6703] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c02c, mo2=0002] [ 30.889160][ T6703] System zones: 0-7 [ 30.894584][ T6703] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 31.241009][ T2321] cfg80211: failed to load regulatory.db [ 31.426590][ T6721] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 31.435973][ T6723] loop0: detected capacity change from 0 to 16 [ 31.441021][ T6723] erofs (device loop0): mounted with root inode @ nid 36. [ 31.544656][ T6724] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2 [ 31.544825][ T6724] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 31.734755][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 31.802194][ T6726] loop3: detected capacity change from 0 to 4096 [ 31.806403][ T6726] EXT4-fs (loop3): Test dummy encryption mode enabled [ 31.813063][ T6726] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 31.813131][ T6726] System zones: 0-5 [ 31.816684][ T6726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 31.831543][ T6726] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-ce" [ 32.024382][ T6729] fscrypt: AES-256-XTS using implementation "xts-aes-ce" [ 32.323822][ T6738] bond0: (slave veth3): Enslaving as an active interface with an up link [ 32.326611][ T52] Bluetooth: hci2: command tx timeout [ 32.326640][ T52] Bluetooth: hci1: command tx timeout [ 32.326660][ T52] Bluetooth: hci0: command tx timeout [ 32.326743][ T6541] Bluetooth: hci4: command tx timeout [ 32.342265][ T6733] loop2: detected capacity change from 0 to 4096 [ 32.362386][ T6733] EXT4-fs (loop2): Test dummy encryption mode enabled [ 32.369809][ T6733] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 32.369866][ T6733] System zones: 0-5 [ 32.371065][ T6733] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 32.406496][ T6534] Bluetooth: hci3: command tx timeout [ 32.812136][ T6745] netlink: 24 bytes leftover after parsing attributes in process `syz.1.32'. [ 32.823871][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.896130][ T6751] loop1: detected capacity change from 0 to 512 [ 32.902099][ T6751] EXT4-fs: Ignoring removed mblk_io_submit option [ 32.902128][ T6751] EXT4-fs: inline encryption not supported [ 32.902146][ T6751] EXT4-fs: Ignoring removed mblk_io_submit option [ 32.902876][ T6751] EXT4-fs (loop1): Test dummy encryption mode enabled [ 32.902885][ T6751] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 32.902890][ T6751] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 32.917839][ T6751] EXT4-fs (loop1): 1 truncate cleaned up [ 32.918292][ T6751] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 32.934718][ T6530] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.442632][ T6538] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.484561][ T31] audit: type=1326 audit(33.460:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.4.40" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 33.489489][ T31] audit: type=1326 audit(33.460:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.4.40" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 33.489507][ T31] audit: type=1326 audit(33.460:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.4.40" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=8 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 33.489521][ T31] audit: type=1326 audit(33.460:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.4.40" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 33.489533][ T31] audit: type=1326 audit(33.460:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6764 comm="syz.4.40" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 33.493514][ T6763] tipc: Started in network mode [ 33.493527][ T6763] tipc: Node identity 2a41064970bc, cluster identity 4711 [ 33.493776][ T6763] tipc: Enabled bearer , priority 0 [ 33.495253][ T6763] syzkaller0: entered promiscuous mode [ 33.495264][ T6763] syzkaller0: entered allmulticast mode [ 33.530627][ T6763] tipc: Resetting bearer [ 33.533494][ T6762] tipc: Resetting bearer [ 33.537299][ T6762] tipc: Disabling bearer [ 34.103238][ T6779] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 34.406935][ T52] Bluetooth: hci4: command tx timeout [ 34.406978][ T52] Bluetooth: hci0: command tx timeout [ 34.407010][ T52] Bluetooth: hci1: command tx timeout [ 34.407033][ T52] Bluetooth: hci2: command tx timeout [ 34.407093][ T6534] Bluetooth: hci5: command 0x1003 tx timeout [ 34.407597][ T6541] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 34.483518][ T6789] loop0: detected capacity change from 0 to 128 [ 34.487112][ T6541] Bluetooth: hci3: command tx timeout [ 34.503104][ T6789] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 34.545871][ T6529] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 34.720135][ T6801] loop0: detected capacity change from 0 to 128 [ 34.722849][ T6801] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 35.171706][ T6809] sch_tbf: burst 0 is lower than device syzkaller0 mtu (1514) ! [ 35.251010][ T6810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.53'. [ 35.549085][ T6813] netlink: 8 bytes leftover after parsing attributes in process `syz.0.52'. [ 35.651752][ T6823] loop4: detected capacity change from 0 to 512 [ 35.660273][ T6824] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 35.661433][ T6824] lo: entered promiscuous mode [ 35.661462][ T6824] lo: entered allmulticast mode [ 35.662315][ T6824] tunl0: entered promiscuous mode [ 35.662339][ T6824] tunl0: entered allmulticast mode [ 35.662830][ T6824] gre0: entered promiscuous mode [ 35.662849][ T6824] gre0: entered allmulticast mode [ 35.663423][ T6824] gretap0: entered promiscuous mode [ 35.663441][ T6824] gretap0: entered allmulticast mode [ 35.663882][ T6824] erspan0: entered promiscuous mode [ 35.663897][ T6824] erspan0: entered allmulticast mode [ 35.664320][ T6824] ip_vti0: entered promiscuous mode [ 35.664336][ T6824] ip_vti0: entered allmulticast mode [ 35.664799][ T6824] ip6_vti0: entered promiscuous mode [ 35.664816][ T6824] ip6_vti0: entered allmulticast mode [ 35.665222][ T6824] sit0: entered promiscuous mode [ 35.665239][ T6824] sit0: entered allmulticast mode [ 35.665705][ T6824] ip6tnl0: entered promiscuous mode [ 35.665722][ T6824] ip6tnl0: entered allmulticast mode [ 35.666159][ T6824] ip6gre0: entered promiscuous mode [ 35.666174][ T6824] ip6gre0: entered allmulticast mode [ 35.666677][ T6824] syz_tun: entered promiscuous mode [ 35.666697][ T6824] syz_tun: entered allmulticast mode [ 35.667156][ T6824] ip6gretap0: entered promiscuous mode [ 35.667173][ T6824] ip6gretap0: entered allmulticast mode [ 35.667635][ T6824] bridge0: entered promiscuous mode [ 35.667649][ T6824] bridge0: entered allmulticast mode [ 35.668110][ T6824] vcan0: entered promiscuous mode [ 35.668127][ T6824] vcan0: entered allmulticast mode [ 35.668364][ T6824] bond0: entered promiscuous mode [ 35.668385][ T6824] bond_slave_0: entered promiscuous mode [ 35.668512][ T6824] bond_slave_1: entered promiscuous mode [ 35.668601][ T6824] bond0: entered allmulticast mode [ 35.668615][ T6824] bond_slave_0: entered allmulticast mode [ 35.668627][ T6824] bond_slave_1: entered allmulticast mode [ 35.669252][ T6824] team0: entered promiscuous mode [ 35.669268][ T6824] team_slave_0: entered promiscuous mode [ 35.669371][ T6824] team_slave_1: entered promiscuous mode [ 35.669444][ T6824] team0: entered allmulticast mode [ 35.669450][ T6824] team_slave_0: entered allmulticast mode [ 35.669466][ T6824] team_slave_1: entered allmulticast mode [ 35.670067][ T6824] dummy0: entered promiscuous mode [ 35.670083][ T6824] dummy0: entered allmulticast mode [ 35.671056][ T6824] nlmon0: entered promiscuous mode [ 35.671074][ T6824] nlmon0: entered allmulticast mode [ 35.686146][ T6823] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 35.739006][ T6824] caif0: entered promiscuous mode [ 35.739075][ T6824] caif0: entered allmulticast mode [ 35.739205][ T6824] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 36.281228][ T6823] EXT4-fs (loop4): 1 truncate cleaned up [ 36.368672][ T6823] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 37.084250][ T6831] loop2: detected capacity change from 0 to 16 [ 37.087636][ T6831] erofs (device loop2): mounted with root inode @ nid 36. [ 37.339579][ T6829] loop1: detected capacity change from 0 to 40427 [ 37.355932][ T6839] loop3: detected capacity change from 0 to 16 [ 37.370944][ T6839] erofs (device loop3): mounted with root inode @ nid 36. [ 37.399904][ T6840] loop0: detected capacity change from 0 to 512 [ 37.582139][ T6843] erofs (device loop3): read error -117 @ 72 of nid 36 [ 37.769682][ T6829] F2FS-fs (loop1): invalid crc value [ 37.774189][ T6840] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 37.774365][ T6840] EXT4-fs (loop0): orphan cleanup on readonly fs [ 37.780725][ T6840] Quota error (device loop0): v2_read_file_info: Block with free entry 1 out of range (1, 6). [ 37.780887][ T6840] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 37.792251][ T6840] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 37.794890][ T6840] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.62: bg 0: block 40: padding at end of block bitmap is not set [ 37.798934][ T6840] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 37.801000][ T6840] EXT4-fs (loop0): 1 truncate cleaned up [ 37.801508][ T6840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 37.827519][ T6829] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 37.838017][ T6829] F2FS-fs (loop1): Start checkpoint disabled! [ 37.851566][ T6829] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 37.874347][ T6527] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.895955][ T6851] netlink: 40 bytes leftover after parsing attributes in process `syz.4.66'. [ 38.407853][ T6861] loop3: detected capacity change from 0 to 128 [ 38.414011][ T6861] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 38.423015][ T6861] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 39.288649][ T6528] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 39.847494][ T6529] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.685910][ T6884] loop0: detected capacity change from 0 to 4096 [ 40.700407][ T6884] EXT4-fs (loop0): Test dummy encryption mode enabled [ 40.700444][ T6884] EXT4-fs (loop0): unsupported descriptor size 255 [ 41.738535][ T6907] loop3: detected capacity change from 0 to 512 [ 41.947107][ T6907] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.640880][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.750822][ T6915] netlink: 48 bytes leftover after parsing attributes in process `syz.2.82'. [ 42.764006][ T6915] netlink: 48 bytes leftover after parsing attributes in process `syz.2.82'. [ 43.634009][ T6918] loop3: detected capacity change from 0 to 4096 [ 43.634423][ T6918] EXT4-fs: Ignoring removed mblk_io_submit option [ 43.647295][ T6918] EXT4-fs (loop3): Test dummy encryption mode enabled [ 44.222453][ T6918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.554687][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.593970][ T31] audit: type=1326 audit(44.570:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6925 comm="syz.3.85" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffae15b3a8 code=0x7ffc0000 [ 44.594213][ T31] audit: type=1326 audit(44.570:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6925 comm="syz.3.85" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=8 compat=0 ip=0xffffae15b3a8 code=0x7ffc0000 [ 44.594298][ T31] audit: type=1326 audit(44.570:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6925 comm="syz.3.85" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffae15b3a8 code=0x7ffc0000 [ 44.594858][ T31] audit: type=1326 audit(44.570:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6925 comm="syz.3.85" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffae15b3a8 code=0x7ffc0000 [ 44.620578][ T6928] netlink: 12 bytes leftover after parsing attributes in process `syz.3.86'. [ 44.673452][ T6934] netlink: 8 bytes leftover after parsing attributes in process `syz.3.86'. [ 44.883549][ T6953] loop3: detected capacity change from 0 to 512 [ 45.213842][ T6955] loop4: detected capacity change from 0 to 2048 [ 46.618218][ T6955] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.136139][ T6953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.164010][ T6953] netlink: 'syz.3.88': attribute type 16 has an invalid length. [ 47.164056][ T6953] netlink: 'syz.3.88': attribute type 27 has an invalid length. [ 47.394004][ T6527] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.446884][ T6966] binder: 6965:6966 tried to acquire reference to desc 0, got 1 instead [ 47.447580][ T6966] binder: 6965:6966 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 30) [ 47.447609][ T6966] binder: 6966 RLIMIT_NICE not set [ 47.447627][ T6966] binder: 6966 RLIMIT_NICE not set [ 47.447684][ T6966] binder: send failed reply for transaction 5 to 6965:6966 [ 47.447704][ T6966] binder: 6965:6966 ioctl c0306201 20000180 returned -14 [ 47.458604][ T6682] binder: release 6965:6966 transaction 12 out, still active [ 47.489601][ T6682] binder: undelivered TRANSACTION_COMPLETE [ 47.506948][ T6682] binder: undelivered TRANSACTION_COMPLETE [ 47.506979][ T6682] binder: undelivered TRANSACTION_ERROR: 29201 [ 47.507033][ T6682] binder: send failed reply for transaction 12, target dead [ 47.674362][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.705268][ T6977] loop4: detected capacity change from 0 to 128 [ 47.811982][ T6969] 9pnet_fd: Insufficient options for proto=fd [ 47.827357][ T6983] netlink: 12 bytes leftover after parsing attributes in process `syz.2.98'. [ 47.837836][ T6983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.98'. [ 48.419227][ T6991] loop0: detected capacity change from 0 to 512 [ 48.424885][ T6991] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001) [ 48.426838][ T6991] FAT-fs (loop0): Filesystem has been set read-only [ 49.801028][ T6682] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 49.823743][ T7012] loop4: detected capacity change from 0 to 256 [ 49.830614][ T7012] ======================================================= [ 49.830614][ T7012] WARNING: The mand mount option has been deprecated and [ 49.830614][ T7012] and is ignored by this kernel. Remove the mand [ 49.830614][ T7012] option from the mount to silence this warning. [ 49.830614][ T7012] ======================================================= [ 49.964092][ T6682] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 49.967158][ T6682] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 49.979868][ T6682] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 49.981703][ T6682] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 49.983253][ T6682] usb 1-1: SerialNumber: syz [ 50.087921][ T7013] loop1: detected capacity change from 0 to 256 [ 50.089958][ T7013] exfat: Bad value for 'gid' [ 50.094088][ T7013] exfat: Bad value for 'gid' [ 50.095256][ T7012] FAT-fs (loop4): Directory bread(block 64) failed [ 50.095286][ T7012] FAT-fs (loop4): Directory bread(block 65) failed [ 50.095471][ T7012] FAT-fs (loop4): Directory bread(block 66) failed [ 50.095496][ T7012] FAT-fs (loop4): Directory bread(block 67) failed [ 50.095517][ T7012] FAT-fs (loop4): Directory bread(block 68) failed [ 50.095528][ T7012] FAT-fs (loop4): Directory bread(block 69) failed [ 50.095548][ T7012] FAT-fs (loop4): Directory bread(block 70) failed [ 50.095558][ T7012] FAT-fs (loop4): Directory bread(block 71) failed [ 50.095577][ T7012] FAT-fs (loop4): Directory bread(block 72) failed [ 50.095587][ T7012] FAT-fs (loop4): Directory bread(block 73) failed [ 50.107708][ T7013] loop1: detected capacity change from 0 to 256 [ 50.113120][ T7013] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 50.113630][ T7013] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 50.119669][ T7013] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 50.153596][ T7016] netlink: 12 bytes leftover after parsing attributes in process `syz.4.109'. [ 50.174301][ T7016] netlink: 8 bytes leftover after parsing attributes in process `syz.4.109'. [ 50.717932][ T7032] loop3: detected capacity change from 0 to 512 [ 50.744691][ T7032] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 51.558585][ T6682] usb 1-1: cannot find UAC_HEADER [ 51.587299][ T6682] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 51.723648][ T7039] loop1: detected capacity change from 0 to 2048 [ 52.315265][ T7039] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.551411][ T6682] usb 1-1: USB disconnect, device number 2 [ 52.701949][ T6530] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.714776][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.778595][ T7054] netlink: 12 bytes leftover after parsing attributes in process `syz.0.120'. [ 52.783308][ T6519] udevd[6519]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 52.862295][ T7054] netlink: 8 bytes leftover after parsing attributes in process `syz.0.120'. [ 52.879787][ T7059] veth0_vlan: entered allmulticast mode [ 53.812386][ T7060] loop3: detected capacity change from 0 to 512 [ 53.839893][ T7060] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c02c, mo2=0002] [ 53.839981][ T7060] System zones: 0-7 [ 53.847033][ T7066] loop1: detected capacity change from 0 to 512 [ 53.849299][ T7060] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.852626][ T7066] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 54.012649][ T7066] EXT4-fs (loop1): 1 truncate cleaned up [ 54.013135][ T7066] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.019776][ T7074] bridge0: the hash_elasticity option has been deprecated and is always 16 [ 55.010652][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.019927][ T6530] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.269112][ T7085] netlink: 'syz.2.129': attribute type 3 has an invalid length. [ 55.270776][ T7085] netlink: 'syz.2.129': attribute type 3 has an invalid length. [ 55.490283][ T7095] netlink: 8 bytes leftover after parsing attributes in process `syz.2.134'. [ 56.501450][ T7106] loop3: detected capacity change from 0 to 16 [ 56.506708][ T7106] erofs (device loop3): mounted with root inode @ nid 36. [ 56.691556][ T7114] loop1: detected capacity change from 0 to 256 [ 56.691956][ T7114] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ' [ 57.890690][ T7134] netlink: 56 bytes leftover after parsing attributes in process `syz.4.145'. [ 57.912662][ T7137] loop3: detected capacity change from 0 to 512 [ 57.942367][ T7137] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 57.963957][ T7137] EXT4-fs (loop3): 1 truncate cleaned up [ 57.964458][ T7137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 59.308136][ T7152] netlink: 8 bytes leftover after parsing attributes in process `syz.4.150'. [ 59.312131][ T7152] team0: No ports can be present during mode change [ 59.368015][ T7156] netlink: 28 bytes leftover after parsing attributes in process `syz.4.152'. [ 59.453208][ T31] audit: type=1326 audit(59.430:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7157 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 59.453317][ T31] audit: type=1326 audit(59.430:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7157 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 59.453435][ T31] audit: type=1326 audit(59.430:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7157 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 59.453984][ T31] audit: type=1326 audit(59.430:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7157 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 59.457656][ T31] audit: type=1326 audit(59.440:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7157 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 59.457671][ T31] audit: type=1326 audit(59.440:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7157 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 59.457684][ T31] audit: type=1326 audit(59.440:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7157 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 59.457696][ T31] audit: type=1326 audit(59.440:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7157 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 59.457708][ T31] audit: type=1326 audit(59.440:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7157 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 59.457719][ T31] audit: type=1326 audit(59.440:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7157 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb055b3a8 code=0x7ffc0000 [ 59.458955][ T7158] syz.4.153 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 59.672547][ T7166] netlink: 'syz.0.154': attribute type 3 has an invalid length. [ 59.672663][ T7166] netlink: 'syz.0.154': attribute type 3 has an invalid length. [ 61.088155][ T7180] overlayfs: failed to resolve './bus': -2 [ 61.531155][ T7185] netlink: 20 bytes leftover after parsing attributes in process `syz.1.160'. [ 61.983130][ T7190] loop0: detected capacity change from 0 to 2048 [ 62.977120][ T7190] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.368662][ T7203] netlink: 28 bytes leftover after parsing attributes in process `syz.4.164'. [ 63.513446][ T6529] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.489166][ T2414] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.489217][ T2414] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.561209][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.578817][ T7226] loop0: detected capacity change from 0 to 8192 [ 64.725062][ T31] kauditd_printk_skb: 13 callbacks suppressed [ 64.725103][ T31] audit: type=1326 audit(64.700:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7233 comm="syz.2.175" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc15b3a8 code=0x7ffc0000 [ 64.725128][ T31] audit: type=1326 audit(64.700:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7233 comm="syz.2.175" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc15b3a8 code=0x7ffc0000 [ 64.725146][ T31] audit: type=1326 audit(64.700:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7233 comm="syz.2.175" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=102 compat=0 ip=0xffffbc15b3a8 code=0x7ffc0000 [ 64.725162][ T31] audit: type=1326 audit(64.700:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7233 comm="syz.2.175" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc15b3a8 code=0x7ffc0000 [ 64.746687][ T7235] netlink: 4 bytes leftover after parsing attributes in process `syz.4.176'. [ 64.801607][ T7239] netlink: 12 bytes leftover after parsing attributes in process `syz.2.177'. [ 64.881333][ T7242] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 64.925714][ T7245] netlink: 4 bytes leftover after parsing attributes in process `syz.1.180'. [ 64.925828][ T7245] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 64.960545][ T7245] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 65.891030][ T7257] overlayfs: failed to clone upperpath [ 65.940230][ T7262] loop4: detected capacity change from 0 to 128 [ 65.987617][ T7267] loop1: detected capacity change from 0 to 512 [ 66.038000][ T7267] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.190491][ T7289] hub 2-0:1.0: USB hub found [ 67.191552][ T7289] hub 2-0:1.0: 8 ports detected [ 67.881336][ T6530] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.914687][ T31] audit: type=1326 audit(67.890:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7295 comm="syz.3.199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffae15b3a8 code=0x7ffc0000 [ 67.915440][ T31] audit: type=1326 audit(67.890:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7295 comm="syz.3.199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffae15b3a8 code=0x7ffc0000 [ 67.915702][ T31] audit: type=1326 audit(67.890:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7295 comm="syz.3.199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffae15b3a8 code=0x7ffc0000 [ 67.915883][ T31] audit: type=1326 audit(67.890:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7295 comm="syz.3.199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffae15b3a8 code=0x7ffc0000 [ 67.915942][ T31] audit: type=1326 audit(67.890:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7295 comm="syz.3.199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffae15b3a8 code=0x7ffc0000 [ 67.916160][ T31] audit: type=1326 audit(67.890:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7295 comm="syz.3.199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffae15b3a8 code=0x7ffc0000 [ 67.995256][ T7306] netlink: 12 bytes leftover after parsing attributes in process `syz.3.200'. [ 68.004316][ T7306] netlink: 8 bytes leftover after parsing attributes in process `syz.3.200'. [ 68.025257][ T7309] binder: 7308:7309 tried to acquire reference to desc 0, got 1 instead [ 68.025680][ T7309] binder: 7308:7309 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 30) [ 68.025690][ T7309] binder: 7309 RLIMIT_NICE not set [ 68.025862][ T6682] binder: release 7308:7309 transaction 17 out, still active [ 68.037328][ T6682] binder: undelivered TRANSACTION_COMPLETE [ 68.332029][ T7312] loop3: detected capacity change from 0 to 512 [ 68.336595][ T6682] binder: send failed reply for transaction 17, target dead [ 68.350530][ T7312] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.792370][ T7325] loop1: detected capacity change from 0 to 16 [ 68.800379][ T7325] erofs (device loop1): mounted with root inode @ nid 36. [ 68.879855][ T7329] pim6reg1: entered promiscuous mode [ 68.882273][ T7329] pim6reg1: entered allmulticast mode [ 69.462082][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.539735][ T7342] netlink: 12 bytes leftover after parsing attributes in process `syz.3.211'. [ 69.560630][ T7342] netlink: 8 bytes leftover after parsing attributes in process `syz.3.211'. [ 69.838579][ T7357] input: syz1 as /devices/virtual/input/input2 [ 69.840162][ T7357] input: failed to attach handler leds to device input2, error: -6 [ 70.986003][ T7382] loop3: detected capacity change from 0 to 1024 [ 70.988265][ T7381] netlink: 12 bytes leftover after parsing attributes in process `syz.2.224'. [ 71.074594][ T7386] loop4: detected capacity change from 0 to 512 [ 71.103646][ T7386] EXT4-fs (loop4): orphan cleanup on readonly fs [ 71.112185][ T7386] __quota_error: 8 callbacks suppressed [ 71.112235][ T7386] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 71.112456][ T7386] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 71.112491][ T7386] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.222: Failed to acquire dquot type 1 [ 71.132498][ T7386] EXT4-fs (loop4): 1 truncate cleaned up [ 71.960528][ T7381] netlink: 8 bytes leftover after parsing attributes in process `syz.2.224'. [ 71.972373][ T7385] loop0: detected capacity change from 0 to 512 [ 71.987927][ T7382] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.009463][ T7386] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 72.050309][ T7385] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.104435][ T6529] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.170004][ T7398] hub 9-0:1.0: USB hub found [ 72.170271][ T7398] hub 9-0:1.0: 8 ports detected [ 72.189291][ T6527] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.902441][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.917266][ T7405] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 72.917451][ T7405] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 73.034551][ T7410] loop0: detected capacity change from 0 to 256 [ 73.039871][ T7410] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 73.041732][ T7410] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 73.045438][ T7410] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 73.063577][ T7411] loop1: detected capacity change from 0 to 512 [ 73.096788][ T7411] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.204290][ T7421] netlink: 'syz.3.230': attribute type 3 has an invalid length. [ 73.232996][ T7421] vhci_hcd: invalid port number 96 [ 73.233548][ T7421] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 73.539325][ T7428] netlink: 12 bytes leftover after parsing attributes in process `syz.3.237'. [ 73.560276][ T7428] netlink: 8 bytes leftover after parsing attributes in process `syz.3.237'. [ 74.522408][ T6530] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.539470][ T7457] pim6reg1: entered promiscuous mode [ 75.539503][ T7457] pim6reg1: entered allmulticast mode [ 75.786005][ T7459] hub 9-0:1.0: USB hub found [ 75.786171][ T7459] hub 9-0:1.0: 8 ports detected [ 76.139953][ T7467] loop3: detected capacity change from 0 to 2048 [ 76.161419][ T7467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.799314][ T7478] pim6reg1: entered promiscuous mode [ 76.799349][ T7478] pim6reg1: entered allmulticast mode [ 77.138224][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.501858][ T7488] netlink: 'syz.2.251': attribute type 16 has an invalid length. [ 77.501890][ T7488] netlink: 'syz.2.251': attribute type 27 has an invalid length. [ 78.096109][ T7493] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 78.096284][ T7493] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 78.113517][ T7482] bond2: (slave veth5): Enslaving as an active interface with an up link [ 79.435658][ T7525] syzkaller1: entered promiscuous mode [ 79.436835][ T7525] syzkaller1: entered allmulticast mode [ 79.601191][ T7538] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 79.607682][ T7538] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 79.719473][ T7543] overlayfs: failed to resolve './file0': -2 [ 79.910274][ T7545] loop0: detected capacity change from 0 to 256 [ 80.035118][ T7557] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 80.071909][ T7561] loop3: detected capacity change from 0 to 128 [ 80.080809][ T7561] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 80.115715][ T7563] loop0: detected capacity change from 0 to 164 [ 80.183997][ T7571] loop4: detected capacity change from 0 to 16 [ 80.184433][ T7571] erofs: Bad value for 'cache_strategy' [ 80.373511][ T7578] fuse: Bad value for 'fd' [ 80.431674][ T7583] all (unregistering): Released all slaves [ 80.511102][ T7588] bond3: (slave veth7): Enslaving as an active interface with an up link [ 80.514235][ T7591] loop4: detected capacity change from 0 to 128 [ 80.557326][ T7595] loop4: detected capacity change from 0 to 128 [ 80.891911][ T7607] loop0: detected capacity change from 0 to 256 [ 80.989548][ T7611] loop3: detected capacity change from 0 to 164 [ 81.103022][ T7620] loop4: detected capacity change from 0 to 256 [ 81.104906][ T7620] msdos: Bad value for 'time_offset' [ 81.173161][ T7626] netlink: 'syz.1.310': attribute type 3 has an invalid length. [ 82.032434][ T7662] syz.3.324 uses obsolete (PF_INET,SOCK_PACKET) [ 82.046310][ T7662] loop3: detected capacity change from 0 to 4096 [ 82.053685][ T7662] EXT4-fs (loop3): Test dummy encryption mode enabled [ 82.064199][ T31] audit: type=1326 audit(82.040:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7657 comm="syz.2.322" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc15b3a8 code=0x7fc00000 [ 82.064680][ T31] audit: type=1326 audit(82.040:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7657 comm="syz.2.322" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffbc15b3a8 code=0x7fc00000 [ 82.066503][ T31] audit: type=1326 audit(82.040:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7657 comm="syz.2.322" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbc15b3a8 code=0x7fc00000 [ 82.076849][ T7662] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.082149][ T7662] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 82.082854][ T7662] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 82.110986][ T7669] fuse: Bad value for 'fd' [ 82.183585][ T7677] overlayfs: failed to clone upperpath [ 82.249955][ T7683] fuse: Bad value for 'fd' [ 82.611516][ T7720] loop4: detected capacity change from 0 to 512 [ 82.612040][ T7720] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 82.634954][ T7720] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003) [ 82.634994][ T7720] FAT-fs (loop4): Filesystem has been set read-only [ 82.644621][ T6528] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.661374][ T7724] loop1: detected capacity change from 0 to 164 [ 82.670442][ T7724] iso9660: Unknown parameter 'utf ' [ 82.857623][ T7742] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 82.861319][ T7742] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 82.864351][ T7742] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 82.864393][ T7742] overlayfs: missing 'lowerdir' [ 83.300826][ T7759] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 83.633084][ T7790] netlink: 16 bytes leftover after parsing attributes in process `syz.1.379'. [ 83.838559][ T2044] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.872079][ T6534] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.879142][ T6534] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.881059][ T6534] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.889408][ T6534] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.891846][ T6534] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.920585][ T7811] netlink: 8 bytes leftover after parsing attributes in process `syz.3.388'. [ 83.932703][ T2044] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.010370][ T2044] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.083799][ T2044] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.120860][ T6541] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.125619][ T7825] team0: No ports can be present during mode change [ 84.125723][ T6541] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.128854][ T6541] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.133735][ T6541] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.136680][ T6541] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.198731][ T7804] chnl_net:caif_netlink_parms(): no params data found [ 84.272298][ T7804] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.272342][ T7804] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.272418][ T7804] bridge_slave_0: entered allmulticast mode [ 84.272905][ T7804] bridge_slave_0: entered promiscuous mode [ 84.273523][ T7804] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.273538][ T7804] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.273586][ T7804] bridge_slave_1: entered allmulticast mode [ 84.273986][ T7804] bridge_slave_1: entered promiscuous mode [ 84.324071][ T7804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.330495][ T7804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.362701][ T7846] Zero length message leads to an empty skb [ 84.380109][ T2044] bridge_slave_1: left allmulticast mode [ 84.380191][ T2044] bridge_slave_1: left promiscuous mode [ 84.381070][ T2044] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.415578][ T2044] bridge_slave_0: left allmulticast mode [ 84.415611][ T2044] bridge_slave_0: left promiscuous mode [ 84.416445][ T2044] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.611136][ T2044] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 84.628811][ T2044] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 84.667391][ T2044] bond0 (unregistering): Released all slaves [ 84.670635][ T2044] bond1 (unregistering): Released all slaves [ 84.686849][ T7804] team0: Port device team_slave_0 added [ 84.702592][ T7804] team0: Port device team_slave_1 added [ 84.733013][ T7864] loop3: detected capacity change from 0 to 164 [ 84.750642][ T7820] chnl_net:caif_netlink_parms(): no params data found [ 84.769320][ T7804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.770830][ T7804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.770868][ T7804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.794905][ T7804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.796147][ T7804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.800473][ T7804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 84.878665][ T7882] netlink: 4 bytes leftover after parsing attributes in process `syz.2.411'. [ 85.049696][ T7804] hsr_slave_0: entered promiscuous mode [ 85.050053][ T7804] hsr_slave_1: entered promiscuous mode [ 85.050226][ T7804] debugfs: 'hsr0' already exists in 'hsr' [ 85.050238][ T7804] Cannot create hsr debugfs directory [ 85.061154][ T7820] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.062762][ T7820] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.062923][ T7820] bridge_slave_0: entered allmulticast mode [ 85.063421][ T7820] bridge_slave_0: entered promiscuous mode [ 85.069066][ T7820] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.070513][ T7820] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.072096][ T7820] bridge_slave_1: entered allmulticast mode [ 85.074014][ T7820] bridge_slave_1: entered promiscuous mode [ 85.141390][ T7911] bridge_slave_0: left allmulticast mode [ 85.141423][ T7911] bridge_slave_0: left promiscuous mode [ 85.142050][ T7911] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.145851][ T7911] bridge_slave_1: left allmulticast mode [ 85.146082][ T7911] bridge_slave_1: left promiscuous mode [ 85.146197][ T7911] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.150816][ T7911] bond0: (slave bond_slave_0): Releasing backup interface [ 85.162229][ T7911] bond0: (slave bond_slave_1): Releasing backup interface [ 85.206251][ T7911] team0: Port device team_slave_0 removed [ 85.212936][ T7911] team0: Port device team_slave_1 removed [ 85.214855][ T7911] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 85.214891][ T7911] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 85.227585][ T7911] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 85.227621][ T7911] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 85.240871][ T2044] hsr_slave_0: left promiscuous mode [ 85.242540][ T2044] hsr_slave_1: left promiscuous mode [ 85.243857][ T2044] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 85.245502][ T2044] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 85.250689][ T2044] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 85.252262][ T2044] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 85.263172][ T2044] veth1_macvtap: left promiscuous mode [ 85.264402][ T2044] veth0_macvtap: left promiscuous mode [ 85.264778][ T2044] veth1_vlan: left promiscuous mode [ 85.427465][ T7936] netlink: 4 bytes leftover after parsing attributes in process `syz.2.424'. [ 85.481215][ T2044] team0 (unregistering): Port device team_slave_1 removed [ 85.491394][ T2044] team0 (unregistering): Port device team_slave_0 removed [ 85.642731][ T7820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.668863][ T7820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.730021][ T7820] team0: Port device team_slave_0 added [ 85.730888][ T7820] team0: Port device team_slave_1 added [ 85.790793][ T7949] netlink: 'syz.3.427': attribute type 3 has an invalid length. [ 85.805372][ T7820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.805404][ T7820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.805433][ T7820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.806019][ T7820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.806032][ T7820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.806051][ T7820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.926439][ T6534] Bluetooth: hci0: command tx timeout [ 85.934696][ T7820] hsr_slave_0: entered promiscuous mode [ 85.942145][ T7820] hsr_slave_1: entered promiscuous mode [ 85.946739][ T7820] debugfs: 'hsr0' already exists in 'hsr' [ 85.946774][ T7820] Cannot create hsr debugfs directory [ 86.037731][ T7974] loop3: detected capacity change from 0 to 128 [ 86.214991][ T6534] Bluetooth: hci3: command tx timeout [ 86.521678][ T7998] loop0: detected capacity change from 0 to 164 [ 86.566577][ T6529] VFS: Busy inodes after unmount of loop0 (iso9660) [ 86.567875][ T6529] ------------[ cut here ]------------ [ 86.567883][ T6529] kernel BUG at fs/super.c:653! [ 86.567959][ T6529] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP [ 86.571735][ T6529] Modules linked in: [ 86.572378][ T6529] CPU: 0 UID: 0 PID: 6529 Comm: syz-executor Not tainted syzkaller #0 PREEMPT [ 86.573604][ T6529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 86.575204][ T6529] pstate: 63400005 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) [ 86.576416][ T6529] pc : generic_shutdown_super+0x2b4/0x2b8 [ 86.577261][ T6529] lr : generic_shutdown_super+0x2b4/0x2b8 [ 86.578137][ T6529] sp : ffff8000a4157bd0 [ 86.578804][ T6529] x29: ffff8000a4157bd0 x28: 00007dfeb31eb428 x27: ffff80008f7f2030 [ 86.580122][ T6529] x26: ffffffffffffffff x25: dfff800000000000 x24: 1fffe0001b6cb4f1 [ 86.581527][ T6529] x23: ffff80008b256560 x22: dfff800000000000 x21: 0000000000000000 [ 86.582846][ T6529] x20: ffff80008fbf1d80 x19: ffff0000db65a000 x18: 00000000ffffffff [ 86.584056][ T6529] x17: ffff80009353a000 x16: ffff80008b021030 x15: 0000000000000001 [ 86.585338][ T6529] x14: 1ffff0001482aef0 x13: 0000000000000000 x12: 0000000000000000 [ 86.586492][ T6529] x11: ffff70001482aef1 x10: 0000000000ff0100 x9 : 1d8a0f3b62559400 [ 86.587666][ T6529] x8 : 1d8a0f3b62559400 x7 : ffff8000806303e0 x6 : 0000000000000000 [ 86.588954][ T6529] x5 : 0000000000000020 x4 : ffff8000a41570a0 x3 : ffff8000807e08b4 [ 86.590254][ T6529] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000031 [ 86.591507][ T6529] Call trace: [ 86.591995][ T6529] generic_shutdown_super+0x2b4/0x2b8 (P) [ 86.592869][ T6529] kill_block_super+0x44/0x90 [ 86.593655][ T6529] deactivate_locked_super+0xc4/0x12c [ 86.594444][ T6529] deactivate_super+0xe0/0x100 [ 86.595188][ T6529] cleanup_mnt+0x31c/0x3ac [ 86.596008][ T6529] __cleanup_mnt+0x20/0x30 [ 86.596673][ T6529] task_work_run+0x1dc/0x260 [ 86.597355][ T6529] exit_to_user_mode_loop+0xfc/0x168 [ 86.598195][ T6529] el0_svc+0x170/0x254 [ 86.598788][ T6529] el0t_64_sync_handler+0x84/0x12c [ 86.599523][ T6529] el0t_64_sync+0x198/0x19c [ 86.600198][ T6529] Code: d00522a0 91390000 9119c261 97ce35cf (d4210000) [ 86.601338][ T6529] ---[ end trace 0000000000000000 ]--- [ 86.835677][ T6529] Kernel panic - not syncing: Oops - BUG: Fatal exception [ 86.836775][ T6529] SMP: stopping secondary CPUs [ 86.837503][ T6529] Kernel Offset: disabled [ 86.838210][ T6529] CPU features: 0x080000,0000f000,21381141,5427fea7 [ 86.839157][ T6529] Memory Limit: none [ 87.054392][ T6529] Rebooting in 86400 seconds..