last executing test programs: 8m37.169387298s ago: executing program 3 (id=323): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_extract_tcp_res$synack(0x0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0x7) r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_TEE={0x21, 0x14, 0x0, @fd=r4, 0x0, 0x0, 0x9, 0x1, 0x0, {0x0, r7, r3}}) io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0) 8m34.655121404s ago: executing program 3 (id=328): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) mlockall(0x6) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r4, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 8m31.11386508s ago: executing program 3 (id=329): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f0000000040)=0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r7, 0x0, &(0x7f0000000240)="352f1938d141676d9b6c59065f664735c08b9d697a645f85b19ba9030648cd046d1f26aad0196458046b81", 0xfffffffffffffe08, 0xebec93e830f96115}) io_uring_enter(r3, 0x7f5f, 0x4000000, 0x0, 0x0, 0x0) shutdown(r6, 0x1) 8m19.895995332s ago: executing program 3 (id=341): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x320, 0x20048040) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$unix(r1, &(0x7f00000004c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e) r2 = socket(0x10, 0x803, 0x0) getsockname$packet(r2, 0x0, 0x0) connect$tipc(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x2a, 0x2, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r4, &(0x7f0000000240)="f2435f0100088000000000850800", 0xe, 0x1, &(0x7f0000000200)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x14) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r5, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0) ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) 8m14.42972564s ago: executing program 3 (id=349): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000580)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@block_validity}, {@errors_remount}, {@nombcache}]}, 0x1, 0x44f, &(0x7f0000000640)="$eJzs28tvG8UfAPDvrpP219cvoSqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSoUIbVwMlp7N7Ed23nUiaH+fKRtZ3bXnfl6drwzO90A+tZI9kcSsTcifo2IoVq28YSR2l+3lxam/lpamEqiUnnjj6R63q2lhani1OJze4rMQET6SRKHW5Q7d+XqhclyeeZynh+bv/ju2NyVq8+cvzh5bubczKWJ06dPnhh/7tTEs12JM4vr1qEPZo8cfOWt669Nnbn+9o9fJ0X8TXF0yUing49XKl0urrf21aWTgR5WhA0p1bppDFb7/1CUYqXxhuLlj3taOWBLVSqVyn3tDy9WgLtYEr2uAdAbxY0+m//mW3Hr34bRR+/dfKE2Acpiv51vtSMDkebnDDbNb7tpJCLOLP79RbbFRp9DpFtUKQDgrvZtNv55umH8l48/0qh/LvT/fA1lOCLuiYj9EXEqIg5ExL0R1XPvj4gHWhWStC+/eZFk9fgnvbHp4NYhG/89n69tNY7/lgdXw6U8t68a/2By9nx55nj+nRyLwZ1ZfrxDGd+99Mtn7Y7Vj/+yLSu/GAvm9bgxsLPxM9OT85N3EnO9mx9FHBpoFX+yvBKQNd/BiDi0yTLOP/nVkSJ9uNR4bO34O+jCOlPly4gnau2/GE3xF5LO65Nj/4vyzPGx4qpY7aefr73ervw7ir8Lsvbf3fL6X45/OKlfr53beBnXfvu07Zxms9f/juTNhn3vT87PXx6P2JG8Wqt0/f6JpvMmVs7P4j92tHX/3x8r38Th7PpPIx6MiIci4uG87o9ExKMRcbRD/D+8+Ng7HeP/s138Ozv8q92RxT/d0P7FD1+79l9J7IjmPa0TpQvff9NQ6HBT/Gu2/8lq6li+Zz2/f+up1+auZgAAAPjvySb7eyNJR5fTaTo6Wvs//Adid1qenZt/6uzse5ema+8IDMdgWjzpGqp7HjqeT+uL/ERT/kT+3Pjz0q5qfnRqtjzd6+Chz+1p0/8zv5d6XTtgy3lfC/qX/g99q/49AKDPuP9D/2rR/3f1oh7A9mt1//+wB/UAtl9T/7fsB33E/B/6l/4P/Uv/h740tyvWfkleQmJVItJ/RTUktijR618mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vgnAAD//wW66qg=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x441, 0x104) preadv(0xffffffffffffffff, 0x0, 0x0, 0x9d0, 0x3) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x275a, 0x0) fsetxattr(r3, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)=':\x00', 0xffdf, 0x0) 8m12.912308067s ago: executing program 3 (id=352): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x109540, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$kcm(0x11, 0x3, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r4 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) r6 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtfilter={0x94, 0x2c, 0xd27, 0x70bd2b, 0x2, {0x0, 0x0, 0x0, r5, {0x10, 0x10}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3a9}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0xfffffeff, 0x6, 0x2, 0x3}, 0x3f}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x94}}, 0x2) close(r3) socket$unix(0x1, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r2, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r8, 0x42}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000314000e00002fb96dffff1144ee163cddcb00"/38, 0x26}, {&(0x7f00000004c0)="f058fe7dad777f8f", 0xa888}], 0x2}, 0x4005) 7m56.764346866s ago: executing program 32 (id=352): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x109540, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$kcm(0x11, 0x3, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r4 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) r6 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtfilter={0x94, 0x2c, 0xd27, 0x70bd2b, 0x2, {0x0, 0x0, 0x0, r5, {0x10, 0x10}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3a9}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0xfffffeff, 0x6, 0x2, 0x3}, 0x3f}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x94}}, 0x2) close(r3) socket$unix(0x1, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r2, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r8, 0x42}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000314000e00002fb96dffff1144ee163cddcb00"/38, 0x26}, {&(0x7f00000004c0)="f058fe7dad777f8f", 0xa888}], 0x2}, 0x4005) 7m26.301700925s ago: executing program 4 (id=400): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e21, @loopback}}, 0x0, 0x0, 0x24, 0x0, "e83ae75240c2d6d8ec87bb53fab0910000000000000007a5922406b64cddaeb9d339ba3c35dc0a08df8e61740b7cf2d4e499d58654a4cf0fa0ce1f830c3079cffcfd00"}, 0xd8) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0x13) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xce, 0x4) connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e20, @loopback}, 0x10) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0x100120}], 0x1}, 0x0) 7m24.904013316s ago: executing program 4 (id=401): syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYRES16, @ANYBLOB="d81058c357d34b1e1b334deb6597aa756f36b6c8d8bed0ad6709442e674aecd3303d61370cba4bbf296b2a55aad551c35f8de560402a9aacd150974d703b97208852b0c2eca74757d331895cad7f2f93e063ac5502265b1e91479406e7e6382f9b2038995985fa956a2454a469428f6ee839584438795250f5df8e9f85a6185174366a2a14e1156340580a35b0e726531ce8156ffe7aa8c28e5c233ce263ce7a4644efb8bdffd47c6875f319775b3bc36edf54058cc29cbdf0f2cc6689fcf3030cdbfd", @ANYRES64, @ANYRES8, @ANYRESOCT, @ANYRES32, @ANYRESHEX, @ANYRESDEC], 0x1, 0x171, &(0x7f0000000580)="$eJzs281O4mAUxvGnwBSG+WKGmVkYFyYudCPlI5K400shUAmxqBE3EBd6BV6DV+XWC9CFO1diaFq/KG2ikRfh/9vwlicnHBannJBUABbWtlZkyZI9uljOFc6LlumWAEzJMHi9HwJYPOk70x0AMONmR7qSdH170lTaHtsPRvlpmKey4/mZtJQJciunr6/3iwtpLay38pH1+cf8W2S+vhp+/nf90E/9UkG/9UfFIG8F9Tn9f8cmBADA4rBUen55GZGX4upT2u14bnli/sXPKxNz28+rCXltYp7181LzwGvFtQkgQkqx4504/+mE+c8kzD8Ac3r9wV7D89wjDhzm/GDPRhszdci8uAOE/96N3jF8YwLw4Zzj7qHT6w82Ot1G2227+9Vyeau+WavUq46/2Tvx+z2Az+vp1990JwAAAAAAAAAAAAAA4K3+6p/pFgAAAABMyTSeNDL9HQEAAAAAAAAAAAAAAAAAmDcPAQAA//9W9x5W") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100088}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') pread64(r3, &(0x7f000001a240)=""/102400, 0x19000, 0x1000000000) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x0) recvmmsg(r4, &(0x7f0000007700), 0x318, 0xfc0, 0x0) 7m23.268937121s ago: executing program 4 (id=404): r0 = getpgid(0xffffffffffffffff) syz_open_procfs(r0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r4, &(0x7f0000000180)={0xa, 0x0, 0x6, @mcast2, 0x6}, 0x1c) sendto$inet6(r4, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) 7m20.592390977s ago: executing program 4 (id=409): bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x9fd, 0x84, 0x1}, 0x48) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r2 = openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$uinput_user_dev(r2, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x7, 0x5, 0x5}, 0x3f, [0x9, 0x2, 0x18, 0x2, 0x2, 0x400, 0x80000000, 0x0, 0x8, 0x0, 0x6, 0x1, 0xfffffffb, 0x39, 0x747d5e13, 0x800, 0xfffffb9a, 0xfffffffe, 0x0, 0xfffffffb, 0x2004, 0x3, 0x0, 0xf250, 0x80, 0x4800, 0x300000, 0x7, 0xe, 0x4623f, 0x0, 0x10001, 0x1ff, 0x8000, 0x0, 0x3, 0xc, 0x3, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x5, 0xe, 0x4, 0x2, 0x6f, 0x8, 0x9, 0x1, 0x199d, 0x6, 0x2, 0x9, 0xffffffff, 0x4, 0x6, 0x1000, 0x5, 0x3d, 0x8, 0xa, 0x5], [0x7, 0x1e, 0x3, 0x8000, 0xfffffffd, 0x3, 0x0, 0x25, 0x7, 0xfffffffc, 0x8, 0x7fff, 0x72c, 0x1c32, 0x3, 0x5, 0x10000, 0x400, 0x7ffd, 0x3, 0x3, 0x297, 0x5, 0x0, 0x981, 0x4, 0x0, 0x3ff, 0x0, 0xfffffffe, 0x8, 0x1000001, 0x10, 0xfffffff9, 0xfffffffd, 0x7, 0x1, 0xffffffff, 0x6, 0x2000008, 0x800, 0xffff, 0x6, 0x96, 0xfffffff9, 0x2, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x7, 0x200, 0x3], [0x401, 0x8000c584, 0xffff, 0xcd3, 0x7, 0x1f, 0x404, 0x4, 0x4008, 0xc, 0x7, 0x9, 0x1e88, 0x5, 0x80000001, 0x8, 0x3f92, 0x1000, 0x0, 0x10, 0x1, 0xfffffff9, 0x0, 0xffe, 0x80040101, 0x5, 0x4, 0x5, 0x200003, 0x1, 0x5, 0x80, 0x9, 0x8001, 0x10000, 0x0, 0x3, 0x400004, 0x3, 0x6d7e, 0x3, 0x8, 0x3, 0xbf23, 0x6, 0x9, 0x956, 0x0, 0x3ff, 0xe, 0x6, 0x100fffd, 0x2005, 0x9, 0x4, 0xea, 0x9, 0x20000005, 0x3, 0x80, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0xffff, 0x3, 0x3, 0x88, 0x2, 0x4000000, 0x4, 0x50, 0x2, 0x763, 0xb, 0x402, 0x1, 0x5, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x3, 0x4, 0xe47, 0x4, 0x3, 0x4, 0x200, 0x2851, 0x3b, 0x20000001, 0x5, 0x5, 0xa80a, 0x65f413f9, 0x4, 0x20008, 0x8a5, 0x86, 0x44, 0x409, 0x6, 0x4, 0x4, 0xe, 0x4, 0xffffffff, 0x7fff, 0xffff8a33, 0xfffffff8, 0x401, 0x3, 0x200, 0x7, 0x4edf, 0xfffffffd, 0xa, 0xe, 0x101, 0xf, 0xf, 0x136, 0x6]}, 0x45c) readv(r2, 0x0, 0x0) write$input_event(r2, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f) read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020) 7m16.019235422s ago: executing program 4 (id=413): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() r1 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0) ioctl$TCXONC(r1, 0x540a, 0x0) ioctl$TIOCSTI(r1, 0x5412, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bind$unix(r2, &(0x7f0000000040)=@abs={0x1, 0x0, 0x4e24}, 0x6e) r4 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x1ff, 0x1) ioctl$USBDEVFS_CLEAR_HALT(r4, 0x80045515, &(0x7f0000000100)={0x1, 0x1}) ptrace(0x10, 0x1) 7m14.898007148s ago: executing program 4 (id=414): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) unshare(0x8000400) eventfd2(0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94) r3 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x5) 6m57.940097833s ago: executing program 33 (id=414): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) unshare(0x8000400) eventfd2(0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94) r3 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x5) 20.148985258s ago: executing program 1 (id=980): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000180)=0x10000000005) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wlan0\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x400000000001, 0x0, 0x1, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x18, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x18}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40000) 18.305369875s ago: executing program 1 (id=981): openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x36, 0x36}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x4004000) r3 = creat(&(0x7f0000000580)='./bus\x00', 0x0) r4 = fanotify_init(0xf00, 0x2) fanotify_mark(r4, 0x105, 0x8971, r3, 0x0) readv(r4, &(0x7f0000000280)=[{&(0x7f0000000200), 0x3c}], 0x4c) rename(&(0x7f0000000100)='./bus\x00', &(0x7f0000000140)='./file1\x00') 16.459223233s ago: executing program 5 (id=985): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r6 = socket$inet6_udp(0xa, 0x2, 0x0) syz_open_procfs(0x0, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r6, 0x29, 0x6, &(0x7f00000007c0)={0x65, {{0x29, 0x0, 0x8000000, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2b}}, 0x3}}}, 0x11cb40c454c80c15) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x20, r0, 0x9c3fa077fa966179, 0xfffffffd, 0x0, {{0x7e}, {@void, @val={0xc, 0x99, {0x916c, 0x14}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x40080c4}, 0x4000054) sendmsg$NL80211_CMD_RELOAD_REGDB(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x14, r2, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008004) 15.034681216s ago: executing program 5 (id=988): syz_usb_connect(0x5, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @rand_addr, 0x8000}, 0x1c) sendmmsg(r4, &(0x7f00000092c0), 0x4ff, 0xfdff) 13.292583657s ago: executing program 0 (id=991): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r3, 0x107, 0xd, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000600)) socket$can_j1939(0x1d, 0x2, 0x7) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x38, 0x1403, 0xc23, 0x70bd2a, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'virt_wifi0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c080}, 0x0) 13.165230325s ago: executing program 1 (id=992): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmmsg(r1, 0x0, 0x0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) capget(&(0x7f00000002c0)={0x20080522, r0}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r5, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r5, &(0x7f0000000000)="2e000000010001", 0x7) 11.661081672s ago: executing program 1 (id=993): syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socket$nl_xfrm(0x10, 0x3, 0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff85000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) setresuid(0x0, 0xee01, 0x0) r2 = socket$inet6(0x10, 0x2, 0x4) sendto$inet6(r2, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0) 10.198480027s ago: executing program 0 (id=997): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket$netlink(0x10, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=@newqdisc={0x88, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0xe}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x5, [0x11, 0x2, 0x6, 0xa, 0x13, 0xc, 0x9, 0xd, 0x3, 0x9, 0xd, 0x1, 0xc, 0x6, 0x10, 0x10], 0x1, [0x10, 0x3, 0xff, 0x4, 0xacc9, 0xfffd, 0x200, 0x6, 0x3, 0x2, 0x1, 0x5, 0x0, 0x7, 0x4, 0x9], [0x4, 0x6, 0x2, 0x8001, 0x1, 0x8, 0x5, 0x0, 0x1, 0x6d5, 0xfff, 0x7, 0xffff, 0xa, 0x5, 0x2]}}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) 9.947639112s ago: executing program 0 (id=999): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt$netlink_NETLINK_NO_ENOBUFS(0xffffffffffffffff, 0x10e, 0x5, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, 0x0, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) setresgid(0xee00, 0xee01, 0x0) setgroups(0x0, 0x0) shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003d000b08d25a80648c7494f90224fc605800024004000400050082c137153e3719ac0180feff0000d1bd", 0x33fe0}], 0x1}, 0x0) 9.851888168s ago: executing program 5 (id=1000): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x5) prlimit64(r0, 0xe, &(0x7f0000000180)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = semget$private(0x0, 0x0, 0x2) semctl$SETALL(r4, 0x0, 0x11, &(0x7f0000000680)) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000680)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x4c, r6, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x2a}, @val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884) 9.795348591s ago: executing program 2 (id=1001): prlimit64(0x0, 0xe, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@bridge_getlink={0x28, 0x12, 0xdbf44c00c5896d57, 0x10, 0x0, {0x7, 0x0, 0x0, 0x0, 0x20000}, [@IFLA_EXT_MASK={0x8, 0x1d, 0xeca}]}, 0x28}}, 0x0) add_key$fscrypt_provisioning(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffd) keyctl$session_to_parent(0x12) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08") openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) 8.711812814s ago: executing program 2 (id=1002): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdir(0x0, 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0), 0x2, 0xa}}, 0x20) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='debugfs\x00', 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x18, 0x1411, 0x1, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}]}, 0x18}, 0x1, 0x0, 0x0, 0x48810}, 0x4000) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x600}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x0) 7.049052951s ago: executing program 0 (id=1003): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r10, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}}, 0x0) write$cgroup_int(r7, &(0x7f0000000200), 0xf000) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000002c0)={0x60, 0x0, 0x405, 0x70bd29, 0x25ffdc01, {}, [{{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000411}, 0x44084) 7.047786851s ago: executing program 5 (id=1004): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9"], 0xfe, 0x2b7, &(0x7f0000001340)="$eJzs3T9vW1UUAPDzHPvFJUMyMCEk3tCBhajpyoArFCREJpAH/khQ0VaqYqtSLFkqIKxOfAIGBr4HGzsSC98AiQ/ARoUqXfT8Xmxju3ad4hSlv9+Sq3PP8T3X7yUerHfzxev90zsPBvceffN7tNtZNDrRicdZHEQjzqVaAABXwuOU4s8Lfb43G9vqCQDYrpnP/9ZTUnYXQ+9suy0AYIs++viTD26dnBx/WBTtiP53w24W1c9q/ta9uB+9uBs3Yj+eTL8LSKkav/f+yXE0i9JBXO+Pht2ysv/5r5PUPMb1R7EfB8vrj4rKTP1o2G3FK7uRZRH3O2UjN2M/Xl2oL+ePby6pj24eb7brTZbrH8Z+/PZlPIhe3Bl/pzFd/9s8infT9399/WmZXNZno2F3d5w3lXYu+9oAAAAAAAAAAAAAAAAAAAAAAHB1HRYTB3G9X4bq83d2noznD/81Pz5fpzGer+qziHw8mDsfaJTix/PzdW4URZGyKn9yvs+1ZrzWjOYL2zgAAAAAAAAAAAAAAAAAAAD8jwwefnV6u9e7e/afDOqH/CeP9V/0dTozkTdidfLuRmvFTp1e9jqfc/TLZ/1JpNzERZoftoqIVT23FiLXyn7Wv/LfKaWUZRHPd5laz7LWmsHe6pzyDf75h723Tm9n697D9vmF+2l2Ko+zwcO5axrZJh2mjW6/fEVOXt8xz/Q6e8/5S/T2H9VidSRbs4vWTKRVD+Jpt197o/v58v4GAQAAAAAAAAAAAAAAAAAAlelDv0smH60sbWytKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4ZNP//z8dxEJkbjCqi5fnpJRGk0geZ4MXvEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABeAv8EAAD//yiCbKI=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000180)={[{@errors_remount}]}, 0xfe, 0x269, &(0x7f0000000200)="$eJzs3b1rJGUcB/Df7EvWmBCiNja+gIhoIMRCEGy0UQhIEBFBhYiIlSRCTNqslY2FvUoqmyB2RkuxCTb3B+TuUuSaa8IVF+7grthjZnaPzWZDXvZljsznA7szz87ztrDfZyeQmQ2gtGYj4t2IqEbEXETUIyLprvBy/phtF7cmd5cjWq2P7yRZvbyc67SbiohmRLwdUesc29j5/ODe3gev/bRef/X3nc8mx/X+uh0e7H949NvSj38tvrlRab823d52v49hSvq8Vksinh3FYE+IpFb0DDifP6+nuX8uIl7J8l+PSjuyP69N/FePN37t327iaLzzBEah1aqn34HNFlA6lewcOKnMR0S+X6nMz+fn8DeqSXy7uvb93Der6ytfF71SAUOQNPO/e/ff/6fx91RP/m9X8/yfy1sjnikwEmn+P/lo+2a6f1QtejbAWLyQb9L8z325+XrIP5SO/EN5yT+Ul/zDFXDJ7Mo/lJf8Q3nJP1xh9c5Os+/hwfN/v/0fhJefIjBuM9mz738or578F3I9LlCM7vwDAOXSahR8ATJQmKLXHwAAAAAAAAAAAAAAAAAA4KStyd3lzmNcY/7/S8ThexFROz5+IztazX6POOKp7Pnpu0la7bEkbzaQL14asIMB/THkq6+XGherP3NruONf1LUXR9PvD8eLp97bbnMloplWXqjVTn7+k/bn70yn9v/MGQ3rX51vgGFJesrvfDre8Xs93C52/MW9iH/T9Weh3/pXieezbf/1Z7r7FsuX9N2DATsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgbB4FAAD//1eqcO0=") r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in6=@empty, 0x0, 0x1, 0x0, 0x0, 0x2}, {0x0, 0x2, 0x0, 0x671, 0x0, 0x20}, {0xc00000, 0x0, 0x4}, 0x0, 0x0, 0x1}, {{@in6=@remote, 0x0, 0x2b}, 0x0, @in=@empty, 0x1000, 0x3, 0x0, 0x0, 0x0, 0x5}}, 0xe8) shutdown(r3, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x7a, &(0x7f0000000340)={r4, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) 6.433550616s ago: executing program 0 (id=1005): ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'veth0_to_batadv\x00', 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r2, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, r5) modify_ldt$write2(0x11, &(0x7f0000000100)={0x1d30, 0x20000800, 0x1000, 0x1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 4.515952128s ago: executing program 0 (id=1006): sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r3, 0x107, 0xd, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000600)) socket$can_j1939(0x1d, 0x2, 0x7) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x38, 0x1403, 0xc23, 0x70bd2a, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'virt_wifi0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c080}, 0x0) 4.515529458s ago: executing program 2 (id=1007): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket$netlink(0x10, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=@newqdisc={0x88, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0xe}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x5, [0x11, 0x2, 0x6, 0xa, 0x13, 0xc, 0x9, 0xd, 0x3, 0x9, 0xd, 0x1, 0xc, 0x6, 0x10, 0x10], 0x1, [0x10, 0x3, 0xff, 0x4, 0xacc9, 0xfffd, 0x200, 0x6, 0x3, 0x2, 0x1, 0x5, 0x0, 0x7, 0x4, 0x9], [0x4, 0x6, 0x2, 0x8001, 0x1, 0x8, 0x5, 0x0, 0x1, 0x6d5, 0xfff, 0x7, 0xffff, 0xa, 0x5, 0x2]}}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) 4.356399387s ago: executing program 1 (id=1008): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080)={0x1d, r5}, 0x10) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r5, @ANYRES64=r4, @ANYBLOB="3bf81bb9e9"], 0x20000600}}, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000001940)={&(0x7f00000002c0)=@sco={0x1f, @none}, 0x80, &(0x7f0000000000), 0x5, &(0x7f00000008c0)=[@timestamping={{0x14}}], 0x18}, 0x0) 2.358757343s ago: executing program 1 (id=1009): syz_usb_connect(0x5, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @rand_addr, 0x8000}, 0x1c) sendmmsg(r4, &(0x7f00000092c0), 0x4ff, 0xfdff) 2.296966847s ago: executing program 2 (id=1010): openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="74000000020802030000000000000000050000000900fb0073797a3100000000040004801c0004800800024000d3746286ad77fb44ec9664f3da0000000800024000010001080002400000000c050003"], 0x74}, 0x1, 0x0, 0x0, 0x20004844}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94) setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000300)="87", 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.852005703s ago: executing program 2 (id=1011): socket$netlink(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_netfilter(0x10, 0x3, 0xc) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000080)) sendmmsg(r1, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0) openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000480)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@dax_inode}, {@errors_continue}, {@noquota}, {@data_err_ignore}, {@noblock_validity}, {@delalloc}, {@noauto_da_alloc}, {@orlov}, {@user_xattr}, {@barrier}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r2, &(0x7f0000001600)={0x2020}, 0xc6f) 516.676391ms ago: executing program 5 (id=1012): syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000100)='./cgroup.cpu/cpuset.cpus\x00', 0x1000000, &(0x7f0000000200)=ANY=[@ANYBLOB="2c3d7af76c035fdbc98cfbb5ad5ca28358174428760e98ded5f797053a876dae6d1bb8ce11e396fb96094712f0db9133e11d5fb71bd3abc878440535b862a8c044b16430acdbc7626235d31140de31199823405d2974495802b0b94eb91badb001e5ed8ddd8ace69317ecd822a0f0f0ddf60583f1b734d56100942038e0f3187", @ANYRESOCT, @ANYRES16, @ANYBLOB="e4167817d643746fc8459e4f839688227e32fca80a8f299f5803344bf79956d4570399cc2275679f1726249b7d83760b85c47f71bce5de4b5a78eec318d0bb048fe0d33a9a50353b9dc0a73c76beceb9dbd6ffea803820d4dfe2584188d2133ffcaa08437f93817a0d8627c7e30c12d411cbef55d7f605e1b55650aa779fadc7ec1c06c2381ff9285eb56d7a23c8f5da918c9ee61f706a06df6ba17624"], 0x81, 0x24e, &(0x7f0000000340)="$eJzsmT9oFE8Ux78zt/cvv/ADQSxsLDwxIeZud6MSBAstrQTjP2w8zF443eTk7oS7gGiwsUlpIdgKdoKFRSoLrexsTREVwSIpFYuQkXk7eze33Gr8cyD4PnBz330zO2/em9l3cAuGYf5Z3r/7vLF6enbuCIBxlJA39k8Z3W6Qltb49Ye3ph7k8OjZ28cvl/6/vZac7+CuPReoLQJ48Wo7NjrYUcoeVaJWOHoVJWM7D4lJoy9C4JDRVyFxwegAApeNvm7pRjF2H5SvNcL5Wj0MXN14tXqYR61eGFylA2BrRWDerFgppQRZI1rdK+uR6i7fqIZh0Gx1BYAwa8IgS6/rl8T3skjrOyVxsmdRSu/Xpfv3VvRV2VhdK38eJDyjZyDwYSrSs1h1yuVyPyVW/PudeHalMpb/KFoSvxlkwpIl12EYZFp5EtordcVH9Mcz75n+A9kfudjcAXY7ODuY5xOx+DqnRR5pe/FfMr1/l3h6xn5+Ri1E0qKP8ORec6L2ba29JiHtM/bxJ32Ju9FWWF0idXdGLEypRTXUz5TV9WYs9S79tCW7hBHFOC05E9FQ7/36pKv3YfTrh2PVz0p78Wal1V2eri9WF4KFYMn3Z467R133mF+hQhS1ZvR4777tXv0rUH0ay8XzC5VNqZU5kUOn2m43vQ7Qbnp0rZS643fkYCQ497yxSQZJ9U9iwvyw6U0kV/nhPoT5SPrWaqJfLp2UhTEMwzAMwzAMwzAMwzAMwwzhy5Ok5QAEvaqiF1XRH67D8M/S6G8BAAD//63DPHc=") socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x60242, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet(0x2, 0x3, 0x7) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup(0x30df, &(0x7f0000000000)={0x0, 0x55d0, 0x800, 0x0, 0x1d}) socket$inet(0x2, 0x4000000000000001, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c9042, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) ppoll(&(0x7f0000000300)=[{r1, 0x4236}], 0x1, 0x0, 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffb, 0x5, @empty, 0xa098}, {0xa, 0x4e21, 0x9, @mcast1, 0x9}, r2, 0x8001}}, 0x48) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2) 211.674418ms ago: executing program 2 (id=1013): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000580)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@block_validity}, {@errors_remount}, {@nombcache}]}, 0x1, 0x44f, &(0x7f0000000640)="$eJzs28tvG8UfAPDvrpP219cvoSqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSoUIbVwMlp7N7Ed23nUiaH+fKRtZ3bXnfl6drwzO90A+tZI9kcSsTcifo2IoVq28YSR2l+3lxam/lpamEqiUnnjj6R63q2lhani1OJze4rMQET6SRKHW5Q7d+XqhclyeeZynh+bv/ju2NyVq8+cvzh5bubczKWJ06dPnhh/7tTEs12JM4vr1qEPZo8cfOWt669Nnbn+9o9fJ0X8TXF0yUing49XKl0urrf21aWTgR5WhA0p1bppDFb7/1CUYqXxhuLlj3taOWBLVSqVyn3tDy9WgLtYEr2uAdAbxY0+m//mW3Hr34bRR+/dfKE2Acpiv51vtSMDkebnDDbNb7tpJCLOLP79RbbFRp9DpFtUKQDgrvZtNv55umH8l48/0qh/LvT/fA1lOCLuiYj9EXEqIg5ExL0R1XPvj4gHWhWStC+/eZFk9fgnvbHp4NYhG/89n69tNY7/lgdXw6U8t68a/2By9nx55nj+nRyLwZ1ZfrxDGd+99Mtn7Y7Vj/+yLSu/GAvm9bgxsLPxM9OT85N3EnO9mx9FHBpoFX+yvBKQNd/BiDi0yTLOP/nVkSJ9uNR4bO34O+jCOlPly4gnau2/GE3xF5LO65Nj/4vyzPGx4qpY7aefr73ervw7ir8Lsvbf3fL6X45/OKlfr53beBnXfvu07Zxms9f/juTNhn3vT87PXx6P2JG8Wqt0/f6JpvMmVs7P4j92tHX/3x8r38Th7PpPIx6MiIci4uG87o9ExKMRcbRD/D+8+Ng7HeP/s138Ozv8q92RxT/d0P7FD1+79l9J7IjmPa0TpQvff9NQ6HBT/Gu2/8lq6li+Zz2/f+up1+auZgAAAPjvySb7eyNJR5fTaTo6Wvs//Adid1qenZt/6uzse5ema+8IDMdgWjzpGqp7HjqeT+uL/ERT/kT+3Pjz0q5qfnRqtjzd6+Chz+1p0/8zv5d6XTtgy3lfC/qX/g99q/49AKDPuP9D/2rR/3f1oh7A9mt1//+wB/UAtl9T/7fsB33E/B/6l/4P/Uv/h740tyvWfkleQmJVItJ/RTUktijR618mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vgnAAD//wW66qg=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x441, 0x104) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='smaps\x00') preadv(r1, &(0x7f0000000000), 0x0, 0x9d0, 0x3) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x275a, 0x0) fsetxattr(r5, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)=':\x00', 0xffdf, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000090400000000000000000000010500001208000000000000000000000300000000040000000200000012000000000000000000000b"], 0x0, 0x5a}, 0x28) 0s ago: executing program 5 (id=1014): openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1) sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r3) r4 = socket$unix(0x1, 0x2, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0xffffffff, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x80000, {0x0, 0x0, 0x0, r6, {0x0, 0x6}, {0x2, 0xb}, {0xffe0, 0xb}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0xb, 0x5, 0xcac, 0xc}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x4008000) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.183' (ED25519) to the list of known hosts. [ 80.758601][ T5760] cgroup: Unknown subsys name 'net' [ 80.892677][ T5760] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.609035][ T5760] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.286574][ T5781] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.306388][ T5785] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.316079][ T5785] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.323615][ T5784] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.328203][ T5785] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.339057][ T5784] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.340408][ T5785] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.347379][ T5784] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.359627][ T5785] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.363513][ T5784] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.372074][ T5785] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.381777][ T5788] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.392466][ T5785] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.400266][ T5785] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.409853][ T5785] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.417704][ T5785] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 84.425215][ T5785] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.436560][ T5781] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.443694][ T5785] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.452216][ T5785] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 84.479883][ T5785] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.490664][ T5785] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.501855][ T51] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 84.509377][ T5785] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.929743][ T5779] chnl_net:caif_netlink_parms(): no params data found [ 85.019329][ T5778] chnl_net:caif_netlink_parms(): no params data found [ 85.070270][ T5774] chnl_net:caif_netlink_parms(): no params data found [ 85.156022][ T5779] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.163843][ T5779] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.174010][ T5779] bridge_slave_0: entered allmulticast mode [ 85.181268][ T5779] bridge_slave_0: entered promiscuous mode [ 85.217265][ T5779] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.224541][ T5779] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.231698][ T5779] bridge_slave_1: entered allmulticast mode [ 85.239144][ T5779] bridge_slave_1: entered promiscuous mode [ 85.278477][ T5773] chnl_net:caif_netlink_parms(): no params data found [ 85.313261][ T5779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.351397][ T5779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.363678][ T5778] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.370989][ T5778] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.378885][ T5778] bridge_slave_0: entered allmulticast mode [ 85.386404][ T5778] bridge_slave_0: entered promiscuous mode [ 85.451643][ T5778] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.459222][ T5778] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.467187][ T5778] bridge_slave_1: entered allmulticast mode [ 85.474662][ T5778] bridge_slave_1: entered promiscuous mode [ 85.490588][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.498025][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.505323][ T5774] bridge_slave_0: entered allmulticast mode [ 85.512746][ T5774] bridge_slave_0: entered promiscuous mode [ 85.549057][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.556445][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.563592][ T5774] bridge_slave_1: entered allmulticast mode [ 85.571665][ T5774] bridge_slave_1: entered promiscuous mode [ 85.594917][ T5779] team0: Port device team_slave_0 added [ 85.603408][ T5778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.626752][ T5778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.646394][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.653636][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.661218][ T5773] bridge_slave_0: entered allmulticast mode [ 85.668651][ T5773] bridge_slave_0: entered promiscuous mode [ 85.678627][ T5779] team0: Port device team_slave_1 added [ 85.709238][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.738735][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.746166][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.753416][ T5773] bridge_slave_1: entered allmulticast mode [ 85.761032][ T5773] bridge_slave_1: entered promiscuous mode [ 85.790864][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.815260][ T5778] team0: Port device team_slave_0 added [ 85.831556][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.838845][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.865316][ T5779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.879094][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.886824][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.912923][ T5779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.936844][ T5778] team0: Port device team_slave_1 added [ 85.946062][ T5774] team0: Port device team_slave_0 added [ 85.955368][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.986858][ T5774] team0: Port device team_slave_1 added [ 86.016161][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.100490][ T5779] hsr_slave_0: entered promiscuous mode [ 86.108341][ T5779] hsr_slave_1: entered promiscuous mode [ 86.126788][ T5778] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.133797][ T5778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.160443][ T5778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.172560][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.180086][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.207052][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.220052][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.227222][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.253485][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.268239][ T5773] team0: Port device team_slave_0 added [ 86.275224][ T5778] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.282230][ T5778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.309213][ T5778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.348382][ T5773] team0: Port device team_slave_1 added [ 86.419030][ T5774] hsr_slave_0: entered promiscuous mode [ 86.425788][ T5774] hsr_slave_1: entered promiscuous mode [ 86.432040][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.440716][ T5774] Cannot create hsr debugfs directory [ 86.459376][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.466609][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.492921][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.507635][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.514979][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.541197][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.552020][ T5087] Bluetooth: hci3: command tx timeout [ 86.552039][ T5785] Bluetooth: hci2: command tx timeout [ 86.611296][ T5785] Bluetooth: hci1: command tx timeout [ 86.611318][ T5087] Bluetooth: hci0: command tx timeout [ 86.651892][ T5778] hsr_slave_0: entered promiscuous mode [ 86.658443][ T5778] hsr_slave_1: entered promiscuous mode [ 86.665352][ T5778] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.673049][ T5778] Cannot create hsr debugfs directory [ 86.705579][ T5773] hsr_slave_0: entered promiscuous mode [ 86.712918][ T5773] hsr_slave_1: entered promiscuous mode [ 86.719444][ T5773] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.727131][ T5773] Cannot create hsr debugfs directory [ 87.271693][ T5774] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.290396][ T5774] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.329583][ T5774] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.368422][ T5774] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.446649][ T5779] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.478655][ T5779] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.508294][ T5779] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.519938][ T5779] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.626940][ T5773] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.642943][ T5773] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.653684][ T5773] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.663868][ T5773] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.766592][ T5778] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.779626][ T5778] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.803415][ T5778] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.816161][ T5778] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.838698][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.872945][ T5774] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.910616][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.918122][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.958124][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.965440][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.981932][ T5779] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.009664][ T5779] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.055603][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.062795][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.136910][ T1086] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.144193][ T1086] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.165716][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.190086][ T5774] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.241263][ T5773] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.279299][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.286535][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.309402][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.316606][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.379677][ T5778] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.472855][ T5778] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.508053][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.515283][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.548555][ T2962] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.555804][ T2962] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.607410][ T5785] Bluetooth: hci2: command tx timeout [ 88.607432][ T5087] Bluetooth: hci3: command tx timeout [ 88.684279][ T5087] Bluetooth: hci0: command tx timeout [ 88.686553][ T5785] Bluetooth: hci1: command tx timeout [ 88.798301][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.937804][ T5774] veth0_vlan: entered promiscuous mode [ 89.002521][ T5779] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.032108][ T5774] veth1_vlan: entered promiscuous mode [ 89.081297][ T5778] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.102955][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.163124][ T5774] veth0_macvtap: entered promiscuous mode [ 89.182467][ T5774] veth1_macvtap: entered promiscuous mode [ 89.226636][ T5779] veth0_vlan: entered promiscuous mode [ 89.259758][ T5773] veth0_vlan: entered promiscuous mode [ 89.272534][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.308695][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.316757][ T5779] veth1_vlan: entered promiscuous mode [ 89.345776][ T5773] veth1_vlan: entered promiscuous mode [ 89.357078][ T5778] veth0_vlan: entered promiscuous mode [ 89.366928][ T5774] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.378650][ T5774] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.387695][ T5774] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.397513][ T5774] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.442993][ T5778] veth1_vlan: entered promiscuous mode [ 89.513789][ T5773] veth0_macvtap: entered promiscuous mode [ 89.526861][ T5773] veth1_macvtap: entered promiscuous mode [ 89.551915][ T5779] veth0_macvtap: entered promiscuous mode [ 89.603679][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.612404][ T5779] veth1_macvtap: entered promiscuous mode [ 89.621807][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.655083][ T5778] veth0_macvtap: entered promiscuous mode [ 89.667420][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.678392][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.690437][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.713299][ T5778] veth1_macvtap: entered promiscuous mode [ 89.723039][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.733901][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.746938][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.759795][ T5773] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.769926][ T5773] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.780028][ T5773] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.788989][ T5773] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.808784][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.817161][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.855878][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.867564][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.881127][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.902790][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.920351][ T5778] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.932131][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.946831][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.956879][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.968590][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.982270][ T5778] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.012640][ T5778] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.021828][ T5778] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.031025][ T5778] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.039934][ T5778] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.053220][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.065100][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.075394][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.087323][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.097447][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.110204][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.123829][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.138466][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.149304][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.160441][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.171034][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.181326][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.192427][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.211403][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.236218][ T5779] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.245445][ T5779] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.254477][ T5779] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.263227][ T5779] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.340703][ T2962] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.362813][ T2962] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.531179][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.553484][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.696109][ T5087] Bluetooth: hci2: command tx timeout [ 90.702441][ T5785] Bluetooth: hci3: command tx timeout [ 90.765543][ T5785] Bluetooth: hci1: command tx timeout [ 90.774504][ T5785] Bluetooth: hci0: command tx timeout [ 91.109134][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.305171][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.454890][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.462872][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.533732][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.577693][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.578931][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.627809][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.140199][ T9] cfg80211: failed to load regulatory.db [ 93.189733][ T5887] syz.3.4[5887]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 93.684146][ T5892] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 93.693183][ T5892] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 93.701958][ T5892] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 93.710719][ T5892] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 93.721944][ T5892] Zero length message leads to an empty skb [ 93.792218][ T5887] loop3: detected capacity change from 0 to 16 [ 93.827203][ T5785] Bluetooth: hci3: command tx timeout [ 93.832924][ T5785] Bluetooth: hci2: command tx timeout [ 93.839043][ T5785] Bluetooth: hci0: command tx timeout [ 93.858046][ T5087] Bluetooth: hci1: command tx timeout [ 94.047740][ T5887] erofs: (device loop3): mounted with root inode @ nid 36. [ 94.100834][ T5885] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 0 of nid 36 [ 94.109969][ T5885] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 94.331964][ T5895] syzkaller0: entered promiscuous mode [ 94.383691][ T5895] syzkaller0: entered allmulticast mode [ 95.787678][ T5911] loop3: detected capacity change from 0 to 40427 [ 95.806407][ T5911] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff [ 95.822045][ T5911] F2FS-fs (loop3): invalid crc value [ 95.879723][ T5911] F2FS-fs (loop3): Found nat_bits in checkpoint [ 95.950140][ T5911] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 96.200742][ T5921] netlink: 'syz.2.14': attribute type 1 has an invalid length. [ 96.231065][ T5921] netlink: 'syz.2.14': attribute type 4 has an invalid length. [ 96.307439][ T5921] netlink: 15334 bytes leftover after parsing attributes in process `syz.2.14'. [ 100.525993][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 101.195960][ T5959] tipc: Started in network mode [ 101.201223][ T5959] tipc: Node identity fe30313cbb6a, cluster identity 4711 [ 101.226806][ T5962] netlink: 20 bytes leftover after parsing attributes in process `syz.3.18'. [ 101.276366][ T5959] tipc: Enabled bearer , priority 0 [ 101.305589][ T5964] syzkaller0: entered promiscuous mode [ 101.311150][ T5964] syzkaller0: entered allmulticast mode [ 101.582842][ T5959] tipc: Resetting bearer [ 101.616865][ T5965] capability: warning: `syz.0.28' uses deprecated v2 capabilities in a way that may be insecure [ 101.631196][ T5965] printk: syz.0.28 (5965): Attempt to access syslog with CAP_SYS_ADMIN but no CAP_SYSLOG (deprecated). [ 101.754245][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 101.769262][ T5958] tipc: Resetting bearer [ 101.872063][ T5958] tipc: Disabling bearer [ 103.597045][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 103.606009][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 103.801769][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 103.810718][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 103.904252][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 103.913202][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.218576][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 104.518148][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 107.643513][ T6009] loop3: detected capacity change from 0 to 4096 [ 107.846245][ T6009] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.900127][ T6017] loop2: detected capacity change from 0 to 512 [ 107.907744][ T6017] EXT4-fs: Ignoring removed i_version option [ 107.940028][ T6017] EXT4-fs (loop2): orphan cleanup on readonly fs [ 107.950494][ T6017] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.40: EA inode hash validation failed [ 107.964562][ T6017] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 107.978399][ T6017] EXT4-fs error (device loop2): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.2.40: EA inode 11 ref wraparound: ref_count=0 ref_change=-1 [ 108.004726][ T6017] EXT4-fs (loop2): Remounting filesystem read-only [ 108.012049][ T6017] EXT4-fs warning (device loop2): ext4_xattr_inode_dec_ref_all:1231: inode #11: comm syz.2.40: ea_inode dec ref err=-117 [ 108.025149][ T6017] EXT4-fs warning (device loop2): ext4_evict_inode:272: xattr delete (err -5) [ 108.034519][ T6017] EXT4-fs (loop2): 1 orphan inode deleted [ 108.042796][ T6017] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 108.185094][ T6023] netlink: 4 bytes leftover after parsing attributes in process `syz.0.42'. [ 108.223124][ T6023] netlink: 4 bytes leftover after parsing attributes in process `syz.0.42'. [ 108.341939][ T6023] hsr_slave_1 (unregistering): left promiscuous mode [ 108.363487][ T28] audit: type=1326 audit(1770971075.831:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6008 comm="syz.3.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22aa99bf79 code=0x7fc00000 [ 108.498870][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.536479][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.700483][ T6025] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 119.511105][ T6119] process 'syz.0.61' launched './file0' with NULL argv: empty string added [ 128.227791][ T28] audit: type=1326 audit(1770971095.691:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.3.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22aa99bf79 code=0x7ffc0000 [ 128.378230][ T28] audit: type=1326 audit(1770971095.691:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.3.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22aa99bf79 code=0x7ffc0000 [ 128.488621][ T28] audit: type=1326 audit(1770971095.821:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.3.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f22aa99bf79 code=0x7ffc0000 [ 128.511386][ T28] audit: type=1326 audit(1770971095.831:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.3.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22aa99bf79 code=0x7ffc0000 [ 128.533537][ T28] audit: type=1326 audit(1770971095.831:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.3.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22aa99bf79 code=0x7ffc0000 [ 128.570669][ T28] audit: type=1326 audit(1770971095.851:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.3.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f22aa99bf79 code=0x7ffc0000 [ 128.601201][ T28] audit: type=1326 audit(1770971095.851:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.3.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22aa99bf79 code=0x7ffc0000 [ 128.643534][ T28] audit: type=1326 audit(1770971095.851:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.3.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f22aa99bf79 code=0x7ffc0000 [ 129.268549][ T28] audit: type=1326 audit(1770971095.851:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.3.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22aa99bf79 code=0x7ffc0000 [ 129.650693][ T28] audit: type=1326 audit(1770971095.881:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.3.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22aa99bf79 code=0x7ffc0000 [ 129.754957][ T6168] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 130.827606][ T6178] netlink: 'syz.2.76': attribute type 1 has an invalid length. [ 130.952855][ T6180] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 131.022581][ T6180] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address [ 131.084128][ T6180] bond1: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode [ 132.269174][ T6178] netlink: 4 bytes leftover after parsing attributes in process `syz.2.76'. [ 133.174531][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.181305][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.399839][ T6199] loop2: detected capacity change from 0 to 1024 [ 133.459475][ T6199] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 133.514349][ T6199] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 133.598904][ T6197] netlink: 12 bytes leftover after parsing attributes in process `syz.3.80'. [ 134.839661][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 137.356799][ T6227] loop2: detected capacity change from 0 to 512 [ 137.397672][ T6227] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 137.411855][ T6227] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 137.577190][ T6227] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 138.857504][ T6227] EXT4-fs (loop2): 1 truncate cleaned up [ 139.323696][ T6227] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.280058][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.397529][ T5864] IPVS: starting estimator thread 0... [ 140.495175][ T6245] IPVS: using max 16 ests per chain, 38400 per kthread [ 141.577628][ T6256] mmap: syz.3.92 (6256) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 142.941332][ T6266] loop1: detected capacity change from 0 to 8 [ 143.837046][ T6271] syzkaller0: entered promiscuous mode [ 143.843643][ T6271] syzkaller0: entered allmulticast mode [ 146.229039][ T5847] IPVS: starting estimator thread 0... [ 146.334147][ T6291] IPVS: using max 20 ests per chain, 48000 per kthread [ 146.387184][ T6295] netlink: 'syz.3.105': attribute type 1 has an invalid length. [ 147.190663][ T6295] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 147.315512][ T6295] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address [ 147.384540][ T6295] bond1: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode [ 147.454484][ T6299] netlink: 4 bytes leftover after parsing attributes in process `syz.3.105'. [ 149.495513][ T6322] syzkaller0: entered promiscuous mode [ 149.934116][ T6322] syzkaller0: entered allmulticast mode [ 152.589357][ T5847] IPVS: starting estimator thread 0... [ 152.784177][ T6344] IPVS: using max 16 ests per chain, 38400 per kthread [ 153.948638][ T6354] tipc: Enabling of bearer rejected, failed to enable media [ 154.334196][ T6361] loop3: detected capacity change from 0 to 128 [ 155.370157][ T6364] sched: RT throttling activated [ 164.294075][ T6416] fuse: Bad value for 'fd' [ 167.292546][ T6436] loop1: detected capacity change from 0 to 128 [ 167.320821][ T6437] netlink: 'syz.0.139': attribute type 1 has an invalid length. [ 170.661804][ T6447] loop3: detected capacity change from 0 to 4096 [ 170.894552][ T6454] xt_l2tp: v2 tid > 0xffff: 37482740 [ 173.714291][ T28] kauditd_printk_skb: 28 callbacks suppressed [ 173.714307][ T28] audit: type=1800 audit(1770971141.181:41): pid=6447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.141" name="file1" dev="loop3" ino=33 res=0 errno=0 [ 174.072509][ T6465] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 174.084229][ T6465] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 174.092823][ T6465] netdevsim netdevsim0: Falling back to sysfs fallback for: . [ 174.760896][ T6467] netlink: 4 bytes leftover after parsing attributes in process `syz.1.145'. [ 174.874298][ T6472] tipc: Started in network mode [ 174.879580][ T6472] tipc: Node identity a2a1fad10f22, cluster identity 4711 [ 174.888516][ T6472] tipc: Enabled bearer , priority 0 [ 174.898480][ T6472] syzkaller0: entered promiscuous mode [ 174.922123][ T6472] syzkaller0: entered allmulticast mode [ 174.976798][ T6467] netlink: 4 bytes leftover after parsing attributes in process `syz.1.145'. [ 175.236264][ T6474] tipc: Resetting bearer [ 175.267173][ T6471] tipc: Resetting bearer [ 175.307974][ T6471] tipc: Disabling bearer [ 177.301700][ T6490] fuse: Bad value for 'fd' [ 183.342485][ T6539] tipc: Started in network mode [ 183.359566][ T6539] tipc: Node identity 56764331d18e, cluster identity 4711 [ 183.388594][ T6539] tipc: Enabled bearer , priority 0 [ 183.424681][ T6541] syzkaller0: entered promiscuous mode [ 183.444604][ T6541] syzkaller0: entered allmulticast mode [ 183.524834][ T6539] tipc: Resetting bearer [ 184.081455][ T6537] tipc: Resetting bearer [ 184.109262][ T6537] tipc: Disabling bearer [ 188.358917][ T28] audit: type=1326 audit(1770971154.631:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 190.357970][ T28] audit: type=1326 audit(1770971154.851:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 190.391524][ T28] audit: type=1326 audit(1770971155.551:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 190.949798][ T28] audit: type=1326 audit(1770971155.601:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 192.384176][ T28] audit: type=1326 audit(1770971155.641:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 192.562019][ T28] audit: type=1326 audit(1770971155.831:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 192.754215][ T28] audit: type=1326 audit(1770971155.831:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 192.894083][ T28] audit: type=1326 audit(1770971155.831:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 192.916503][ T28] audit: type=1326 audit(1770971155.831:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 192.938599][ T28] audit: type=1326 audit(1770971155.831:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 194.453890][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.492345][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.567581][ T6596] loop1: detected capacity change from 0 to 512 [ 194.950387][ T6605] loop0: detected capacity change from 0 to 8 [ 195.929886][ T6605] SQUASHFS error: zlib decompression failed, data probably corrupt [ 195.938081][ T6605] SQUASHFS error: Failed to read block 0x9b: -5 [ 195.945045][ T6605] SQUASHFS error: Unable to read metadata cache entry [99] [ 195.952592][ T6605] SQUASHFS error: Unable to read inode 0x127 [ 196.013579][ T6596] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 196.039553][ T6596] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 196.144971][ T6614] tipc: Enabled bearer , priority 0 [ 196.267893][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 196.357923][ T6614] syzkaller0: entered promiscuous mode [ 196.363482][ T6614] syzkaller0: entered allmulticast mode [ 197.239466][ T6614] tipc: Resetting bearer [ 197.308171][ T6613] tipc: Resetting bearer [ 197.921794][ T6613] tipc: Disabling bearer [ 197.964332][ T5847] tipc: Node number set to 2911107793 [ 199.513309][ T6643] tipc: Enabling of bearer rejected, failed to enable media [ 201.322363][ T6632] kvm: kvm [6630]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x2 [ 201.342724][ T6632] kvm: kvm [6630]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1 [ 201.356972][ T6632] kvm: kvm [6630]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x81 [ 201.379033][ T6632] kvm: kvm [6630]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x1 [ 201.481402][ T6632] kvm: kvm [6630]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x1 [ 203.777117][ T6675] virt_wifi0 speed is unknown, defaulting to 1000 [ 203.784384][ T6675] virt_wifi0 speed is unknown, defaulting to 1000 [ 203.807541][ T6675] virt_wifi0 speed is unknown, defaulting to 1000 [ 203.993978][ T6677] xt_TCPMSS: Only works on TCP SYN packets [ 204.011907][ T6675] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 204.097632][ T6675] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 204.841414][ T6675] virt_wifi0 speed is unknown, defaulting to 1000 [ 204.852526][ T6675] virt_wifi0 speed is unknown, defaulting to 1000 [ 204.860604][ T6675] virt_wifi0 speed is unknown, defaulting to 1000 [ 204.869184][ T6675] virt_wifi0 speed is unknown, defaulting to 1000 [ 204.981758][ T6675] syz.1.195 (6675) used greatest stack depth: 20528 bytes left [ 208.812958][ T5781] Bluetooth: hci0: command 0x0406 tx timeout [ 208.819155][ T5781] Bluetooth: hci2: command 0x0406 tx timeout [ 208.829576][ T5784] Bluetooth: hci3: command 0x0406 tx timeout [ 208.835784][ T5781] Bluetooth: hci1: command 0x0406 tx timeout [ 215.356125][ T6769] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 215.431396][ T6769] fuse: Unknown parameter '00000000000000000000' [ 215.465086][ T5087] Bluetooth: hci1: unexpected event for opcode 0x2012 [ 215.825142][ T6776] tipc: Enabled bearer , priority 0 [ 215.862664][ T6776] syzkaller0: entered promiscuous mode [ 215.890677][ T6776] syzkaller0: entered allmulticast mode [ 216.045663][ T6776] netlink: 12 bytes leftover after parsing attributes in process `syz.0.206'. [ 216.120911][ T6776] tipc: Resetting bearer [ 216.371687][ T6773] tipc: Resetting bearer [ 216.789147][ T6773] tipc: Disabling bearer [ 216.935012][ T6787] loop3: detected capacity change from 0 to 2048 [ 217.126081][ T6796] loop0: detected capacity change from 0 to 512 [ 217.141618][ T6796] ======================================================= [ 217.141618][ T6796] WARNING: The mand mount option has been deprecated and [ 217.141618][ T6796] and is ignored by this kernel. Remove the mand [ 217.141618][ T6796] option from the mount to silence this warning. [ 217.141618][ T6796] ======================================================= [ 217.231152][ T6796] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 217.252454][ T6787] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 217.921877][ T6807] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 218.071963][ T6805] loop1: detected capacity change from 0 to 2048 [ 218.300005][ T5142] loop1: p1 p2 p3 [ 218.321154][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.045416][ T6726] udevd[6726]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 220.561360][ T6817] udevd[6817]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 220.572589][ T5087] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 220.581326][ T5087] Bluetooth: hci1: Injecting HCI hardware error event [ 220.591132][ T5087] Bluetooth: hci1: hardware error 0x00 [ 220.613045][ T6818] udevd[6818]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 221.110058][ T6826] capability: warning: `syz.3.218' uses 32-bit capabilities (legacy support in use) [ 222.489647][ T6840] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 222.489647][ T6840] The task syz.0.220 (6840) triggered the difference, watch for misbehavior. [ 224.163182][ T5087] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 226.042646][ T6843] loop0: detected capacity change from 0 to 512 [ 236.890747][ T6908] tipc: Enabled bearer , priority 0 [ 236.898631][ T6908] syzkaller0: entered promiscuous mode [ 236.904158][ T6908] syzkaller0: entered allmulticast mode [ 236.940849][ T6908] tipc: Resetting bearer [ 236.953458][ T6907] tipc: Resetting bearer [ 236.998247][ T6907] tipc: Disabling bearer [ 238.710067][ T6931] loop0: detected capacity change from 0 to 512 [ 238.769760][ T6931] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 238.829928][ T6931] EXT4-fs (loop0): 1 truncate cleaned up [ 238.845634][ T6931] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 240.078613][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.950044][ T6944] loop1: detected capacity change from 0 to 164 [ 240.993942][ T6944] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 247.040681][ T6970] Illegal XDP return value 4294967294 on prog (id 27) dev syz_tun, expect packet loss! [ 251.711224][ T6986] netlink: 4 bytes leftover after parsing attributes in process `syz.1.258'. [ 252.140607][ T7016] tipc: Enabled bearer , priority 0 [ 252.918407][ T7012] tipc: Disabling bearer [ 253.008157][ T7024] misc userio: Invalid payload size [ 260.850226][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.865493][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.676861][ T7067] loop1: detected capacity change from 0 to 128 [ 261.734929][ T7067] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 261.771182][ T7067] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 261.979977][ T5779] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 262.981081][ T7083] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.284'. [ 264.091847][ T7092] warning: `syz.0.288' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 266.676698][ T7108] netlink: set zone limit has 8 unknown bytes [ 270.000611][ T7132] syz_tun: entered allmulticast mode [ 270.126172][ T7131] syz_tun: left allmulticast mode [ 271.912089][ T7152] loop3: detected capacity change from 0 to 64 [ 271.940457][ T5087] Bluetooth: hci2: unexpected event for opcode 0x041c [ 276.410811][ T5087] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 276.419623][ T5087] Bluetooth: hci2: Injecting HCI hardware error event [ 276.428711][ T5087] Bluetooth: hci2: hardware error 0x00 [ 277.156310][ T7176] mkiss: ax0: crc mode is auto. [ 278.734851][ T5087] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 283.049651][ T7190] loop0: detected capacity change from 0 to 4096 [ 283.203425][ T7190] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.361837][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 286.361851][ T28] audit: type=1326 audit(1770971248.334:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7189 comm="syz.0.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7fc00000 [ 286.612635][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.212419][ T7211] trusted_key: syz.0.317 sent an empty control message without MSG_MORE. [ 288.142376][ T7214] netlink: 4 bytes leftover after parsing attributes in process `syz.0.319'. [ 288.174022][ T7214] netlink: 24 bytes leftover after parsing attributes in process `syz.0.319'. [ 300.625907][ T7274] tipc: Enabled bearer , priority 0 [ 300.646171][ T7274] syzkaller0: entered promiscuous mode [ 300.651851][ T7274] syzkaller0: entered allmulticast mode [ 301.532713][ T7274] netlink: 44 bytes leftover after parsing attributes in process `syz.0.336'. [ 301.598393][ T7274] tipc: Resetting bearer [ 301.644016][ T7273] tipc: Resetting bearer [ 301.725948][ T7273] tipc: Disabling bearer [ 302.179220][ T7285] loop0: detected capacity change from 0 to 512 [ 302.248585][ T7285] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 302.345738][ T7287] syz.2.338: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 302.362156][ T7287] CPU: 0 PID: 7287 Comm: syz.2.338 Not tainted syzkaller #0 [ 302.369494][ T7287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 302.379603][ T7287] Call Trace: [ 302.382928][ T7287] [ 302.385901][ T7287] dump_stack_lvl+0x18c/0x250 [ 302.390807][ T7287] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 302.396575][ T7287] ? show_regs_print_info+0x20/0x20 [ 302.402088][ T7287] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 302.407778][ T7287] warn_alloc+0x246/0x340 [ 302.412161][ T7287] ? stack_trace_save+0xaa/0x100 [ 302.417144][ T7287] ? zone_watermark_ok_safe+0x230/0x230 [ 302.422755][ T7287] ? kasan_set_track+0x5f/0x70 [ 302.427651][ T7287] ? kasan_set_track+0x4e/0x70 [ 302.432463][ T7287] ? __kasan_kmalloc+0x8f/0xa0 [ 302.437356][ T7287] ? xsk_init_queue+0xad/0x100 [ 302.442175][ T7287] ? xsk_setsockopt+0x42e/0x760 [ 302.447072][ T7287] ? do_sock_setsockopt+0x175/0x1a0 [ 302.452324][ T7287] ? __x64_sys_setsockopt+0x182/0x200 [ 302.457753][ T7287] __vmalloc_node_range+0x126/0x1330 [ 302.463142][ T7287] ? free_vm_area+0x50/0x50 [ 302.467712][ T7287] vmalloc_user+0x74/0x80 [ 302.472086][ T7287] ? xskq_create+0xbf/0x170 [ 302.476741][ T7287] xskq_create+0xbf/0x170 [ 302.481121][ T7287] xsk_init_queue+0xad/0x100 [ 302.485759][ T7287] xsk_setsockopt+0x42e/0x760 [ 302.490489][ T7287] ? xsk_poll+0x680/0x680 [ 302.494863][ T7287] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 302.500536][ T7287] ? xsk_poll+0x680/0x680 [ 302.504908][ T7287] ? do_sock_setsockopt+0x15e/0x1a0 [ 302.510162][ T7287] ? xsk_poll+0x680/0x680 [ 302.514535][ T7287] do_sock_setsockopt+0x175/0x1a0 [ 302.519609][ T7287] ? __fdget+0x180/0x210 [ 302.524193][ T7287] __x64_sys_setsockopt+0x182/0x200 [ 302.529449][ T7287] do_syscall_64+0x55/0xa0 [ 302.533910][ T7287] ? clear_bhb_loop+0x40/0x90 [ 302.538628][ T7287] ? clear_bhb_loop+0x40/0x90 [ 302.543347][ T7287] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 302.549278][ T7287] RIP: 0033:0x7f599e39bf79 [ 302.553733][ T7287] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 302.573390][ T7287] RSP: 002b:00007f599f2eb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 302.581858][ T7287] RAX: ffffffffffffffda RBX: 00007f599e616180 RCX: 00007f599e39bf79 [ 302.589878][ T7287] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000007 [ 302.598077][ T7287] RBP: 00007f599e4327e0 R08: 0000000000000004 R09: 0000000000000000 [ 302.606186][ T7287] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 302.614196][ T7287] R13: 00007f599e616218 R14: 00007f599e616180 R15: 00007ffe03b1e0f8 [ 302.622237][ T7287] [ 302.626824][ T7287] Mem-Info: [ 302.630247][ T7287] active_anon:57351 inactive_anon:0 isolated_anon:0 [ 302.630247][ T7287] active_file:18063 inactive_file:40006 isolated_file:0 [ 302.630247][ T7287] unevictable:768 dirty:197 writeback:0 [ 302.630247][ T7287] slab_reclaimable:10989 slab_unreclaimable:91448 [ 302.630247][ T7287] mapped:27083 shmem:53468 pagetables:561 [ 302.630247][ T7287] sec_pagetables:0 bounce:0 [ 302.630247][ T7287] kernel_misc_reclaimable:0 [ 302.630247][ T7287] free:1290320 free_pcp:13829 free_cma:0 [ 302.677343][ T7287] Node 0 active_anon:229404kB inactive_anon:0kB active_file:72124kB inactive_file:159824kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:108304kB dirty:788kB writeback:0kB shmem:212336kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11852kB pagetables:2244kB sec_pagetables:0kB all_unreclaimable? no [ 302.710572][ T7287] Node 1 active_anon:0kB inactive_anon:0kB active_file:128kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 302.741449][ T7287] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 302.768788][ T7287] lowmem_reserve[]: 0 2521 2522 2522 2522 [ 302.776049][ T7287] Node 0 DMA32 free:1245900kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:229364kB inactive_anon:0kB active_file:72124kB inactive_file:159000kB unevictable:1536kB writepending:788kB present:3129332kB managed:2586972kB mlocked:0kB bounce:0kB free_pcp:38292kB local_pcp:19248kB free_cma:0kB [ 302.806933][ T7287] lowmem_reserve[]: 0 0 0 0 0 [ 302.811973][ T7287] Node 0 Normal free:8kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 302.838940][ T7287] lowmem_reserve[]: 0 0 0 0 0 [ 302.843978][ T7287] Node 1 Normal free:3900012kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:128kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:17024kB local_pcp:13824kB free_cma:0kB [ 302.941163][ T7287] lowmem_reserve[]: 0 0 0 0 0 [ 302.946206][ T7287] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 302.959872][ T7287] Node 0 DMA32: 503*4kB (UME) 894*8kB (UME) 626*16kB (UME) 263*32kB (UME) 227*64kB (UM) 71*128kB (UME) 43*256kB (UM) 30*512kB (UM) 9*1024kB (UM) 4*2048kB (M) 281*4096kB (UM) = 1245964kB [ 302.979428][ T7287] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 302.992938][ T7287] Node 1 Normal: 261*4kB (UM) 51*8kB (UME) 52*16kB (UME) 134*32kB (UME) 33*64kB (UE) 11*128kB (UE) 1*256kB (E) 1*512kB (M) 2*1024kB (UE) 2*2048kB (UE) 948*4096kB (M) = 3900012kB [ 303.011867][ T7287] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 303.021799][ T7287] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 303.031229][ T7287] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 303.040896][ T7287] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 303.050281][ T7287] 111560 total pagecache pages [ 303.055227][ T7287] 0 pages in swap cache [ 303.059457][ T7287] Free swap = 124456kB [ 303.063741][ T7287] Total swap = 124996kB [ 303.067971][ T7287] 2097051 pages RAM [ 303.071866][ T7287] 0 pages HighMem/MovableOnly [ 303.076661][ T7287] 416922 pages reserved [ 303.080890][ T7287] 0 pages cma reserved [ 303.167269][ T7285] EXT4-fs (loop0): 1 truncate cleaned up [ 303.190844][ T7285] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 307.185172][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.263213][ T7308] batman_adv: batadv0: Adding interface: dummy0 [ 309.304630][ T7308] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 309.408965][ T7308] batman_adv: batadv0: Interface activated: dummy0 [ 309.983969][ T7318] batadv0: mtu less than device minimum [ 310.091765][ T7318] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 310.104862][ T7318] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 310.117450][ T7318] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 310.130073][ T7318] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 310.142600][ T7318] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 310.155127][ T7318] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 310.167652][ T7318] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 310.180227][ T7318] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 310.192811][ T7318] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 311.239730][ T5087] Bluetooth: hci0: command 0x0406 tx timeout [ 312.764307][ T7336] loop3: detected capacity change from 0 to 512 [ 312.821132][ T7336] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 312.912063][ T7336] EXT4-fs (loop3): 1 truncate cleaned up [ 312.995066][ T7336] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 313.028903][ T7340] loop1: detected capacity change from 0 to 1024 [ 313.068914][ T7340] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 313.096317][ T7340] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 313.115753][ T7340] EXT4-fs (loop1): orphan cleanup on readonly fs [ 313.136719][ T7340] EXT4-fs error (device loop1): ext4_free_blocks:6692: comm syz.1.345: Freeing blocks not in datazone - block = 0, count = 4096 [ 313.196546][ T7340] EXT4-fs (loop1): 1 orphan inode deleted [ 313.225479][ T7340] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 313.432889][ T7351] loop0: detected capacity change from 0 to 128 [ 314.368579][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.398158][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.271225][ T7361] netlink: 'syz.2.353': attribute type 1 has an invalid length. [ 315.417047][ T7361] bond2: entered promiscuous mode [ 315.469191][ T7361] 8021q: adding VLAN 0 to HW filter on device bond2 [ 315.520435][ T7368] netlink: 28 bytes leftover after parsing attributes in process `syz.2.353'. [ 315.552257][ T6735] kworker/u4:17: attempt to access beyond end of device [ 315.552257][ T6735] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 315.623532][ T7368] bond2: entered allmulticast mode [ 315.738544][ T7368] bond2: (slave bridge1): making interface the new active one [ 315.765653][ T7368] bridge1: entered promiscuous mode [ 315.771190][ T7368] bridge1: entered allmulticast mode [ 315.781216][ T7368] bond2: (slave bridge1): Enslaving as an active interface with an up link [ 316.042345][ T7374] syzkaller0: entered promiscuous mode [ 316.136302][ T7374] syzkaller0: entered allmulticast mode [ 328.377339][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 329.141613][ T7423] loop1: detected capacity change from 0 to 512 [ 329.171962][ T7423] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 329.310581][ T7423] EXT4-fs (loop1): 1 truncate cleaned up [ 329.319710][ T7423] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.324486][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.818562][ T5087] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 331.828730][ T5087] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 331.836988][ T5087] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 331.859639][ T5087] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 331.870317][ T5087] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 331.877840][ T5087] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 332.625494][ T7441] netlink: 28 bytes leftover after parsing attributes in process `syz.2.370'. [ 332.838788][ T7451] virt_wifi0 speed is unknown, defaulting to 1000 [ 333.147417][ T7461] loop0: detected capacity change from 0 to 128 [ 333.739657][ T7418] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 334.064201][ T5087] Bluetooth: hci4: command tx timeout [ 335.039195][ T7478] loop0: detected capacity change from 0 to 8 [ 335.071594][ T7478] SQUASHFS error: lzo decompression failed, data probably corrupt [ 335.079649][ T7478] SQUASHFS error: Failed to read block 0x28d: -5 [ 335.086127][ T7478] SQUASHFS error: Unable to read metadata cache entry [28b] [ 335.093564][ T7478] SQUASHFS error: Unable to read inode 0x11f [ 335.861555][ T7418] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 335.943561][ T7451] chnl_net:caif_netlink_parms(): no params data found [ 336.260648][ T7451] bridge0: port 1(bridge_slave_0) entered blocking state [ 336.268626][ T7451] bridge0: port 1(bridge_slave_0) entered disabled state [ 336.275824][ T7451] bridge_slave_0: entered allmulticast mode [ 336.284650][ T7451] bridge_slave_0: entered promiscuous mode [ 336.301118][ T7451] bridge0: port 2(bridge_slave_1) entered blocking state [ 336.308377][ T7451] bridge0: port 2(bridge_slave_1) entered disabled state [ 336.315766][ T5087] Bluetooth: hci4: command tx timeout [ 336.331679][ T7451] bridge_slave_1: entered allmulticast mode [ 336.356438][ T7451] bridge_slave_1: entered promiscuous mode [ 336.514911][ T7451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 336.536738][ T7451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 336.629289][ T7451] team0: Port device team_slave_0 added [ 336.644367][ T7451] team0: Port device team_slave_1 added [ 336.769555][ T7451] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 336.776581][ T7451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 336.817374][ T7451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 336.859301][ T6725] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.877180][ T7451] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 336.884197][ T7451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 336.912270][ T7451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 336.968088][ T6725] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.991059][ T7451] hsr_slave_0: entered promiscuous mode [ 336.997656][ T7451] hsr_slave_1: entered promiscuous mode [ 337.007794][ T7451] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 337.015458][ T7451] Cannot create hsr debugfs directory [ 337.048042][ T6725] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.153961][ T6725] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.259452][ T7451] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 337.270569][ T7451] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 337.282717][ T7451] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 337.304081][ T7451] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 337.408276][ T6725] tipc: Left network mode [ 337.558974][ T7451] 8021q: adding VLAN 0 to HW filter on device bond0 [ 337.621689][ T7451] 8021q: adding VLAN 0 to HW filter on device team0 [ 337.669552][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 337.676957][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 337.736043][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 337.743646][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 338.201535][ T7451] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 338.513904][ T5087] Bluetooth: hci4: command tx timeout [ 338.562246][ T6725] hsr_slave_0: left promiscuous mode [ 338.573656][ T6725] hsr_slave_1: left promiscuous mode [ 338.580335][ T6725] batman_adv: batadv0: Interface deactivated: dummy0 [ 338.587531][ T6725] batman_adv: batadv0: Removing interface: dummy0 [ 338.609132][ T6725] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 338.616631][ T6725] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 338.640850][ T6725] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 338.648343][ T6725] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 338.660775][ T6725] bridge_slave_1: left allmulticast mode [ 338.666643][ T6725] bridge_slave_1: left promiscuous mode [ 338.675172][ T6725] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.689684][ T6725] bridge_slave_0: left allmulticast mode [ 338.698077][ T6725] bridge_slave_0: left promiscuous mode [ 338.704933][ T6725] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.759827][ T6725] veth1_macvtap: left promiscuous mode [ 338.765826][ T6725] veth0_macvtap: left promiscuous mode [ 338.775511][ T6725] veth1_vlan: left promiscuous mode [ 338.781637][ T6725] veth0_vlan: left promiscuous mode [ 339.022682][ T6725] bond1 (unregistering): Released all slaves [ 339.585809][ T6725] team0 (unregistering): Port device team_slave_1 removed [ 339.629903][ T6725] team0 (unregistering): Port device team_slave_0 removed [ 339.675250][ T6725] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 339.718400][ T6725] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 340.027535][ T6725] bond0 (unregistering): Released all slaves [ 340.257539][ T7451] veth0_vlan: entered promiscuous mode [ 340.299331][ T7451] veth1_vlan: entered promiscuous mode [ 340.349617][ T7451] veth0_macvtap: entered promiscuous mode [ 340.378082][ T7451] veth1_macvtap: entered promiscuous mode [ 340.451352][ T7451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.476757][ T7451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.493162][ T7451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.505870][ T7451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.519330][ T7451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.531421][ T7451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.551009][ T7451] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 340.576804][ T7451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.607764][ T7451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.623213][ T7451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.634025][ T7451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.644816][ T7451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.661733][ T7451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.677191][ T7451] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 340.708300][ T7451] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.723600][ T7451] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.735188][ T5087] Bluetooth: hci4: command tx timeout [ 340.744822][ T7451] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.754489][ T7451] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.808767][ T6725] IPVS: stop unused estimator thread 0... [ 340.947725][ T6735] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 340.989307][ T6735] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 341.044657][ T6735] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.054423][ T6735] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.183699][ T787] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 342.366752][ T7561] loop4: detected capacity change from 0 to 512 [ 342.426089][ T7561] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 342.525698][ T7561] EXT4-fs (loop4): 1 truncate cleaned up [ 342.532910][ T7561] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 342.563242][ T787] usb 2-1: Using ep0 maxpacket: 16 [ 342.590214][ T787] usb 2-1: config 0 has no interfaces? [ 342.652872][ T787] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 342.809384][ T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.817780][ T787] usb 2-1: Product: syz [ 343.482833][ T787] usb 2-1: Manufacturer: syz [ 343.506134][ T7451] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.525291][ T787] usb 2-1: SerialNumber: syz [ 343.562852][ T787] r8152-cfgselector 2-1: config 0 descriptor?? [ 345.412278][ T787] r8152-cfgselector 2-1: Unknown version 0x0000 [ 345.442046][ T787] r8152-cfgselector 2-1: USB disconnect, device number 2 [ 350.705221][ T7614] loop4: detected capacity change from 0 to 128 [ 353.419081][ T6745] kworker/u4:20: attempt to access beyond end of device [ 353.419081][ T6745] loop4: rw=1, sector=145, nr_sectors = 896 limit=128 [ 355.276096][ T7641] netlink: 4 bytes leftover after parsing attributes in process `syz.4.393'. [ 355.327942][ T7641] netlink: 28 bytes leftover after parsing attributes in process `syz.4.393'. [ 357.826503][ T7660] loop4: detected capacity change from 0 to 512 [ 357.919348][ T7660] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 358.615932][ T7660] EXT4-fs (loop4): 1 truncate cleaned up [ 358.742472][ T7660] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 360.844127][ T7672] loop1: detected capacity change from 0 to 512 [ 360.855640][ T7672] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 360.895919][ T7451] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.036611][ T7672] EXT4-fs (loop1): 1 truncate cleaned up [ 361.044268][ T7672] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 362.264889][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.388279][ T7685] loop4: detected capacity change from 0 to 64 [ 362.606537][ T7693] loop0: detected capacity change from 0 to 65 [ 362.758210][ T7693] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop0 [ 363.308577][ T7699] netlink: 8 bytes leftover after parsing attributes in process `syz.4.401'. [ 363.320504][ T7699] netlink: 8 bytes leftover after parsing attributes in process `syz.4.401'. [ 363.329643][ T7699] netlink: 8 bytes leftover after parsing attributes in process `syz.4.401'. [ 363.339383][ T7699] netlink: 8 bytes leftover after parsing attributes in process `syz.4.401'. [ 363.427668][ T7696] loop1: detected capacity change from 0 to 1764 [ 363.806922][ T7694] netlink: 'syz.1.402': attribute type 3 has an invalid length. [ 363.826815][ T7694] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 370.007373][ T7734] loop1: detected capacity change from 0 to 256 [ 371.114737][ T7741] tipc: Enabled bearer , priority 0 [ 371.152066][ T7744] loop1: detected capacity change from 0 to 512 [ 371.190497][ T7744] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 371.203748][ T7746] syzkaller0: entered promiscuous mode [ 371.209248][ T7746] syzkaller0: entered allmulticast mode [ 371.493722][ T7751] usb usb1: usbfs: process 7751 (syz.4.413) did not claim interface 0 before use [ 371.504745][ T7751] ptrace attach of "./syz-executor exec"[7451] was attempted by "./syz-executor exec"[7751] [ 372.038456][ T7753] tipc: Resetting bearer [ 372.244439][ T7744] EXT4-fs error (device loop1): xattr_find_entry:337: inode #15: comm syz.1.412: corrupted xattr entries [ 372.286466][ T7736] tipc: Resetting bearer [ 372.304851][ T7744] EXT4-fs (loop1): 1 orphan inode deleted [ 372.312325][ T7744] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 372.433824][ T7736] tipc: Disabling bearer [ 373.323080][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.857488][ T7775] genirq: Flags mismatch irq 4. 00000000 (pcl812) vs. 00000000 (ttyS0) [ 377.058208][ T7790] loop0: detected capacity change from 0 to 256 [ 377.126884][ T7790] exfat: Deprecated parameter 'utf8' [ 378.310993][ T7790] exFAT-fs (loop0): failed to read boot sector [ 378.370773][ T7790] exFAT-fs (loop0): failed to recognize exfat type [ 380.420095][ T7814] syz.2.424(7814): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 381.282910][ T5087] Bluetooth: hci3: unexpected event for opcode 0x0000 [ 385.782086][ T5087] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 385.790899][ T5087] Bluetooth: hci3: Injecting HCI hardware error event [ 385.799489][ T5777] Bluetooth: hci3: hardware error 0x00 [ 386.190098][ T28] audit: type=1326 audit(1770971341.453:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599e39bf79 code=0x7ffc0000 [ 386.228513][ T28] audit: type=1326 audit(1770971341.471:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599e39bf79 code=0x7ffc0000 [ 386.875709][ T28] audit: type=1326 audit(1770971341.518:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f599e39bf79 code=0x7ffc0000 [ 387.021166][ T28] audit: type=1326 audit(1770971341.518:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599e39bf79 code=0x7ffc0000 [ 387.241534][ T28] audit: type=1326 audit(1770971341.528:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599e39bf79 code=0x7ffc0000 [ 387.388852][ T28] audit: type=1326 audit(1770971341.574:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f599e39bf79 code=0x7ffc0000 [ 387.461976][ T7858] siw: device registration error -23 [ 388.048149][ T28] audit: type=1326 audit(1770971341.574:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599e39bf79 code=0x7ffc0000 [ 388.094770][ T5777] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 388.201385][ T28] audit: type=1326 audit(1770971341.584:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599e39bf79 code=0x7ffc0000 [ 388.362739][ T28] audit: type=1326 audit(1770971341.593:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f599e39bf79 code=0x7ffc0000 [ 388.595610][ T28] audit: type=1326 audit(1770971341.593:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599e39bf79 code=0x7ffc0000 [ 389.849182][ T7876] netlink: 8 bytes leftover after parsing attributes in process `syz.2.437'. [ 390.384616][ T7876] bridge0: port 2(bridge_slave_1) entered disabled state [ 390.392350][ T7876] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.725499][ T5087] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 390.740584][ T5087] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 390.749793][ T5087] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 390.758402][ T5087] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 390.767529][ T5087] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 390.774982][ T5087] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 390.802812][ T7885] fuse: Unknown parameter '00000000000000000000' [ 390.821924][ T5777] Bluetooth: hci0: unexpected event for opcode 0x2012 [ 390.971035][ T7882] virt_wifi0 speed is unknown, defaulting to 1000 [ 391.042519][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 391.176395][ T7893] loop1: detected capacity change from 0 to 1024 [ 391.973844][ T7896] syz.2.440 (7896) used greatest stack depth: 19408 bytes left [ 392.291604][ T49] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.295645][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 392.295715][ T28] audit: type=1800 audit(1770971347.421:67): pid=7893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.439" name="file1" dev="loop1" ino=2 res=0 errno=0 [ 392.463041][ T49] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.634255][ T49] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.992042][ T5777] Bluetooth: hci2: command tx timeout [ 393.033197][ T49] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.113699][ T6735] hfsplus: bad catalog file entry [ 393.137362][ T6735] hfsplus: b-tree write err: -5, ino 3 [ 394.168375][ T7882] chnl_net:caif_netlink_parms(): no params data found [ 395.222941][ T5777] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 395.233500][ T5777] Bluetooth: hci0: Injecting HCI hardware error event [ 395.240736][ T5087] Bluetooth: hci2: command tx timeout [ 395.248073][ T5777] Bluetooth: hci0: hardware error 0x00 [ 397.567468][ T5087] Bluetooth: hci2: command tx timeout [ 397.573704][ T5777] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 399.747263][ T5777] Bluetooth: hci2: command tx timeout [ 399.757579][ T7882] bridge0: port 1(bridge_slave_0) entered blocking state [ 399.787590][ T7882] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.210397][ T7882] bridge_slave_0: entered allmulticast mode [ 400.293117][ T7882] bridge_slave_0: entered promiscuous mode [ 400.477579][ T7882] bridge0: port 2(bridge_slave_1) entered blocking state [ 401.012185][ T7882] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.019576][ T7882] bridge_slave_1: entered allmulticast mode [ 401.027004][ T7882] bridge_slave_1: entered promiscuous mode [ 403.763172][ T7882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 403.833409][ T7882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 403.993304][ T7882] team0: Port device team_slave_0 added [ 404.043603][ T7882] team0: Port device team_slave_1 added [ 404.126663][ T7882] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 404.151715][ T7882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 404.203755][ T7882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 404.265141][ T7882] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 404.280038][ T7882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 404.344162][ T7882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 404.494734][ T7882] hsr_slave_0: entered promiscuous mode [ 404.516036][ T7882] hsr_slave_1: entered promiscuous mode [ 404.522532][ T7882] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 404.547262][ T7882] Cannot create hsr debugfs directory [ 404.912673][ T49] hsr_slave_0: left promiscuous mode [ 404.918896][ T49] hsr_slave_1: left promiscuous mode [ 404.932822][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 404.940279][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 404.960135][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 404.973970][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 404.983017][ T49] bridge_slave_1: left allmulticast mode [ 404.994671][ T49] bridge_slave_1: left promiscuous mode [ 405.000902][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 405.019287][ T49] bridge_slave_0: left allmulticast mode [ 405.025010][ T49] bridge_slave_0: left promiscuous mode [ 405.037189][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 405.088912][ T49] veth1_macvtap: left promiscuous mode [ 405.095249][ T49] veth0_macvtap: left promiscuous mode [ 405.101033][ T49] veth1_vlan: left promiscuous mode [ 405.107093][ T49] veth0_vlan: left promiscuous mode [ 405.853412][ T49] team0 (unregistering): Port device team_slave_1 removed [ 405.908506][ T49] team0 (unregistering): Port device team_slave_0 removed [ 405.953082][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 406.001571][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 406.324775][ T49] bond0 (unregistering): Released all slaves [ 406.603560][ T7882] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 406.634872][ T7882] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 406.655339][ T7882] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 406.690474][ T7882] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 406.886007][ T7882] 8021q: adding VLAN 0 to HW filter on device bond0 [ 406.915161][ T7882] 8021q: adding VLAN 0 to HW filter on device team0 [ 406.948930][ T6735] bridge0: port 1(bridge_slave_0) entered blocking state [ 406.956160][ T6735] bridge0: port 1(bridge_slave_0) entered forwarding state [ 406.998232][ T6735] bridge0: port 2(bridge_slave_1) entered blocking state [ 407.006440][ T6735] bridge0: port 2(bridge_slave_1) entered forwarding state [ 407.354781][ T7882] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 407.775494][ T7882] veth0_vlan: entered promiscuous mode [ 407.801859][ T7882] veth1_vlan: entered promiscuous mode [ 407.865986][ T7882] veth0_macvtap: entered promiscuous mode [ 407.881739][ T7882] veth1_macvtap: entered promiscuous mode [ 407.907395][ T7882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 407.940479][ T7882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.958529][ T7882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 407.978972][ T7882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.988917][ T7882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.019492][ T7882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.031666][ T7882] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 408.052489][ T7882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.073511][ T7882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.085125][ T7882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.101894][ T7882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.112072][ T7882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 408.123010][ T7882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.135799][ T7882] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 408.164969][ T7882] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 408.184522][ T7882] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 408.214163][ T7882] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 408.222982][ T7882] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 408.411390][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 408.434272][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 408.476260][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 408.485300][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 409.727025][ T8068] loop1: detected capacity change from 0 to 8 [ 411.288733][ T8068] SQUASHFS error: zlib decompression failed, data probably corrupt [ 411.296782][ T8068] SQUASHFS error: Failed to read block 0x9b: -5 [ 411.303099][ T8068] SQUASHFS error: Unable to read metadata cache entry [99] [ 411.311156][ T8068] SQUASHFS error: Unable to read inode 0x127 [ 411.371802][ T8064] loop5: detected capacity change from 0 to 512 [ 411.444999][ T8064] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 411.458855][ T8064] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 411.745034][ T7882] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 416.436527][ T8120] netlink: 4 bytes leftover after parsing attributes in process `syz.5.460'. [ 417.871842][ T8129] netlink: 8 bytes leftover after parsing attributes in process `syz.1.465'. [ 418.196072][ T8129] bridge0: port 2(bridge_slave_1) entered disabled state [ 418.203788][ T8129] bridge0: port 1(bridge_slave_0) entered disabled state [ 418.418315][ T8131] loop0: detected capacity change from 0 to 512 [ 418.565944][ T8131] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 418.611265][ T8131] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 418.883977][ T8145] loop5: detected capacity change from 0 to 2048 [ 419.721279][ T8145] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 419.781330][ T8146] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 421.110396][ T8149] netlink: 4 bytes leftover after parsing attributes in process `syz.1.474'. [ 421.130987][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 421.764604][ T8161] tipc: Started in network mode [ 421.913723][ T8161] tipc: Node identity f2e728344aad, cluster identity 4711 [ 421.934792][ T8161] tipc: Enabled bearer , priority 0 [ 422.159420][ T8167] syzkaller0: entered promiscuous mode [ 422.369664][ T8167] syzkaller0: entered allmulticast mode [ 422.706023][ T8161] tipc: Resetting bearer [ 423.736032][ T5865] tipc: Node number set to 3091867700 [ 423.909062][ T8160] tipc: Resetting bearer [ 424.359196][ T8160] tipc: Disabling bearer [ 424.400491][ T8184] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 427.525115][ T8213] loop1: detected capacity change from 0 to 512 [ 427.569381][ T8213] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 427.604664][ T8216] netlink: 8 bytes leftover after parsing attributes in process `syz.5.485'. [ 427.627983][ T8216] bridge0: port 2(bridge_slave_1) entered disabled state [ 427.636392][ T8216] bridge0: port 1(bridge_slave_0) entered disabled state [ 427.672801][ T8213] EXT4-fs (loop1): 1 truncate cleaned up [ 427.715647][ T8213] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 428.923833][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.007871][ T8231] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5) [ 429.015001][ T8231] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 429.070626][ T8231] vhci_hcd vhci_hcd.0: Device attached [ 429.102435][ T8236] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8) [ 429.109121][ T8236] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 429.163727][ T8236] vhci_hcd vhci_hcd.0: Device attached [ 429.211192][ T8244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.500'. [ 429.237236][ T8244] bridge0: port 2(bridge_slave_1) entered disabled state [ 429.244615][ T8244] bridge0: port 1(bridge_slave_0) entered disabled state [ 429.480053][ T8253] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 430.133342][ T8236] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(12) [ 430.140040][ T8236] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 430.158829][ T8231] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(7) [ 430.165405][ T8231] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 430.217159][ T8236] vhci_hcd vhci_hcd.0: Device attached [ 430.223029][ T8231] vhci_hcd vhci_hcd.0: Device attached [ 430.250513][ T8231] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 430.281552][ T787] usb 44-1: SetAddress Request (2) to port 0 [ 430.322957][ T787] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd [ 430.401134][ T8249] vhci_hcd: connection closed [ 430.401668][ T8234] vhci_hcd: connection reset by peer [ 430.405547][ T8248] vhci_hcd: connection closed [ 430.411900][ T8238] vhci_hcd: connection closed [ 430.439618][ T144] vhci_hcd: stop threads [ 430.459999][ T144] vhci_hcd: release socket [ 430.475529][ T144] vhci_hcd: disconnect device [ 430.492149][ T144] vhci_hcd: stop threads [ 430.496957][ T144] vhci_hcd: release socket [ 430.504128][ T144] vhci_hcd: disconnect device [ 430.514930][ T144] vhci_hcd: stop threads [ 430.519238][ T144] vhci_hcd: release socket [ 430.547646][ T144] vhci_hcd: disconnect device [ 430.563608][ T144] vhci_hcd: stop threads [ 430.567936][ T144] vhci_hcd: release socket [ 430.579183][ T144] vhci_hcd: disconnect device [ 431.017945][ T8276] netlink: 4 bytes leftover after parsing attributes in process `syz.2.492'. [ 431.124978][ T8276] netlink: 28 bytes leftover after parsing attributes in process `syz.2.492'. [ 436.296965][ T8300] loop5: detected capacity change from 0 to 1024 [ 436.303859][ T787] usb 44-1: device descriptor read/8, error -110 [ 436.913108][ T787] usb usb44-port1: attempt power cycle [ 437.036668][ T5846] vhci_hcd: vhci_device speed not set [ 437.485468][ T28] audit: type=1800 audit(1770971389.663:68): pid=8300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.498" name="file1" dev="loop5" ino=2 res=0 errno=0 [ 439.749541][ T787] usb usb44-port1: unable to enumerate USB device [ 441.108856][ T8327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.505'. [ 441.428878][ T8327] netlink: 24 bytes leftover after parsing attributes in process `syz.2.505'. [ 441.914755][ T49] hfsplus: bad catalog file entry [ 441.930419][ T49] hfsplus: b-tree write err: -5, ino 3 [ 442.105641][ T8336] tipc: Enabled bearer , priority 0 [ 442.115721][ T8336] syzkaller0: entered promiscuous mode [ 442.121251][ T8336] syzkaller0: entered allmulticast mode [ 442.221599][ T8342] loop5: detected capacity change from 0 to 512 [ 442.266937][ T8344] netlink: 12 bytes leftover after parsing attributes in process `syz.1.506'. [ 442.288620][ T8342] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 442.329370][ T8342] EXT4-fs error (device loop5): xattr_find_entry:337: inode #15: comm syz.5.508: corrupted xattr entries [ 442.371975][ T8342] EXT4-fs (loop5): 1 orphan inode deleted [ 442.459456][ T8342] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 442.822871][ T8336] tipc: Resetting bearer [ 442.975183][ T8334] tipc: Resetting bearer [ 443.376565][ T8334] tipc: Disabling bearer [ 443.396432][ T8351] tipc: Enabling of bearer rejected, failed to enable media [ 444.068784][ T7882] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 451.548639][ T8395] loop1: detected capacity change from 0 to 128 [ 452.627955][ T8408] tipc: Enabling of bearer rejected, failed to enable media [ 452.739261][ T8415] netlink: 12 bytes leftover after parsing attributes in process `syz.2.520'. [ 452.790069][ T8417] loop5: detected capacity change from 0 to 512 [ 452.802724][ T8412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.519'. [ 452.834521][ T8417] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 452.853685][ T8412] netlink: 24 bytes leftover after parsing attributes in process `syz.1.519'. [ 452.874338][ T8417] EXT4-fs (loop5): 1 truncate cleaned up [ 452.885096][ T8417] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 454.367535][ T7882] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 460.397869][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 461.155199][ T8460] loop1: detected capacity change from 0 to 1024 [ 467.250055][ T8480] netlink: 4 bytes leftover after parsing attributes in process `syz.5.544'. [ 475.026935][ T8559] tipc: Enabled bearer , priority 0 [ 475.050419][ T8559] syzkaller0: entered promiscuous mode [ 475.071031][ T8559] syzkaller0: entered allmulticast mode [ 475.747775][ T8571] loop5: detected capacity change from 0 to 8 [ 476.177475][ T8571] SQUASHFS error: lzo decompression failed, data probably corrupt [ 476.185557][ T8571] SQUASHFS error: Failed to read block 0x28d: -5 [ 476.192032][ T8571] SQUASHFS error: Unable to read metadata cache entry [28b] [ 476.199596][ T8571] SQUASHFS error: Unable to read inode 0x11f [ 476.238752][ T8557] tipc: Resetting bearer [ 476.294524][ T8457] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 477.130108][ T8557] tipc: Disabling bearer [ 477.436143][ T5820] tipc: Node number set to 2281194289 [ 482.213739][ T8613] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.554'. [ 482.261727][ T8613] debugfs: Directory '!!ô' with parent 'ieee80211' already present! [ 484.428645][ T8627] loop5: detected capacity change from 0 to 512 [ 484.446183][ T8627] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities [ 484.516451][ T8629] tipc: Enabled bearer , priority 0 [ 484.524713][ T8629] syzkaller0: entered promiscuous mode [ 484.530502][ T8629] syzkaller0: entered allmulticast mode [ 484.739446][ T8457] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 485.675000][ T8628] tipc: Resetting bearer [ 487.312233][ T8628] tipc: Disabling bearer [ 489.293262][ T8662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.565'. [ 493.262822][ T8690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.580'. [ 495.588762][ T8708] tipc: Enabled bearer , priority 0 [ 495.603778][ T8708] syzkaller0: entered promiscuous mode [ 495.609464][ T8708] syzkaller0: entered allmulticast mode [ 495.719000][ T8710] loop5: detected capacity change from 0 to 512 [ 495.791330][ T8710] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 495.816153][ T8707] tipc: Resetting bearer [ 495.851274][ T8710] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 495.866824][ T8710] System zones: 1-12 [ 495.948126][ T8710] EXT4-fs (loop5): 1 truncate cleaned up [ 495.964210][ T8710] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 496.665494][ T8707] tipc: Disabling bearer [ 497.434582][ T7882] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 497.677184][ T8733] netlink: 4 bytes leftover after parsing attributes in process `syz.5.582'. [ 497.727709][ T8737] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 504.076673][ T8789] siw: device registration error -23 [ 505.745715][ T8795] tipc: Started in network mode [ 505.767609][ T8795] tipc: Node identity 820a4ca1d06d, cluster identity 4711 [ 505.775001][ T8795] tipc: Enabled bearer , priority 0 [ 506.098592][ T8799] syzkaller0: entered promiscuous mode [ 506.132392][ T8799] syzkaller0: entered allmulticast mode [ 506.219089][ T8803] tipc: Enabled bearer , priority 0 [ 506.307443][ T8797] syzkaller0: entered promiscuous mode [ 506.368328][ T8797] syzkaller0: entered allmulticast mode [ 506.785922][ T8791] tipc: Resetting bearer [ 507.024164][ T8791] tipc: Disabling bearer [ 507.052970][ T5846] tipc: Node number set to 1382501537 [ 507.062182][ T8796] tipc: Resetting bearer [ 507.370095][ T8796] tipc: Disabling bearer [ 514.109715][ T8856] tipc: Enabled bearer , priority 0 [ 514.132757][ T8856] syzkaller0: entered promiscuous mode [ 514.147532][ T8856] syzkaller0: entered allmulticast mode [ 514.190957][ T8856] tipc: Resetting bearer [ 514.261639][ T8855] tipc: Resetting bearer [ 514.354962][ T8855] tipc: Disabling bearer [ 519.411417][ T8901] tipc: Enabling of bearer rejected, failed to enable media [ 519.924205][ T8904] siw: device registration error -23 [ 522.904235][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 523.225480][ T8927] tipc: Enabling of bearer rejected, failed to enable media [ 523.498939][ T8936] hugetlbfs: syz.1.616 (8936): Using mlock ulimits for SHM_HUGETLB is obsolete [ 525.143506][ T5087] Bluetooth: hci2: command 0x0406 tx timeout [ 525.582325][ T8957] tipc: Enabled bearer , priority 0 [ 525.590700][ T8957] syzkaller0: entered promiscuous mode [ 525.596242][ T8957] syzkaller0: entered allmulticast mode [ 525.642663][ T8957] tipc: Resetting bearer [ 525.757029][ T8956] tipc: Resetting bearer [ 526.092326][ T8962] siw: device registration error -23 [ 526.826620][ T8956] tipc: Disabling bearer [ 529.453194][ T8985] tipc: Enabled bearer , priority 0 [ 529.498327][ T8985] syzkaller0: entered promiscuous mode [ 529.537406][ T8985] syzkaller0: entered allmulticast mode [ 529.608243][ T8985] tipc: Resetting bearer [ 529.648453][ T8982] tipc: Resetting bearer [ 529.775677][ T8982] tipc: Disabling bearer [ 530.889721][ T9002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.632'. [ 531.457256][ T9002] netlink: 68 bytes leftover after parsing attributes in process `syz.2.632'. [ 544.357403][ T9100] netlink: 4 bytes leftover after parsing attributes in process `syz.0.652'. [ 544.485451][ T9102] netlink: 28 bytes leftover after parsing attributes in process `syz.0.652'. [ 548.813789][ T9135] IPv6: NLM_F_CREATE should be specified when creating new route [ 548.840644][ T9135] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 548.848701][ T9135] IPv6: NLM_F_CREATE should be set when creating new route [ 552.716611][ T9152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.662'. [ 552.778280][ T9152] netlink: 28 bytes leftover after parsing attributes in process `syz.0.662'. [ 552.880808][ T9159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.664'. [ 561.676741][ T9211] tipc: Enabled bearer , priority 0 [ 561.684644][ T9211] syzkaller0: entered promiscuous mode [ 562.544824][ T9211] syzkaller0: entered allmulticast mode [ 562.698092][ T9217] tipc: Resetting bearer [ 563.245944][ T9210] tipc: Resetting bearer [ 563.562236][ T9210] tipc: Disabling bearer [ 568.292976][ T9253] loop5: detected capacity change from 0 to 1024 [ 568.307117][ T9253] EXT4-fs: Ignoring removed nobh option [ 568.386874][ T9253] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 568.857110][ T5777] Bluetooth: hci2: unexpected event for opcode 0x041b [ 569.658231][ T7882] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.364780][ T9278] tipc: Enabled bearer , priority 0 [ 572.388201][ T9278] syzkaller0: entered promiscuous mode [ 573.489933][ T9278] syzkaller0: entered allmulticast mode [ 573.556128][ T9286] tipc: Resetting bearer [ 573.621406][ T9277] tipc: Resetting bearer [ 574.284669][ T9277] tipc: Disabling bearer [ 583.872080][ T9353] siw: device registration error -23 [ 585.306511][ T9364] tipc: Enabled bearer , priority 0 [ 585.424989][ T9366] tipc: Resetting bearer [ 585.460901][ T9364] syzkaller0: entered promiscuous mode [ 585.494789][ T9363] tipc: Resetting bearer [ 585.575515][ T9363] tipc: Disabling bearer [ 585.805610][ T9368] syzkaller0: entered promiscuous mode [ 585.840244][ T9368] syzkaller0: entered allmulticast mode [ 588.088613][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 594.439954][ T9425] siw: device registration error -23 [ 595.903198][ T9388] netlink: 4 bytes leftover after parsing attributes in process `syz.1.695'. [ 596.310922][ T9432] tipc: Enabled bearer , priority 0 [ 597.834266][ T9432] syzkaller0: entered promiscuous mode [ 597.839777][ T9432] syzkaller0: entered allmulticast mode [ 598.693148][ T9432] tipc: Resetting bearer [ 598.729809][ T9430] tipc: Resetting bearer [ 598.762723][ T9430] tipc: Disabling bearer [ 602.451143][ T9461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.715'. [ 602.583827][ T9462] tipc: Enabled bearer , priority 0 [ 602.627489][ T9462] syzkaller0: entered promiscuous mode [ 602.633042][ T9462] syzkaller0: entered allmulticast mode [ 602.981518][ T9462] tipc: Resetting bearer [ 603.125113][ T9458] tipc: Resetting bearer [ 603.322289][ T9458] tipc: Disabling bearer [ 603.902377][ T9479] vivid-007: disconnect [ 604.668393][ T9474] vivid-007: reconnect [ 605.954792][ T9488] Bluetooth: MGMT ver 1.22 [ 605.962052][ T9488] Bluetooth: hci0: invalid length 0, exp 2 for type 17 [ 611.278880][ T9507] netlink: 4 bytes leftover after parsing attributes in process `syz.1.726'. [ 614.799621][ T5865] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 615.034747][ T5865] usb 2-1: Using ep0 maxpacket: 16 [ 615.095350][ T5865] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 615.130839][ T5865] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 615.271594][ T5865] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 615.281792][ T5865] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 615.289804][ T5865] usb 2-1: Product: syz [ 615.349386][ T5865] usb 2-1: Manufacturer: syz [ 615.354063][ T5865] usb 2-1: SerialNumber: syz [ 616.906564][ T5865] usb 2-1: 0:2 : does not exist [ 616.941901][ T5865] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 617.119779][ T5865] usb 2-1: USB disconnect, device number 3 [ 618.894278][ T9513] udevd[9513]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 621.467858][ T9542] xt_CT: No such helper "pptp" [ 624.497130][ T5865] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 625.086413][ T5865] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz0 [ 625.364465][ T9575] loop0: detected capacity change from 0 to 1024 [ 625.475137][ T9573] fido_id[9573]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 628.966652][ T2957] hfsplus: b-tree write err: -5, ino 4 [ 629.218227][ T9591] netlink: 12 bytes leftover after parsing attributes in process `syz.2.745'. [ 640.077212][ T9667] siw: device registration error -23 [ 653.221612][ T28] audit: type=1326 audit(2000000113.651:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9718 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 653.286942][ T28] audit: type=1326 audit(2000000113.716:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9718 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 653.355765][ T28] audit: type=1326 audit(2000000113.716:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9718 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 653.422544][ T28] audit: type=1326 audit(2000000113.716:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9718 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 653.510219][ T28] audit: type=1326 audit(2000000113.716:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9718 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 653.612325][ T28] audit: type=1326 audit(2000000113.735:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9718 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 653.730991][ T9725] netlink: 4 bytes leftover after parsing attributes in process `syz.5.766'. [ 653.761765][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 653.804117][ T28] audit: type=1326 audit(2000000113.735:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9718 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 653.911853][ T28] audit: type=1326 audit(2000000113.735:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9718 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 654.046542][ T28] audit: type=1326 audit(2000000113.772:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9718 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 654.097403][ T28] audit: type=1326 audit(2000000113.772:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9718 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaca19bf79 code=0x7ffc0000 [ 656.938830][ T9742] loop1: detected capacity change from 0 to 16 [ 656.982006][ T9742] erofs: (device loop1): mounted with root inode @ nid 36. [ 657.582839][ T9742] 8021q: VLANs not supported on lo [ 657.780602][ T9742] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 657.815607][ T9742] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 661.862803][ T9759] syz.2.782 (9759) used greatest stack depth: 17928 bytes left [ 663.681320][ T9772] vivid-007: disconnect [ 664.469908][ T9767] vivid-007: reconnect [ 668.307104][ T9784] siw: device registration error -23 [ 671.255162][ T9790] loop5: detected capacity change from 0 to 128 [ 671.352063][ T9790] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 671.383764][ T9790] ext4 filesystem being mounted at /81/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 674.350704][ T7882] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 686.100406][ T9874] loop5: detected capacity change from 0 to 512 [ 687.178458][ T9874] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 687.191572][ T9874] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 687.625339][ T7882] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 687.912908][ T9] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 688.341259][ T9885] netlink: 8 bytes leftover after parsing attributes in process `syz.0.811'. [ 688.434610][ T9] usb 1-1: unable to get BOS descriptor or descriptor too short [ 688.506965][ T9] usb 1-1: no configurations [ 688.534002][ T9] usb 1-1: can't read configurations, error -22 [ 691.407161][ T9903] netlink: 4 bytes leftover after parsing attributes in process `syz.0.816'. [ 691.629259][ T9905] netlink: 4 bytes leftover after parsing attributes in process `syz.5.817'. [ 693.591658][ T9927] netlink: 277 bytes leftover after parsing attributes in process `syz.1.814'. [ 695.353958][ T9926] 8021q: adding VLAN 0 to HW filter on device bond3 [ 695.434193][ T9932] bond_slave_0: entered promiscuous mode [ 695.440532][ T9932] bond_slave_1: entered promiscuous mode [ 695.525212][ T9932] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 695.567758][ T9932] bond3: (slave macvlan2): Enslaving as a backup interface with an up link [ 695.676050][ T9939] netlink: 4 bytes leftover after parsing attributes in process `syz.5.826'. [ 695.870624][ T9943] loop5: detected capacity change from 0 to 128 [ 695.943810][ T9943] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 695.974532][ T9943] hpfs: filesystem error: improperly stopped [ 695.982222][ T9943] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 696.005422][ T9943] hpfs: You really don't want any checks? You are crazy... [ 696.015127][ T9943] hpfs: hpfs_map_sector(): read error [ 696.058815][ T9943] hpfs: code page support is disabled [ 696.065839][ T9943] hpfs: hpfs_map_4sectors(): unaligned read [ 696.112719][ T9943] hpfs: hpfs_map_4sectors(): unaligned read [ 696.118790][ T9943] hpfs: filesystem error: unable to find root dir [ 696.120888][ T9945] netlink: 4 bytes leftover after parsing attributes in process `syz.2.829'. [ 696.190316][ T9943] hpfs: hpfs_map_4sectors(): unaligned read [ 696.209850][ T9943] hpfs: filesystem error: invalid bitmap block pointer 00000000 -> 7b3184b5 at aib [ 696.253345][ T9943] hpfs: hpfs_map_4sectors(): unaligned read [ 696.259443][ T9943] hpfs: filesystem error: invalid bitmap block pointer 00000000 -> 7b3184b5 at aib [ 696.281359][ T9943] hpfs: hpfs_map_4sectors(): unaligned read [ 696.292977][ T9943] hpfs: filesystem error: invalid bitmap block pointer 00000000 -> 7b3184b5 at aib [ 696.351256][ T9943] hpfs: filesystem error: invalid bitmap block pointer 00000000 -> 7b3184b5 at aib [ 701.736164][ T9989] netlink: 4 bytes leftover after parsing attributes in process `syz.1.839'. [ 702.745737][ T9995] netlink: 4 bytes leftover after parsing attributes in process `syz.5.836'. [ 712.758865][T10056] netlink: 4 bytes leftover after parsing attributes in process `syz.0.850'. [ 714.372407][T10068] netlink: 4 bytes leftover after parsing attributes in process `syz.2.853'. [ 715.874031][T10084] autofs4:pid:10084:autofs_fill_super: called with bogus options [ 716.322552][T10089] netlink: 4 bytes leftover after parsing attributes in process `syz.0.857'. [ 718.098817][T10106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 718.126476][T10109] netlink: 4 bytes leftover after parsing attributes in process `syz.1.862'. [ 718.135254][T10106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.135360][T10106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 718.135378][T10106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.135400][T10106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 718.135413][T10106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.142324][T10106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 718.201682][T10106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.217364][T10106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 718.241861][T10106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.251814][T10106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 718.284716][T10106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 718.659925][T10123] loop1: detected capacity change from 0 to 256 [ 718.735239][T10123] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 718.809429][T10102] syz.0.860 (10102) used greatest stack depth: 17384 bytes left [ 721.000507][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 721.375983][T10132] netlink: 4 bytes leftover after parsing attributes in process `syz.2.868'. [ 721.805018][T10138] netlink: 4 bytes leftover after parsing attributes in process `syz.5.863'. [ 722.118283][T10143] syzkaller0: entered promiscuous mode [ 722.123963][T10143] syzkaller0: entered allmulticast mode [ 722.562254][T10147] siw: device registration error -23 [ 725.657196][T10158] netlink: 4 bytes leftover after parsing attributes in process `syz.5.876'. [ 726.350687][T10166] netlink: 4 bytes leftover after parsing attributes in process `syz.0.879'. [ 728.137529][T10171] syzkaller0: entered promiscuous mode [ 728.152358][T10171] syzkaller0: entered allmulticast mode [ 728.288158][T10173] netlink: 'syz.1.875': attribute type 1 has an invalid length. [ 730.442455][T10183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.885'. [ 730.660006][T10185] netlink: 8 bytes leftover after parsing attributes in process `syz.0.886'. [ 730.689046][T10185] IPVS: Error joining to the multicast group [ 731.550307][T10203] loop0: detected capacity change from 0 to 512 [ 731.646737][T10203] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 731.847344][T10203] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.888: inode has both inline data and extents flags [ 731.864418][T10203] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.888: couldn't read orphan inode 15 (err -117) [ 731.888190][T10203] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 731.909791][T10198] netlink: 4 bytes leftover after parsing attributes in process `syz.5.880'. [ 732.707947][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 734.434576][T10233] loop1: detected capacity change from 0 to 512 [ 735.279920][T10233] EXT4-fs: test_dummy_encryption requires encrypt feature [ 735.418632][T10225] QAT: Invalid ioctl 1074328842 [ 735.595722][T10236] netlink: 4 bytes leftover after parsing attributes in process `syz.2.894'. [ 735.689530][T10240] loop0: detected capacity change from 0 to 256 [ 735.726766][T10240] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 736.173359][T10246] siw: device registration error -23 [ 736.956069][T10253] netlink: 4 bytes leftover after parsing attributes in process `syz.2.898'. [ 737.785575][T10266] netlink: 'syz.0.902': attribute type 1 has an invalid length. [ 741.139990][T10278] siw: device registration error -23 [ 741.672831][T10289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.909'. [ 744.096668][T10314] loop5: detected capacity change from 0 to 512 [ 744.119513][T10314] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 744.185611][T10314] EXT4-fs (loop5): 1 truncate cleaned up [ 744.232318][T10314] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 744.356744][T10324] netlink: 24 bytes leftover after parsing attributes in process `syz.0.917'. [ 745.318014][ T7882] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 746.784136][T10339] tipc: Enabled bearer , priority 0 [ 746.830361][T10339] tipc: Resetting bearer [ 746.879983][T10338] tipc: Disabling bearer [ 748.053073][T10354] loop1: detected capacity change from 0 to 256 [ 748.194625][T10354] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 748.469244][ T8181] IPVS: starting estimator thread 0... [ 748.603315][T10362] IPVS: using max 17 ests per chain, 40800 per kthread [ 749.156523][T10366] loop5: detected capacity change from 0 to 512 [ 749.267778][T10366] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 749.301609][T10371] tipc: Enabling of bearer rejected, failed to enable media [ 749.345574][T10372] netlink: 'syz.0.928': attribute type 1 has an invalid length. [ 749.640453][T10380] loop0: detected capacity change from 0 to 256 [ 749.678504][T10380] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 750.131905][ T28] kauditd_printk_skb: 77 callbacks suppressed [ 750.131923][ T28] audit: type=1804 audit(2000000204.113:156): pid=10381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.927" name="/newroot/118/file0/file1" dev="loop5" ino=15 res=1 errno=0 [ 750.464800][ T7882] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 752.099993][T10394] siw: device registration error -23 [ 756.797502][T10423] tipc: Enabled bearer , priority 0 [ 756.844060][T10423] tipc: Resetting bearer [ 757.017671][T10422] tipc: Disabling bearer [ 760.804063][T10441] loop0: detected capacity change from 0 to 1024 [ 760.816269][T10441] journal_path: Non-blockdev passed as '' [ 760.822513][T10441] EXT4-fs: error: could not find journal device path [ 761.212103][T10443] siw: device registration error -23 [ 761.481236][T10125] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 762.902679][T10447] loop1: detected capacity change from 0 to 512 [ 762.941258][T10447] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 763.534998][T10447] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.946: inode has both inline data and extents flags [ 763.592446][T10447] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.946: couldn't read orphan inode 15 (err -117) [ 763.609514][T10447] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 764.434350][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 765.661985][T10453] netlink: 72 bytes leftover after parsing attributes in process `syz.0.958'. [ 770.624417][T10493] netlink: 4 bytes leftover after parsing attributes in process `syz.2.966'. [ 774.376984][T10510] netlink: 'syz.2.960': attribute type 1 has an invalid length. [ 775.599070][T10512] bond4: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 775.675923][T10521] loop5: detected capacity change from 0 to 256 [ 775.701713][T10521] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 775.789147][T10525] loop1: detected capacity change from 0 to 512 [ 775.810967][T10510] veth3: entered promiscuous mode [ 775.817494][T10525] EXT4-fs: Ignoring removed i_version option [ 775.836096][T10510] bond4: (slave veth3): Enslaving as a backup interface with a down link [ 775.847917][T10525] EXT4-fs: Ignoring removed oldalloc option [ 775.943321][T10512] netlink: 28 bytes leftover after parsing attributes in process `syz.2.960'. [ 776.016101][T10512] 8021q: adding VLAN 0 to HW filter on device bond4 [ 776.024593][ T1131] net_ratelimit: 10 callbacks suppressed [ 776.024607][ T1131] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 776.643920][ T49] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 776.657262][T10525] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 780.822791][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 781.121801][T10553] loop0: detected capacity change from 0 to 64 [ 784.043930][T10575] netlink: 'syz.5.975': attribute type 1 has an invalid length. [ 784.325623][T10575] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 784.558633][T10582] siw: device registration error -23 [ 784.586651][T10575] veth3: entered promiscuous mode [ 784.779625][T10575] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 785.216608][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 785.246911][T10577] netlink: 28 bytes leftover after parsing attributes in process `syz.5.975'. [ 785.339455][T10577] 8021q: adding VLAN 0 to HW filter on device bond1 [ 785.389980][ T49] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 785.524059][T10585] netlink: 4 bytes leftover after parsing attributes in process `syz.2.976'. [ 785.582094][ T2957] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 796.438450][T10666] siw: device registration error -23 [ 798.152676][T10681] netlink: 'syz.0.999': attribute type 1 has an invalid length. [ 798.161268][T10681] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.999'. [ 805.233030][T10717] loop5: detected capacity change from 0 to 256 [ 805.269928][T10717] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 806.754648][T10725] loop5: detected capacity change from 0 to 16 [ 806.836738][T10725] erofs: (device loop5): erofs_read_inode: unsupported chunk format fe00 of nid 36 [ 807.355905][T10731] tipc: Enabled bearer , priority 0 [ 807.381042][T10731] [ 807.383450][T10731] ============================= [ 807.388334][T10731] WARNING: suspicious RCU usage [ 807.393317][T10731] syzkaller #0 Not tainted [ 807.397773][T10731] ----------------------------- [ 807.402726][T10731] net/mac80211/iface.c:378 suspicious rcu_dereference_protected() usage! [ 807.411485][T10731] [ 807.411485][T10731] other info that might help us debug this: [ 807.411485][T10731] [ 807.421898][T10731] [ 807.421898][T10731] rcu_scheduler_active = 2, debug_locks = 1 [ 807.430043][T10731] 1 lock held by syz.5.1014/10731: [ 807.435731][T10731] #0: ffffffff8e3c0208 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x7a4/0x1140 [ 807.444861][T10731] [ 807.444861][T10731] stack backtrace: [ 807.450844][T10731] CPU: 1 PID: 10731 Comm: syz.5.1014 Not tainted syzkaller #0 [ 807.458385][T10731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 807.468833][T10731] Call Trace: [ 807.472164][T10731] [ 807.475136][T10731] dump_stack_lvl+0x18c/0x250 [ 807.479880][T10731] ? show_regs_print_info+0x20/0x20 [ 807.485131][T10731] ? load_image+0x400/0x400 [ 807.489744][T10731] lockdep_rcu_suspicious+0x1e1/0x300 [ 807.495182][T10731] ieee80211_check_concurrent_iface+0x475/0x950 [ 807.501502][T10731] ieee80211_open+0xc1/0x200 [ 807.506147][T10731] __dev_open+0x2cb/0x430 [ 807.510541][T10731] ? dev_open+0x190/0x190 [ 807.514928][T10731] __dev_change_flags+0x211/0x6a0 [ 807.520018][T10731] ? dev_get_flags+0x1c0/0x1c0 [ 807.524844][T10731] ? mutex_lock_nested+0x20/0x20 [ 807.529865][T10731] dev_change_flags+0x88/0x1a0 [ 807.534695][T10731] dev_ioctl+0x7b4/0x1140 [ 807.539086][T10731] sock_do_ioctl+0x239/0x310 [ 807.543737][T10731] ? sock_show_fdinfo+0xb0/0xb0 [ 807.548656][T10731] sock_ioctl+0x5ba/0x7e0 [ 807.553053][T10731] ? sock_poll+0x3e0/0x3e0 [ 807.557540][T10731] ? bpf_lsm_file_ioctl+0x9/0x10 [ 807.562543][T10731] ? security_file_ioctl+0x80/0xa0 [ 807.567726][T10731] ? sock_poll+0x3e0/0x3e0 [ 807.572199][T10731] __se_sys_ioctl+0xfd/0x170 [ 807.576856][T10731] do_syscall_64+0x55/0xa0 [ 807.581335][T10731] ? clear_bhb_loop+0x40/0x90 [ 807.586068][T10731] ? clear_bhb_loop+0x40/0x90 [ 807.590812][T10731] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 807.596757][T10731] RIP: 0033:0x7fe322d9bf79 [ 807.601225][T10731] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 807.621063][T10731] RSP: 002b:00007fe323be6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 807.629538][T10731] RAX: ffffffffffffffda RBX: 00007fe323015fa0 RCX: 00007fe322d9bf79 [ 807.637561][T10731] RDX: 0000200000002280 RSI: 0000000000008914 RDI: 0000000000000004 [ 807.645679][T10731] RBP: 00007fe322e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 807.653795][T10731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 807.661900][T10731] R13: 00007fe323016038 R14: 00007fe323015fa0 R15: 00007ffed9206d48 [ 807.669940][T10731] [ 807.733066][T10731] mac80211_hwsim hwsim13 syzkaller0: entered promiscuous mode [ 807.740881][T10731] mac80211_hwsim hwsim13 syzkaller0: entered allmulticast mode [ 807.761222][T10731] tipc: Resetting bearer [ 808.119759][T10740] siw: device registration error -23