last executing test programs: 12.858513907s ago: executing program 2 (id=1085): openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x9, 0x0, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2b, 0x25dfdbfb, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0x1, 0x5}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x55}, 0xc010) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r4, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 12.404702387s ago: executing program 0 (id=1088): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018000100feffffff0001000000000000000000000000ffffe0000002fc0100000000000000000000000000010001071c4e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000ac14142500000000000000000000000000000000000000009201000000000000a39b000000000000ffff0000000000001c250800000000000500000000000000fcffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000fefffffffffffffffafffffffcffffff000000008000000000350000020001002052377aae00000000"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) 11.979927345s ago: executing program 2 (id=1089): msgctl$IPC_SET(0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) modify_ldt$write(0x1, &(0x7f0000000000)={0xfff, 0x100000, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10) modify_ldt$write2(0x11, &(0x7f0000000080)={0xd7, 0x1000, 0x2000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10) 10.884727242s ago: executing program 0 (id=1092): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket(0x2b, 0x80801, 0x1) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x10000, @empty}, 0x1c) shutdown(r3, 0x1) 10.109329266s ago: executing program 2 (id=1095): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x14, 0x0, 0x400, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x200400d9}, 0x4000185) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd) r4 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000080)={r4, r3, r4}, 0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={'blake2b-384-generic\x00'}}) 8.746679734s ago: executing program 0 (id=1097): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x44}}, 0x0) openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x400, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x58, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r4, @ANYBLOB="0100000000000000000017000000500006804c00040067636d286165732900000000000000000000000000000000000000000000000024"], 0xcc}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r6, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0xffffffffffffffff) 7.92282742s ago: executing program 2 (id=1099): r0 = socket$alg(0x26, 0x5, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) bind$alg(r0, &(0x7f0000000440)={0x26, 'hash\x00', 0x0, 0x0, 'sha256\x00'}, 0x58) r2 = accept$alg(r0, 0x0, 0x0) r3 = dup(r2) r4 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0) ftruncate(r4, 0x200004) sendfile(r3, r4, 0x0, 0x80001d00c0d5) 7.659659711s ago: executing program 1 (id=1101): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) getpid() mkdirat(0xffffffffffffff9c, 0x0, 0x88) bind$netlink(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0xb76}, 0x18) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 7.568828075s ago: executing program 3 (id=1102): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r3 = syz_clone(0x40011, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = gettid() kcmp(r4, r3, 0xb44c031f136537ae, 0xffffffffffffffff, 0xffffffffffffffff) 7.21206979s ago: executing program 0 (id=1103): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 7.198346321s ago: executing program 1 (id=1104): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfffffffc, 0x1}, &(0x7f00000007c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x20, 0x6000, @fd_index, 0x7, 0x0, 0x0, 0x1e, 0x1}) io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) 6.477886741s ago: executing program 3 (id=1105): socket(0x1e, 0x4, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 4.64768199s ago: executing program 1 (id=1106): socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)) r0 = syz_io_uring_setup(0x462, &(0x7f0000000280)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f00000000c0)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x54, 0x1}) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0x3d, 0x0, @fd, 0x0, 0x0, 0xffff, 0x0, 0x1}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 4.63290294s ago: executing program 0 (id=1107): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a80016002000014003000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) r1 = io_uring_setup(0x5217, &(0x7f0000000200)={0x0, 0xb8e9, 0x1000, 0x3, 0x3c9}) io_uring_register$IORING_REGISTER_FILES2(r1, 0xd, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x20) socket$inet(0x2, 0xa, 0x9) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) r3 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_int(r3, 0x29, 0x16, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r3, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22, 0x6, @empty, 0x400}, 0x1c) listen(r4, 0x3) syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) 4.428901599s ago: executing program 1 (id=1108): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x3400000000000000, 0x0, 0xfffffffffffffffd, 0x0, 0x80, 0x4, 0x100}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x65d}, 0x0, 0x0) close(0x4) 4.348764143s ago: executing program 2 (id=1109): epoll_create1(0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) eventfd(0x4) syz_open_procfs(0x0, &(0x7f00000000c0)='oom_score\x00') socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f00000002c0)=ANY=[@ANYRES8=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000000)) 4.267243317s ago: executing program 3 (id=1110): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000001f40)=@raw={'raw\x00', 0x8, 0x3, 0x3e8, 0x248, 0x43, 0xa0, 0x248, 0x98, 0x350, 0x178, 0x178, 0x350, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x228, 0x248, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@string={{0xc0}, {0x0, 0x3, 'kmp\x00', "7af8bdb4c056dc65949041982abfe9ed51b01289c0026e2e6034ed587be5f09017b907388134b0ede40eb8d493f20d534fc37f23ec524d91a7a041f36bb1d1c3ab474544c5ef3f2fa69a80a0d967ee4464257d28d31e6843bc1221dfb9a6a27ad13af7061b737fd97d94f50942c68242819c941c0b4d9ec154c7d327187e8198", 0x38, 0x2, {0x1}}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe8, 0x108, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[{0xb}]}}, @common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x448) 4.038229706s ago: executing program 2 (id=1111): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) syz_io_uring_setup(0x50d0, &(0x7f0000000000)={0x0, 0xfffffffd, 0x2, 0x2, 0x332}, &(0x7f0000000100), &(0x7f0000ff4000)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xc9, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) 3.189239853s ago: executing program 3 (id=1112): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEAUTHENTICATE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x24, r4, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x8, 0x2a, [@perr={0x84, 0xffffffffffffff21}]}]}, 0x24}}, 0x0) 3.188103173s ago: executing program 0 (id=1113): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) read$char_usb(r1, &(0x7f0000000040)=""/188, 0xbc) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x0) read$FUSE(r2, &(0x7f0000001b40)={0x2020}, 0x205c) timer_create(0x2, 0x0, &(0x7f0000bbdffc)=0x0) timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r4, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 2.868683566s ago: executing program 1 (id=1114): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) ioprio_set$uid(0x3, 0x0, 0x4004) setxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240), 0x0, 0xff27, 0x0) 2.157550337s ago: executing program 3 (id=1115): r0 = socket$inet(0xa, 0x801, 0x84) r1 = socket$inet(0xa, 0x801, 0x84) listen(r1, 0xfffffffd) r2 = socket$inet(0xa, 0x801, 0x84) listen(r2, 0xfffffffd) listen(r0, 0x8) r3 = socket$inet(0xa, 0x801, 0x84) listen(r3, 0x8) r4 = socket$inet(0xa, 0x801, 0x84) listen(r4, 0x8) r5 = socket$inet(0xa, 0x801, 0x84) listen(r5, 0x1) r6 = socket$netlink(0x10, 0x3, 0x4) writev(r6, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) 987.773247ms ago: executing program 1 (id=1116): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001040)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r6 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r6, &(0x7f0000000080)='\x00', 0x1, 0x40, &(0x7f00000001c0)={0x11, 0xf6, r5, 0x1, 0xd8, 0x6, @multicast}, 0x14) 0s ago: executing program 3 (id=1117): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e20, 0x1000040, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3c}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.225' (ED25519) to the list of known hosts. [ 82.518635][ T5775] cgroup: Unknown subsys name 'net' [ 82.686828][ T5775] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.401488][ T5775] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.658258][ T5787] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 86.667674][ T5787] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 86.687226][ T5798] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 86.696888][ T5798] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 86.705832][ T5798] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 86.715322][ T5798] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 86.724242][ T5798] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 86.733038][ T5798] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 86.740955][ T5798] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 86.749781][ T5798] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 86.784901][ T5796] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 86.800670][ T5799] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 86.808662][ T5801] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 86.816358][ T5801] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 86.821703][ T5796] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 86.831992][ T5796] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 86.837099][ T5801] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 86.839745][ T5796] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 86.855965][ T5787] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 86.870823][ T5787] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 86.870912][ T5796] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 86.886308][ T5796] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 86.894147][ T5796] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 86.903169][ T5796] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.374551][ T5790] chnl_net:caif_netlink_parms(): no params data found [ 87.740593][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.747844][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.755668][ T5790] bridge_slave_0: entered allmulticast mode [ 87.764267][ T5790] bridge_slave_0: entered promiscuous mode [ 87.777147][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.784591][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.791969][ T5790] bridge_slave_1: entered allmulticast mode [ 87.799473][ T5790] bridge_slave_1: entered promiscuous mode [ 87.806602][ T5791] chnl_net:caif_netlink_parms(): no params data found [ 87.849291][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 87.910063][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.934379][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.997921][ T5785] chnl_net:caif_netlink_parms(): no params data found [ 88.031184][ T5790] team0: Port device team_slave_0 added [ 88.045093][ T5790] team0: Port device team_slave_1 added [ 88.116242][ T5791] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.123695][ T5791] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.131183][ T5791] bridge_slave_0: entered allmulticast mode [ 88.138417][ T5791] bridge_slave_0: entered promiscuous mode [ 88.146839][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.154486][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.180575][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.218020][ T5791] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.225538][ T5791] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.233025][ T5791] bridge_slave_1: entered allmulticast mode [ 88.240212][ T5791] bridge_slave_1: entered promiscuous mode [ 88.262504][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.269940][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.296189][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.312881][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.320099][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.327565][ T5789] bridge_slave_0: entered allmulticast mode [ 88.335464][ T5789] bridge_slave_0: entered promiscuous mode [ 88.367835][ T5791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.380495][ T5791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.394856][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.402202][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.410508][ T5789] bridge_slave_1: entered allmulticast mode [ 88.417732][ T5789] bridge_slave_1: entered promiscuous mode [ 88.520072][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.544979][ T5791] team0: Port device team_slave_0 added [ 88.555854][ T5791] team0: Port device team_slave_1 added [ 88.576864][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.585123][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.593237][ T5785] bridge_slave_0: entered allmulticast mode [ 88.600757][ T5785] bridge_slave_0: entered promiscuous mode [ 88.612049][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.625648][ T5790] hsr_slave_0: entered promiscuous mode [ 88.632379][ T5790] hsr_slave_1: entered promiscuous mode [ 88.697127][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.704896][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.713312][ T5785] bridge_slave_1: entered allmulticast mode [ 88.720824][ T5785] bridge_slave_1: entered promiscuous mode [ 88.758423][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.765433][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.792744][ T5791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.839508][ T5789] team0: Port device team_slave_0 added [ 88.846815][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.854471][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.881373][ T5791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.899676][ T5796] Bluetooth: hci3: command tx timeout [ 88.922044][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.933754][ T5789] team0: Port device team_slave_1 added [ 88.963242][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.972606][ T5796] Bluetooth: hci2: command tx timeout [ 88.978676][ T5103] Bluetooth: hci0: command tx timeout [ 88.985041][ T5796] Bluetooth: hci1: command tx timeout [ 89.044030][ T5785] team0: Port device team_slave_0 added [ 89.050966][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.057978][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.085549][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.120783][ T5791] hsr_slave_0: entered promiscuous mode [ 89.127372][ T5791] hsr_slave_1: entered promiscuous mode [ 89.134159][ T5791] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.143376][ T5791] Cannot create hsr debugfs directory [ 89.150930][ T5785] team0: Port device team_slave_1 added [ 89.158932][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.166011][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.192018][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.272483][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.280987][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.307292][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.320299][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.327400][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.354244][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.446802][ T5789] hsr_slave_0: entered promiscuous mode [ 89.453697][ T5789] hsr_slave_1: entered promiscuous mode [ 89.460586][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.468793][ T5789] Cannot create hsr debugfs directory [ 89.562246][ T5785] hsr_slave_0: entered promiscuous mode [ 89.570690][ T5785] hsr_slave_1: entered promiscuous mode [ 89.576937][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.585467][ T5785] Cannot create hsr debugfs directory [ 89.766791][ T5790] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 89.779257][ T5790] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 89.795392][ T5790] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 89.826297][ T5790] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 89.970253][ T5791] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 89.982846][ T5791] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 89.994082][ T5791] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.005350][ T5791] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.110268][ T5789] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.122712][ T5789] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.133270][ T5789] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.159799][ T5789] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.257991][ T5785] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.270377][ T5785] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.287240][ T5785] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.299214][ T5785] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.412631][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.452871][ T5791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.470972][ T5790] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.503063][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.526537][ T5791] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.557165][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.564667][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.583010][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.600151][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.607920][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.617433][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.624877][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.650925][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.658267][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.687864][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.695111][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.723421][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.731042][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.812427][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.881828][ T5785] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.913957][ T3441] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.921217][ T3441] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.948066][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.955330][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.971315][ T5796] Bluetooth: hci3: command tx timeout [ 91.053981][ T5796] Bluetooth: hci1: command tx timeout [ 91.061222][ T5103] Bluetooth: hci0: command tx timeout [ 91.066697][ T5103] Bluetooth: hci2: command tx timeout [ 91.147206][ T5785] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.381744][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.507000][ T5791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.589780][ T5790] veth0_vlan: entered promiscuous mode [ 91.620266][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.635588][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.663192][ T5790] veth1_vlan: entered promiscuous mode [ 91.682683][ T5791] veth0_vlan: entered promiscuous mode [ 91.747585][ T5791] veth1_vlan: entered promiscuous mode [ 91.785509][ T5789] veth0_vlan: entered promiscuous mode [ 91.803133][ T5785] veth0_vlan: entered promiscuous mode [ 91.812532][ T5790] veth0_macvtap: entered promiscuous mode [ 91.824621][ T5790] veth1_macvtap: entered promiscuous mode [ 91.846256][ T5785] veth1_vlan: entered promiscuous mode [ 91.872707][ T5789] veth1_vlan: entered promiscuous mode [ 91.901584][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.916324][ T5791] veth0_macvtap: entered promiscuous mode [ 91.927653][ T5791] veth1_macvtap: entered promiscuous mode [ 91.952294][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.964031][ T5790] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.973565][ T5790] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.983997][ T5790] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.994876][ T5790] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.051109][ T5785] veth0_macvtap: entered promiscuous mode [ 92.066758][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.078473][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.091855][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.103128][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.113871][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.125426][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.136413][ T5785] veth1_macvtap: entered promiscuous mode [ 92.164391][ T5791] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.175760][ T5791] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.185119][ T5791] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.194231][ T5791] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.212004][ T5789] veth0_macvtap: entered promiscuous mode [ 92.249625][ T5789] veth1_macvtap: entered promiscuous mode [ 92.263429][ T8] cfg80211: failed to load regulatory.db [ 92.336156][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.361325][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.371261][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.381782][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.393364][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.404983][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.418615][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.428794][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.439815][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.452224][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.465739][ T5785] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.476180][ T5785] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.485321][ T5785] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.494698][ T5785] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.531481][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.555442][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.564926][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.579539][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.590113][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.601040][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.611937][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.622725][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.633983][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.675701][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.686951][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.687028][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.704833][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.707595][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.723452][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.733666][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.744694][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.756103][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.799021][ T5789] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.810051][ T5789] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.819058][ T5789] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.827801][ T5789] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.877470][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.896943][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.997316][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.007410][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.047239][ T1321] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.064023][ T5103] Bluetooth: hci3: command tx timeout [ 93.099788][ T1321] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.128733][ T5103] Bluetooth: hci2: command tx timeout [ 93.128957][ T5796] Bluetooth: hci1: command tx timeout [ 93.134236][ T5794] Bluetooth: hci0: command tx timeout [ 93.292824][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.338201][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.379361][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.427911][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.522090][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.549299][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.689990][ T5891] Illegal XDP return value 506908713 on prog (id 3) dev syz_tun, expect packet loss! [ 95.128478][ T5103] Bluetooth: hci3: command tx timeout [ 95.209331][ T5794] Bluetooth: hci2: command tx timeout [ 95.215045][ T5794] Bluetooth: hci0: command tx timeout [ 95.221004][ T5103] Bluetooth: hci1: command tx timeout [ 95.237380][ T5903] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 95.820354][ T5897] sched: RT throttling activated [ 96.487603][ T5906] tipc: Started in network mode [ 96.578306][ T5906] tipc: Node identity 4, cluster identity 4711 [ 96.620773][ T5906] tipc: Node number set to 4 [ 97.958626][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 98.233988][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 98.745980][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 98.757657][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 98.813265][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 98.848467][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 99.026821][ T5933] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 99.618812][ T5939] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 100.622112][ T5939] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 100.654031][ T5945] netlink: 24 bytes leftover after parsing attributes in process `syz.3.21'. [ 101.176113][ T5958] syz.1.13[5958]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 102.491664][ T5977] Bluetooth: MGMT ver 1.22 [ 102.501113][ T5977] Bluetooth: hci0: invalid length 0, exp 2 for type 8 [ 102.508345][ T28] audit: type=1326 audit(1764051204.155:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.1.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 102.585391][ T28] audit: type=1326 audit(1764051204.185:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.1.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 102.885603][ T5975] loop1: detected capacity change from 0 to 2048 [ 103.046765][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 103.141193][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.150736][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 103.252380][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 103.753540][ T5975] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 104.130387][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 105.661882][ T6010] process 'syz.2.38' launched '/dev/fd/8' with NULL argv: empty string added [ 109.443583][ T6040] netlink: 'syz.3.46': attribute type 10 has an invalid length. [ 109.469388][ T6040] netlink: 40 bytes leftover after parsing attributes in process `syz.3.46'. [ 109.632445][ T6040] team0: Port device geneve0 added [ 109.909032][ T6048] binder_alloc: 6047: binder_alloc_buf, no vma [ 110.062114][ T6053] loop3: detected capacity change from 0 to 8192 [ 110.094795][ T6053] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.134650][ T6053] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 110.308374][ T6053] REISERFS (device loop3): using journaled data mode [ 110.483801][ T6053] reiserfs: using flush barriers [ 110.945340][ T6053] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 111.029132][ T6053] REISERFS (device loop3): checking transaction log (loop3) [ 111.137973][ T6053] REISERFS (device loop3): Using r5 hash to sort names [ 111.180466][ T6053] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 111.234041][ T6053] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 111.969178][ T5862] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 112.173949][ T5862] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 112.196235][ T5862] usb 2-1: config 0 has no interfaces? [ 112.206396][ T5862] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 112.225744][ T5862] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.266311][ T5862] usb 2-1: config 0 descriptor?? [ 113.879506][ T6075] kvm: pic: non byte write [ 113.914615][ T5861] usb 2-1: USB disconnect, device number 2 [ 116.262328][ T6113] loop0: detected capacity change from 0 to 32768 [ 116.281424][ T6113] ======================================================= [ 116.281424][ T6113] WARNING: The mand mount option has been deprecated and [ 116.281424][ T6113] and is ignored by this kernel. Remove the mand [ 116.281424][ T6113] option from the mount to silence this warning. [ 116.281424][ T6113] ======================================================= [ 117.152098][ T6113] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode. [ 117.387919][ T28] audit: type=1800 audit(1764051219.035:4): pid=6113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.66" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 117.511744][ T6134] loop3: detected capacity change from 0 to 128 [ 117.523342][ T28] audit: type=1800 audit(1764051219.175:5): pid=6113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.66" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 117.684695][ T6134] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 117.737051][ T5791] ocfs2: Unmounting device (7,0) on (node local) [ 117.781176][ T6134] ext4 filesystem being mounted at /16/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 119.973242][ T6153] xt_cgroup: invalid path, errno=-2 [ 120.550759][ T5790] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 121.021822][ T28] audit: type=1804 audit(1764051222.675:6): pid=6157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.74" name="/newroot/17/file1" dev="fuse" ino=1 res=1 errno=0 [ 121.118256][ T28] audit: type=1800 audit(1764051222.705:7): pid=6157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.74" name="/" dev="fuse" ino=1 res=0 errno=0 [ 121.152737][ T28] audit: type=1800 audit(1764051222.705:8): pid=6157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.74" name="/" dev="fuse" ino=1 res=0 errno=0 [ 123.055115][ T5777] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 123.248418][ T5777] usb 4-1: Using ep0 maxpacket: 16 [ 123.356115][ T5777] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 123.555814][ T5777] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.731905][ T5777] usb 4-1: Product: syz [ 123.755836][ T5777] usb 4-1: Manufacturer: syz [ 123.776068][ T5777] usb 4-1: SerialNumber: syz [ 123.807714][ T5777] usb 4-1: config 0 descriptor?? [ 124.229657][ T6183] loop2: detected capacity change from 0 to 8192 [ 124.269409][ T5777] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 124.349253][ T5777] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 124.383524][ T5777] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 124.399311][ T5777] usb 4-1: media controller created [ 124.481220][ T6170] Cannot find add_set index 0 as target [ 124.578615][ T5777] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 125.205776][ T5777] zl10353_read_register: readreg error (reg=127, ret==0) [ 125.248326][ T5777] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 125.265003][ T5777] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 125.338504][ T5777] usb 4-1: USB disconnect, device number 2 [ 125.519421][ T5777] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 126.793019][ T6205] capability: warning: `syz.0.88' uses deprecated v2 capabilities in a way that may be insecure [ 128.340441][ T6215] netlink: 'syz.1.93': attribute type 1 has an invalid length. [ 130.893277][ T6235] GUP no longer grows the stack in syz.0.98 (6235): 200000004000-200000008000 (200000002000) [ 130.905370][ T6235] CPU: 1 PID: 6235 Comm: syz.0.98 Not tainted syzkaller #0 [ 130.912633][ T6235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 130.922834][ T6235] Call Trace: [ 130.926239][ T6235] [ 130.929225][ T6235] dump_stack_lvl+0x16c/0x230 [ 130.933974][ T6235] ? show_regs_print_info+0x20/0x20 [ 130.939232][ T6235] ? load_image+0x3b0/0x3b0 [ 130.943765][ T6235] ? find_vma+0x12e/0x1b0 [ 130.948142][ T6235] __get_user_pages+0xfb9/0x1470 [ 130.953119][ T6235] ? populate_vma_page_range+0x370/0x370 [ 130.958787][ T6235] get_user_pages_remote+0x3de/0xc10 [ 130.964201][ T6235] ? get_dump_page+0x200/0x200 [ 130.968997][ T6235] __access_remote_vm+0x1ff/0x570 [ 130.974040][ T6235] ? generic_access_phys+0x650/0x650 [ 130.979432][ T6235] ? alloc_pages+0x4dc/0x740 [ 130.984050][ T6235] ? do_raw_spin_unlock+0x121/0x230 [ 130.989364][ T6235] proc_pid_cmdline_read+0x551/0x830 [ 130.994688][ T6235] ? _raw_spin_unlock+0x40/0x40 [ 130.999563][ T6235] ? comm_show+0x150/0x150 [ 131.004002][ T6235] ? common_file_perm+0xa0/0x1f0 [ 131.008966][ T6235] ? fsnotify_perm+0x271/0x5e0 [ 131.013758][ T6235] do_iter_read+0x506/0xc80 [ 131.018294][ T6235] ? comm_show+0x150/0x150 [ 131.022735][ T6235] ? vfs_iter_read+0xa0/0xa0 [ 131.027351][ T6235] ? __import_iovec+0x5f2/0x860 [ 131.032417][ T6235] ? import_iovec+0x73/0xa0 [ 131.036962][ T6235] do_preadv+0x1fa/0x330 [ 131.041236][ T6235] ? do_writev+0x410/0x410 [ 131.045844][ T6235] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 131.051887][ T6235] ? lock_chain_count+0x20/0x20 [ 131.056933][ T6235] ? lockdep_hardirqs_on+0x98/0x150 [ 131.062175][ T6235] do_syscall_64+0x55/0xb0 [ 131.066655][ T6235] ? clear_bhb_loop+0x40/0x90 [ 131.071367][ T6235] ? clear_bhb_loop+0x40/0x90 [ 131.076161][ T6235] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 131.082101][ T6235] RIP: 0033:0x7fe529b8f749 [ 131.086552][ T6235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.106304][ T6235] RSP: 002b:00007fe52aa24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 131.114760][ T6235] RAX: ffffffffffffffda RBX: 00007fe529de5fa0 RCX: 00007fe529b8f749 [ 131.122868][ T6235] RDX: 0000000000000001 RSI: 0000200000000d00 RDI: 0000000000000006 [ 131.130871][ T6235] RBP: 00007fe529c13f91 R08: 0000000000000200 R09: 0000000000000000 [ 131.138966][ T6235] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 131.147005][ T6235] R13: 00007fe529de6038 R14: 00007fe529de5fa0 R15: 00007ffc62c10768 [ 131.155108][ T6235] [ 133.238986][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.253439][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.984876][ T6256] loop0: detected capacity change from 0 to 512 [ 134.043331][ T6256] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 134.560070][ T6265] syzkaller0: entered promiscuous mode [ 134.565676][ T6265] syzkaller0: entered allmulticast mode [ 134.983348][ T6278] loop2: detected capacity change from 0 to 128 [ 135.741644][ T6278] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 135.908344][ T6278] ext4 filesystem being mounted at /32/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 135.999635][ T6285] netlink: 'syz.0.122': attribute type 10 has an invalid length. [ 136.072646][ T6285] 8021q: adding VLAN 0 to HW filter on device team0 [ 136.111160][ T6285] bond0: (slave team0): Enslaving as an active interface with an up link [ 136.129193][ T6292] netlink: 'syz.0.122': attribute type 10 has an invalid length. [ 136.174406][ T6292] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 136.216897][ T6289] netlink: 20 bytes leftover after parsing attributes in process `syz.1.115'. [ 136.305273][ T6285] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 136.379938][ T6285] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 136.418976][ T6297] netlink: 4 bytes leftover after parsing attributes in process `syz.3.116'. [ 136.530119][ T6299] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 136.592794][ T6299] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 136.600621][ T6299] IPv6: NLM_F_CREATE should be set when creating new route [ 136.678690][ T6299] lo: entered allmulticast mode [ 136.770695][ T6303] loop0: detected capacity change from 0 to 128 [ 136.770714][ T6299] tunl0: entered allmulticast mode [ 136.787497][ T6303] FAT-fs (loop0): bogus number of FAT sectors [ 136.798412][ T6303] FAT-fs (loop0): Can't find a valid FAT filesystem [ 136.885656][ T6299] gre0: entered allmulticast mode [ 136.933481][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 137.068809][ T6299] gretap0: entered allmulticast mode [ 137.124329][ T6299] erspan0: entered allmulticast mode [ 137.243306][ T6299] ip_vti0: entered allmulticast mode [ 137.294734][ T6299] ip6_vti0: entered allmulticast mode [ 137.361723][ T6310] loop2: detected capacity change from 0 to 256 [ 137.370280][ T6299] sit0: entered allmulticast mode [ 137.422724][ T6310] FAT-fs (loop2): Directory bread(block 64) failed [ 137.440835][ T6310] FAT-fs (loop2): Directory bread(block 65) failed [ 137.471581][ T6310] FAT-fs (loop2): Directory bread(block 66) failed [ 137.499522][ T6310] FAT-fs (loop2): Directory bread(block 67) failed [ 137.526926][ T6310] FAT-fs (loop2): Directory bread(block 68) failed [ 137.547498][ T6299] ip6tnl0: entered allmulticast mode [ 137.553696][ T6310] FAT-fs (loop2): Directory bread(block 69) failed [ 137.578657][ T6310] FAT-fs (loop2): Directory bread(block 70) failed [ 137.604417][ T6310] FAT-fs (loop2): Directory bread(block 71) failed [ 137.627548][ T6310] FAT-fs (loop2): Directory bread(block 72) failed [ 137.649774][ T6310] FAT-fs (loop2): Directory bread(block 73) failed [ 137.663398][ T6299] ip6gre0: entered allmulticast mode [ 137.752245][ T6299] syz_tun: entered allmulticast mode [ 137.881387][ T6299] ip6gretap0: entered allmulticast mode [ 137.971208][ T6299] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.980959][ T6299] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.013924][ T6299] bridge0: entered allmulticast mode [ 138.558043][ T6299] vcan0: entered allmulticast mode [ 138.613161][ T6299] bond0: entered allmulticast mode [ 138.647718][ T6299] bond_slave_0: entered allmulticast mode [ 138.674861][ T6299] bond_slave_1: entered allmulticast mode [ 138.827980][ T6299] team0: entered allmulticast mode [ 139.024169][ T6299] team_slave_0: entered allmulticast mode [ 139.148753][ T6299] team_slave_1: entered allmulticast mode [ 139.346503][ T6299] dummy0: entered allmulticast mode [ 139.789443][ T6299] nlmon0: entered allmulticast mode [ 139.826202][ T6299] caif0: entered allmulticast mode [ 139.947454][ T6299] batadv0: entered allmulticast mode [ 140.039913][ T6299] vxcan0: entered allmulticast mode [ 140.117943][ T6299] vxcan1: entered allmulticast mode [ 140.152611][ T6299] veth0: entered allmulticast mode [ 140.225817][ T6299] veth1: entered allmulticast mode [ 140.272791][ T6299] wg0: entered allmulticast mode [ 140.354979][ T6299] wg1: entered allmulticast mode [ 140.425208][ T6299] wg2: entered allmulticast mode [ 140.466684][ T6299] veth0_to_bridge: entered allmulticast mode [ 140.535711][ T6299] veth1_to_bridge: entered allmulticast mode [ 140.814318][ T6299] veth0_to_bond: entered allmulticast mode [ 141.012006][ T6299] veth1_to_bond: entered allmulticast mode [ 141.217458][ T6299] veth0_to_team: entered allmulticast mode [ 141.443919][ T6299] veth1_to_team: entered allmulticast mode [ 141.480277][ T6299] veth0_to_batadv: entered allmulticast mode [ 141.526332][ T6299] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.536468][ T6299] batadv_slave_0: entered allmulticast mode [ 141.559338][ T6299] veth1_to_batadv: entered allmulticast mode [ 141.586880][ T6299] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.595359][ T6299] batadv_slave_1: entered allmulticast mode [ 141.621130][ T6299] xfrm0: entered allmulticast mode [ 141.637354][ T6299] veth0_to_hsr: entered allmulticast mode [ 141.659403][ T6299] hsr_slave_0: entered allmulticast mode [ 141.671101][ T6299] veth1_to_hsr: entered allmulticast mode [ 141.683835][ T6299] hsr_slave_1: entered allmulticast mode [ 141.697849][ T6299] hsr0: entered allmulticast mode [ 141.717218][ T6299] veth1_virt_wifi: entered allmulticast mode [ 141.735947][ T6299] veth0_virt_wifi: entered allmulticast mode [ 141.752019][ T6299] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 141.770416][ T6299] veth1_vlan: entered allmulticast mode [ 141.784747][ T6299] veth0_vlan: entered allmulticast mode [ 141.832695][ T6299] vlan0: entered allmulticast mode [ 141.838625][ T6299] vlan1: entered allmulticast mode [ 141.845750][ T6299] macvlan0: entered allmulticast mode [ 141.866024][ T6299] macvlan1: entered allmulticast mode [ 141.876555][ T6299] ipvlan0: entered allmulticast mode [ 141.888854][ T6299] ipvlan1: entered allmulticast mode [ 141.895499][ T6299] veth1_macvtap: entered allmulticast mode [ 141.923401][ T6299] veth0_macvtap: entered allmulticast mode [ 141.941621][ T6299] macvtap0: entered allmulticast mode [ 141.955387][ T6299] macsec0: entered allmulticast mode [ 141.977338][ T6299] geneve0: entered allmulticast mode [ 141.993971][ T6299] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.006362][ T6299] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.016507][ T6299] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.027046][ T6299] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.037213][ T6299] geneve1: entered allmulticast mode [ 142.050617][ T6299] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 142.095203][ T6299] netdevsim netdevsim1 netdevsim1: entered allmulticast mode [ 142.107858][ T6299] netdevsim netdevsim1 netdevsim2: entered allmulticast mode [ 142.119216][ T6299] netdevsim netdevsim1 netdevsim3: entered allmulticast mode [ 142.154391][ T6299] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode [ 142.174673][ T6299] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 142.221054][ T6328] netlink: 4 bytes leftover after parsing attributes in process `syz.0.126'. [ 142.372766][ T6359] netlink: 96 bytes leftover after parsing attributes in process `syz.1.129'. [ 143.235991][ T6371] loop0: detected capacity change from 0 to 128 [ 143.465091][ T6374] netlink: 24 bytes leftover after parsing attributes in process `syz.3.133'. [ 143.585172][ T6371] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 143.671408][ T6371] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 144.868034][ T6386] netlink: 12 bytes leftover after parsing attributes in process `syz.2.136'. [ 144.935335][ T5791] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 145.616033][ T6396] xt_CT: You must specify a L4 protocol and not use inversions on it [ 147.840592][ T6422] netlink: 'syz.2.148': attribute type 1 has an invalid length. [ 148.184753][ T6425] ip6gre1: entered promiscuous mode [ 148.224489][ T6425] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 148.257967][ T6425] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 148.364020][ T6425] bond1: (slave ip6gre1): making interface the new active one [ 148.384063][ T6425] bond1: (slave ip6gre1): Enslaving as an active interface with an up link [ 148.466287][ T6426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.148'. [ 151.787081][ T6485] loop2: detected capacity change from 0 to 2048 [ 151.829083][ T6485] UDF-fs: warning (device loop2): udf_fill_super: No partition found (2) [ 153.069674][ T6499] netlink: 16 bytes leftover after parsing attributes in process `syz.0.170'. [ 153.395199][ T6501] bridge_slave_0: left allmulticast mode [ 153.401183][ T6501] bridge_slave_0: left promiscuous mode [ 153.407786][ T6501] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.441878][ T6501] bridge_slave_1: left allmulticast mode [ 153.448642][ T6501] bridge_slave_1: left promiscuous mode [ 153.454439][ T6501] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.500418][ T6501] bond0: (slave bond_slave_0): Releasing backup interface [ 153.569161][ T6501] bond0: (slave bond_slave_1): Releasing backup interface [ 153.676743][ T6501] team0: Port device team_slave_0 removed [ 153.742843][ T6501] team0: Port device team_slave_1 removed [ 153.796662][ T6501] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 153.814699][ T6501] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 153.843706][ T6501] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 153.862763][ T6501] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 153.922138][ T6501] bond1: (slave ip6gre1): Releasing backup interface [ 154.095252][ T6505] team0: Mode changed to "loadbalance" [ 154.131379][ T6506] netlink: 24 bytes leftover after parsing attributes in process `syz.0.172'. [ 154.292594][ T6508] vlan0: entered promiscuous mode [ 154.367107][ T6508] team0: Port device vlan0 added [ 154.683957][ T6516] loop3: detected capacity change from 0 to 1024 [ 154.709760][ T6516] EXT4-fs: Ignoring removed bh option [ 154.789910][ T6516] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 154.907425][ T6516] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.671023][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.919818][ T6544] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.095917][ T6544] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.881315][ T6544] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.126727][ T6544] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.585177][ T6544] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.702468][ T6544] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.775999][ T6544] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.811315][ T6544] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.304212][ T6576] 9pnet_fd: Insufficient options for proto=fd [ 162.809014][ T6578] netlink: 4 bytes leftover after parsing attributes in process `syz.3.191'. [ 164.930364][ T6624] netlink: 4 bytes leftover after parsing attributes in process `syz.3.204'. [ 164.946395][ T6624] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 165.099152][ T6624] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 165.295145][ T6650] netlink: 12 bytes leftover after parsing attributes in process `syz.0.206'. [ 165.386775][ T6650] netlink: 'syz.0.206': attribute type 5 has an invalid length. [ 165.412784][ T6650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.206'. [ 167.483298][ T28] audit: type=1326 audit(1764051269.135:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff52778f749 code=0x7fc00000 [ 167.595403][ T28] audit: type=1326 audit(1764051269.165:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff52778f749 code=0x7fc00000 [ 167.693523][ T28] audit: type=1326 audit(1764051269.175:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff52778f749 code=0x7fc00000 [ 167.774973][ T6673] netlink: 12 bytes leftover after parsing attributes in process `syz.1.214'. [ 167.915343][ T6677] veth1: entered promiscuous mode [ 167.922028][ T6677] bridge1: entered promiscuous mode [ 167.929737][ T6677] hsr1: Slave A (veth1) is not up; please bring it up to get a fully working HSR network [ 167.940042][ T6677] hsr1: entered promiscuous mode [ 167.959609][ T6678] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 168.237628][ T6687] netlink: 'syz.2.219': attribute type 4 has an invalid length. [ 169.500413][ T6699] netlink: 'syz.1.222': attribute type 1 has an invalid length. [ 169.657889][ T6703] ip6gre1: entered promiscuous mode [ 169.678255][ T6703] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 169.689222][ T6703] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 169.702096][ T6703] bond1: (slave ip6gre1): making interface the new active one [ 169.712526][ T6703] bond1: (slave ip6gre1): Enslaving as an active interface with an up link [ 169.830992][ T6699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.222'. [ 169.863485][ T6699] bond1 (unregistering): (slave ip6gre1): Releasing backup interface [ 169.893885][ T6699] bond1 (unregistering): Released all slaves [ 171.916847][ T6737] kvm: emulating exchange as write [ 172.022384][ T6744] netlink: 'syz.0.236': attribute type 1 has an invalid length. [ 172.096533][ T6746] ip6gre1: entered promiscuous mode [ 172.110690][ T6746] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 172.137707][ T6746] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 172.174403][ T6746] bond1: (slave ip6gre1): making interface the new active one [ 172.190082][ T6746] bond1: (slave ip6gre1): Enslaving as an active interface with an up link [ 172.294435][ T6744] netlink: 4 bytes leftover after parsing attributes in process `syz.0.236'. [ 172.312898][ T6744] bond1 (unregistering): (slave ip6gre1): Releasing backup interface [ 172.345053][ T6744] bond1 (unregistering): Released all slaves [ 172.399636][ T6752] xt_socket: unknown flags 0x4c [ 174.292538][ T6762] loop2: detected capacity change from 0 to 16 [ 174.338198][ T6762] erofs: (device loop2): mounted with root inode @ nid 36. [ 174.561505][ T6771] netlink: 12 bytes leftover after parsing attributes in process `syz.2.244'. [ 174.603877][ T6771] 8021q: adding VLAN 0 to HW filter on device bond2 [ 174.652567][ T6771] macvlan2: entered promiscuous mode [ 174.657947][ T6771] macvlan2: entered allmulticast mode [ 174.726267][ T6771] bond2: (slave gtp0): refused to change device type [ 175.200289][ T6784] netlink: 'syz.0.247': attribute type 1 has an invalid length. [ 175.288359][ T6349] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 175.297537][ T6784] bond1: (slave gretap1): making interface the new active one [ 175.334739][ T6784] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 175.425569][ T6784] vlan2: entered allmulticast mode [ 175.431169][ T6784] bond1: entered allmulticast mode [ 175.436449][ T6784] gretap1: entered allmulticast mode [ 175.446470][ T6784] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 175.480060][ T6349] usb 3-1: Using ep0 maxpacket: 16 [ 175.507518][ T6349] usb 3-1: config 0 has no interfaces? [ 175.516806][ T6349] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 175.535115][ T6349] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.551614][ T6349] usb 3-1: Product: syz [ 175.556035][ T6349] usb 3-1: Manufacturer: syz [ 175.561213][ T6349] usb 3-1: SerialNumber: syz [ 175.572214][ T6349] usb 3-1: config 0 descriptor?? [ 176.114143][ T6796] syzkaller0: entered promiscuous mode [ 176.144344][ T6796] syzkaller0: entered allmulticast mode [ 176.213898][ T1922] usb 3-1: USB disconnect, device number 2 [ 176.866869][ T6809] netlink: 12 bytes leftover after parsing attributes in process `syz.3.253'. [ 179.359235][ T6836] netlink: 32 bytes leftover after parsing attributes in process `syz.2.263'. [ 179.515341][ T6837] netlink: 32 bytes leftover after parsing attributes in process `syz.2.263'. [ 179.540363][ T6837] Zero length message leads to an empty skb [ 179.885666][ T6845] netlink: 'syz.1.267': attribute type 4 has an invalid length. [ 181.328267][ T6337] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 181.518242][ T6337] usb 4-1: Using ep0 maxpacket: 32 [ 181.534493][ T6337] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 181.548417][ T6337] usb 4-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 181.564763][ T6337] usb 4-1: config 0 interface 0 has no altsetting 0 [ 181.573027][ T6337] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 181.582637][ T6337] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.604788][ T6337] usb 4-1: config 0 descriptor?? [ 181.967291][ T6884] loop0: detected capacity change from 0 to 256 [ 182.049195][ T6884] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdd33351c, utbl_chksum : 0xe619d30d) [ 182.254618][ T6337] usbhid 4-1:0.0: can't add hid device: -71 [ 182.290537][ T6337] usbhid: probe of 4-1:0.0 failed with error -71 [ 182.327717][ T6337] usb 4-1: USB disconnect, device number 3 [ 183.249281][ T6893] xt_socket: unknown flags 0x4c [ 186.431804][ T6917] netlink: 32 bytes leftover after parsing attributes in process `syz.3.284'. [ 186.963973][ T6926] netlink: 'syz.3.287': attribute type 1 has an invalid length. [ 187.234288][ T6928] ip6gre1: entered promiscuous mode [ 187.294105][ T6928] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 187.348341][ T6928] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 187.403363][ T6928] bond1: (slave ip6gre1): making interface the new active one [ 187.439455][ T6928] bond1: (slave ip6gre1): Enslaving as an active interface with an up link [ 187.522539][ T6930] netlink: 4 bytes leftover after parsing attributes in process `syz.3.287'. [ 187.570100][ T6930] bond1 (unregistering): (slave ip6gre1): Releasing backup interface [ 187.646196][ T6930] bond1 (unregistering): Released all slaves [ 187.737879][ T6933] wireguard0: entered promiscuous mode [ 187.756892][ T6933] wireguard0: entered allmulticast mode [ 188.273752][ T6938] loop2: detected capacity change from 0 to 512 [ 188.291061][ T6938] FAT-fs (loop2): bogus number of FAT sectors [ 188.312080][ T6938] FAT-fs (loop2): Can't find a valid FAT filesystem [ 188.548308][ T6349] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 188.788186][ T6349] usb 1-1: Using ep0 maxpacket: 32 [ 188.797224][ T6349] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.807499][ T6349] usb 1-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 188.835886][ T6349] usb 1-1: config 0 interface 0 has no altsetting 0 [ 188.852981][ T6349] usb 1-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 188.875402][ T6349] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.908552][ T6349] usb 1-1: config 0 descriptor?? [ 189.540905][ T6349] usbhid 1-1:0.0: can't add hid device: -71 [ 189.547724][ T6349] usbhid: probe of 1-1:0.0 failed with error -71 [ 189.558469][ T6349] usb 1-1: USB disconnect, device number 2 [ 190.044789][ T6964] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 190.071235][ T6964] CIFS mount error: No usable UNC path provided in device string! [ 190.071235][ T6964] [ 190.081653][ T6964] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 190.869630][ T6968] netlink: 'syz.0.298': attribute type 1 has an invalid length. [ 191.352811][ T6968] netlink: 4 bytes leftover after parsing attributes in process `syz.0.298'. [ 191.364418][ T6968] bond2 (unregistering): Released all slaves [ 192.150675][ T6978] loop2: detected capacity change from 0 to 128 [ 192.249708][ T6978] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 192.510808][ T6978] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 193.405507][ T28] audit: type=1326 audit(1764051295.055:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 193.467051][ T28] audit: type=1326 audit(1764051295.085:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 193.507002][ T28] audit: type=1326 audit(1764051295.085:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 193.510812][ T12] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 193.555141][ T28] audit: type=1326 audit(1764051295.085:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 193.632493][ T28] audit: type=1326 audit(1764051295.085:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 193.660227][ T28] audit: type=1326 audit(1764051295.085:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 193.692957][ T28] audit: type=1326 audit(1764051295.085:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 193.722348][ T28] audit: type=1326 audit(1764051295.085:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 193.746568][ T28] audit: type=1326 audit(1764051295.085:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 194.668832][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.675664][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.430010][ T7025] netlink: 'syz.2.316': attribute type 12 has an invalid length. [ 197.721610][ T7051] openvswitch: netlink: Message has 4 unknown bytes. [ 197.978336][ T6337] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 198.438332][ T6337] usb 1-1: Using ep0 maxpacket: 32 [ 198.455742][ T6337] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 198.475679][ T6337] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 198.486424][ T6337] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 198.503494][ T6337] usb 1-1: Product: syz [ 198.507982][ T6337] usb 1-1: Manufacturer: syz [ 198.521353][ T6337] usb 1-1: SerialNumber: syz [ 198.547540][ T6337] usb 1-1: config 0 descriptor?? [ 198.560543][ T7045] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 198.577394][ T6337] hub 1-1:0.0: bad descriptor, ignoring hub [ 198.602624][ T6337] hub: probe of 1-1:0.0 failed with error -5 [ 199.998270][ T7069] netlink: 'syz.1.331': attribute type 12 has an invalid length. [ 200.058982][ T8] usb 1-1: USB disconnect, device number 3 [ 208.138547][ T7124] xt_bpf: check failed: parse error [ 209.691100][ T7137] loop2: detected capacity change from 0 to 64 [ 210.298911][ T7150] Cannot find map_set index 0 as target [ 211.118556][ T7157] loop2: detected capacity change from 0 to 512 [ 211.323533][ T7157] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.359: bg 0: block 248: padding at end of block bitmap is not set [ 211.346582][ T7157] Quota error (device loop2): write_blk: dquota write failed [ 211.354800][ T7157] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 211.365067][ T7157] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.359: Failed to acquire dquot type 1 [ 211.386489][ T7157] EXT4-fs (loop2): 1 truncate cleaned up [ 211.393761][ T7157] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 211.406738][ T7157] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 212.728209][ T5796] Bluetooth: hci3: command 0x0406 tx timeout [ 212.734318][ T5796] Bluetooth: hci2: command 0x0406 tx timeout [ 212.740541][ T5794] Bluetooth: hci1: command 0x0406 tx timeout [ 212.746593][ T5794] Bluetooth: hci0: command 0x0406 tx timeout [ 213.113117][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.593902][ T7176] hugetlbfs: syz.2.363 (7176): Using mlock ulimits for SHM_HUGETLB is obsolete [ 214.601630][ T7191] loop2: detected capacity change from 0 to 2048 [ 215.091028][ T7191] UDF-fs: warning (device loop2): udf_fill_super: No partition found (2) [ 216.753032][ T7197] loop0: detected capacity change from 0 to 128 [ 217.104968][ T7197] FAT-fs (loop0): bogus number of FAT sectors [ 217.127479][ T7199] lo speed is unknown, defaulting to 1000 [ 217.134529][ T7197] FAT-fs (loop0): Can't find a valid FAT filesystem [ 217.137327][ T7199] lo speed is unknown, defaulting to 1000 [ 217.148421][ T7199] lo speed is unknown, defaulting to 1000 [ 217.194792][ T6114] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 217.226361][ T7197] netlink: 20 bytes leftover after parsing attributes in process `syz.0.370'. [ 217.237286][ T7199] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 217.286402][ T7197] netlink: 16 bytes leftover after parsing attributes in process `syz.0.370'. [ 217.363577][ T28] audit: type=1804 audit(1764051319.005:21): pid=7206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.373" name="bus" dev="ramfs" ino=10993 res=1 errno=0 [ 217.474606][ T7199] lo speed is unknown, defaulting to 1000 [ 217.492191][ T28] audit: type=1804 audit(1764051319.045:22): pid=7206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.373" name="bus" dev="ramfs" ino=10993 res=1 errno=0 [ 217.534991][ T7199] lo speed is unknown, defaulting to 1000 [ 217.571879][ T7199] lo speed is unknown, defaulting to 1000 [ 217.600797][ T7199] lo speed is unknown, defaulting to 1000 [ 218.266636][ T7226] netlink: 'syz.1.377': attribute type 3 has an invalid length. [ 218.277752][ T7226] netlink: 'syz.1.377': attribute type 3 has an invalid length. [ 218.596065][ T7235] sch_fq: defrate 0 ignored. [ 218.714512][ T7239] loop0: detected capacity change from 0 to 512 [ 218.733208][ T7239] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 218.756317][ T7239] EXT4-fs (loop0): external journal device major/minor numbers have changed [ 218.793540][ T5787] Bluetooth: hci3: unexpected event for opcode 0x203b [ 218.974156][ T7239] EXT4-fs (loop0): failed to open journal device unknown-block(0,8195) -6 [ 220.173461][ T7259] SET target dimension over the limit! [ 221.353534][ T7275] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 221.673803][ T7279] Invalid ELF header magic: != ELF [ 221.839851][ T7281] netlink: 44 bytes leftover after parsing attributes in process `syz.1.395'. [ 221.858136][ T7281] netlink: 8 bytes leftover after parsing attributes in process `syz.1.395'. [ 221.876760][ T7281] netlink: 16 bytes leftover after parsing attributes in process `syz.1.395'. [ 222.799336][ T7300] netlink: 132 bytes leftover after parsing attributes in process `syz.0.400'. [ 223.251657][ T5787] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 223.260696][ T5787] Bluetooth: hci3: Injecting HCI hardware error event [ 223.270493][ T5103] Bluetooth: hci3: hardware error 0x00 [ 225.089703][ T7321] tc_dump_action: action bad kind [ 225.144540][ T7311] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 225.152557][ T7321] loop2: detected capacity change from 0 to 256 [ 225.165590][ T7311] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 225.318665][ T5103] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 225.708711][ T7321] FAT-fs (loop2): IO charset cp8 not found [ 226.194237][ T7321] capability: warning: `syz.2.407' uses 32-bit capabilities (legacy support in use) [ 226.210140][ T7311] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 226.234777][ T7311] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 226.324954][ T7311] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 226.335145][ T7311] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 227.049384][ T5103] Bluetooth: hci0: command 0x0406 tx timeout [ 228.278424][ T5103] Bluetooth: hci2: command 0x0406 tx timeout [ 228.328170][ T5103] Bluetooth: hci1: command 0x0406 tx timeout [ 229.036359][ T5920] IPVS: starting estimator thread 0... [ 229.193815][ T7358] IPVS: using max 19 ests per chain, 45600 per kthread [ 229.221142][ T5103] Bluetooth: hci0: command 0x0406 tx timeout [ 229.924559][ T7363] siw: device registration error -23 [ 230.328297][ T5103] Bluetooth: hci2: command 0x0406 tx timeout [ 230.413858][ T5103] Bluetooth: hci1: command 0x0406 tx timeout [ 231.205053][ T7381] netlink: 9275 bytes leftover after parsing attributes in process `syz.3.426'. [ 232.371190][ T7392] comedi comedi3: 8255: I/O port conflict (0x40404f26,4) [ 232.379256][ T7392] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 232.385770][ T7392] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 232.392456][ T7392] comedi comedi3: 8255: I/O port conflict (0xf0000,4) [ 232.399459][ T7392] comedi comedi3: 8255: I/O port conflict (0xc,4) [ 232.405958][ T7392] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 232.412731][ T7392] comedi comedi3: 8255: I/O port conflict (0x5c95238c,4) [ 232.419931][ T7392] comedi comedi3: 8255: I/O port conflict (0xa,4) [ 232.426615][ T7392] comedi comedi3: 8255: I/O port conflict (0x3bf,4) [ 232.433784][ T7392] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 232.440336][ T7392] comedi comedi3: 8255: I/O port conflict (0x20000001,4) [ 232.447716][ T7392] comedi comedi3: 8255: I/O port conflict (0x400e1c8,4) [ 232.454918][ T7392] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 232.462841][ T7392] comedi comedi3: 8255: I/O port conflict (0x7,4) [ 232.470788][ T7392] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 232.477432][ T7392] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 232.484418][ T7392] comedi comedi3: 8255: I/O port conflict (0xb,4) [ 232.491084][ T7392] comedi comedi3: 8255: I/O port conflict (0x402,4) [ 232.618728][ T7396] xt_nat: multiple ranges no longer supported [ 234.524753][ T7436] tipc: Started in network mode [ 234.530944][ T7436] tipc: Node identity ac1414aa, cluster identity 4711 [ 234.540495][ T7436] tipc: Enabled bearer , priority 10 [ 234.572400][ T7436] tipc: Enabled bearer , priority 0 [ 235.661780][ T6341] tipc: Node number set to 2886997162 [ 237.596815][ T7481] Invalid ELF header magic: != ELF [ 237.647414][ T7481] loop0: detected capacity change from 0 to 1024 [ 237.722622][ T7481] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 238.371608][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.535804][ T5103] Bluetooth: hci0: unexpected subevent 0x1a length: 10 > 6 [ 240.705251][ T7523] netlink: 24 bytes leftover after parsing attributes in process `syz.0.467'. [ 240.847060][ T7525] netlink: 24 bytes leftover after parsing attributes in process `syz.1.468'. [ 242.494176][ T7549] lo speed is unknown, defaulting to 1000 [ 245.527582][ T7601] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 245.597340][ T28] audit: type=1804 audit(1764051603.246:23): pid=7604 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.491" name="bus" dev="ramfs" ino=13429 res=1 errno=0 [ 245.635534][ T28] audit: type=1804 audit(1764051603.266:24): pid=7604 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.491" name="bus" dev="ramfs" ino=13429 res=1 errno=0 [ 246.423860][ T7613] netlink: 8 bytes leftover after parsing attributes in process `syz.0.496'. [ 246.833022][ T7619] netlink: 8 bytes leftover after parsing attributes in process `syz.0.496'. [ 247.073353][ T7623] netlink: 'syz.3.499': attribute type 1 has an invalid length. [ 247.181807][ T7623] 8021q: adding VLAN 0 to HW filter on device bond1 [ 247.204056][ T7628] bond1: (slave gretap1): making interface the new active one [ 247.221814][ T7628] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 247.239798][ T28] audit: type=1326 audit(1764051604.886:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7624 comm="syz.2.500" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x0 [ 247.278356][ T7629] lo speed is unknown, defaulting to 1000 [ 247.341754][ T7628] syz.3.499 (7628) used greatest stack depth: 18536 bytes left [ 247.523964][ T7639] tipc: Failed to remove unknown binding: 66,1,1/2886997162:3445585638/3445585640 [ 247.546097][ T7639] tipc: Failed to remove unknown binding: 66,1,1/2886997162:3445585638/3445585640 [ 247.568180][ T7639] tipc: Failed to remove unknown binding: 66,1,1/2886997162:3445585638/3445585640 [ 247.644958][ T7645] tipc: Enabling of bearer rejected, failed to enable media [ 248.251209][ T28] audit: type=1804 audit(1764051605.906:26): pid=7661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.511" name="bus" dev="ramfs" ino=13506 res=1 errno=0 [ 248.302064][ T28] audit: type=1804 audit(1764051605.936:27): pid=7661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.511" name="bus" dev="ramfs" ino=13506 res=1 errno=0 [ 248.808093][ T7671] openvswitch: netlink: Key 22 has unexpected len 2 expected 4 [ 252.108883][ T7696] netlink: 12 bytes leftover after parsing attributes in process `syz.3.520'. [ 252.249785][ T7701] gre1: entered promiscuous mode [ 252.308741][ T7701] bond2: (slave gre1): The slave device specified does not support setting the MAC address [ 252.360577][ T7701] bond2: (slave gre1): Error -95 calling set_mac_address [ 252.404641][ T7703] gtp0: entered promiscuous mode [ 252.432150][ T7696] macvlan2: entered promiscuous mode [ 252.459347][ T7696] macvlan2: entered allmulticast mode [ 252.475833][ T7696] bond2: (slave macvlan2): Error -99 calling set_mac_address [ 252.864586][ T7706] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.523'. [ 252.923494][ T7708] tipc: Started in network mode [ 252.933455][ T7708] tipc: Node identity 4, cluster identity 4711 [ 252.940921][ T7708] tipc: Node number set to 4 [ 253.235352][ T7712] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.573929][ T7712] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.715071][ T7712] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 256.052589][ T7712] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 256.101584][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.112959][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.978739][ T7712] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.005949][ T6341] IPVS: starting estimator thread 0... [ 257.015794][ T7741] loop0: detected capacity change from 0 to 512 [ 257.062016][ T7741] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 257.073103][ T7712] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.120650][ T7712] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.123260][ T7745] IPVS: using max 26 ests per chain, 62400 per kthread [ 257.144054][ T7712] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.191851][ T7741] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm syz.0.535: bg 0: block 104: invalid block bitmap [ 257.213203][ T7741] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 257.220886][ T7750] bridge_slave_0: left promiscuous mode [ 257.240008][ T7741] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.535: invalid indirect mapped block 1 (level 1) [ 257.264390][ T7750] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.284068][ T7741] EXT4-fs (loop0): 1 truncate cleaned up [ 257.301231][ T7741] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.314649][ T7750] bridge_slave_1: left promiscuous mode [ 257.335672][ T7750] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.378904][ T7750] bond0: (slave bond_slave_0): Releasing backup interface [ 257.410154][ T28] audit: type=1800 audit(1764051615.066:28): pid=7741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.535" name="file1" dev="loop0" ino=18 res=0 errno=0 [ 257.436203][ T7750] bond0: (slave bond_slave_1): Releasing backup interface [ 257.468570][ T7750] team0: Failed to send options change via netlink (err -105) [ 257.496742][ T7750] team0: Failed to send port change of device team_slave_0 via netlink (err -105) [ 257.525262][ T7750] team0: Port device team_slave_0 removed [ 257.541719][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.576555][ T7750] team0: Failed to send options change via netlink (err -105) [ 257.594426][ T7750] team0: Failed to send port change of device team_slave_1 via netlink (err -105) [ 257.639749][ T7750] team0: Port device team_slave_1 removed [ 257.646719][ T7750] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 257.664965][ T7750] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 257.737561][ T7754] team0: Failed to send options change via netlink (err -105) [ 257.776447][ T7754] team0: Mode changed to "loadbalance" [ 257.871763][ T7762] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 258.910504][ T7775] netlink: 9275 bytes leftover after parsing attributes in process `syz.1.544'. [ 258.959269][ T7777] tipc: Enabled bearer , priority 10 [ 259.018569][ T7777] tipc: Enabled bearer , priority 0 [ 259.711694][ T7798] netlink: 24 bytes leftover after parsing attributes in process `syz.3.547'. [ 265.835413][ T7859] netlink: 12 bytes leftover after parsing attributes in process `syz.3.562'. [ 266.034434][ T7862] netlink: 'syz.3.562': attribute type 5 has an invalid length. [ 266.048122][ T7862] netlink: 4 bytes leftover after parsing attributes in process `syz.3.562'. [ 266.081020][ T7859] netlink: 'syz.3.562': attribute type 5 has an invalid length. [ 266.112433][ T7859] netlink: 4 bytes leftover after parsing attributes in process `syz.3.562'. [ 266.237661][ T7865] netlink: 16 bytes leftover after parsing attributes in process `syz.1.564'. [ 266.431378][ T7865] netlink: 12 bytes leftover after parsing attributes in process `syz.1.564'. [ 266.548748][ T7870] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 268.745243][ T7878] loop2: detected capacity change from 0 to 1024 [ 268.935992][ T7878] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 268.949244][ T7878] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 269.052336][ T7878] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.569: inode has both inline data and extents flags [ 269.926856][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 271.007728][ T7920] bond_slave_0: entered promiscuous mode [ 271.014166][ T7920] bond_slave_1: entered promiscuous mode [ 271.020290][ T7920] team_slave_0: entered promiscuous mode [ 271.026745][ T7920] team_slave_1: entered promiscuous mode [ 271.032766][ T7920] syz_tun: entered promiscuous mode [ 271.100668][ T7912] (null): rxe_set_mtu: Set mtu to 1024 [ 271.120753][ T7920] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 271.142260][ T7920] bond2: (slave macvlan2): making interface the new active one [ 271.174406][ T7920] bond2: (slave macvlan2): Enslaving as an active interface with an up link [ 271.217339][ T7912] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:1811:30ff:feef:414a error=-28 [ 272.583484][ T7975] netlink: 12 bytes leftover after parsing attributes in process `syz.2.585'. [ 272.762562][ T7912] infiniband syz0: set active [ 272.769974][ T7912] infiniband syz0: added bond0 [ 272.777544][ T7912] syz0: rxe_create_cq: returned err = -12 [ 272.793500][ T7912] infiniband syz0: Couldn't create ib_mad CQ [ 272.802564][ T7912] infiniband syz0: Couldn't open port 1 [ 272.964479][ T7912] RDS/IB: syz0: added [ 272.989104][ T7912] smc: adding ib device syz0 with port count 1 [ 273.014946][ T7912] smc: ib device syz0 port 1 has pnetid [ 275.263575][ T7994] bond_slave_0: entered promiscuous mode [ 275.269972][ T7994] bond_slave_1: entered promiscuous mode [ 275.276149][ T7994] vlan3: entered promiscuous mode [ 275.281960][ T7994] bond0: entered promiscuous mode [ 276.947389][ T7996] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.206029][ T7996] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.536196][ T7996] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.140487][ T7996] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.383011][ T7996] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.434944][ T7996] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.484057][ T7996] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.521122][ T7996] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.836971][ T8049] loop0: detected capacity change from 0 to 4096 [ 285.863470][ T8049] ext4: Unknown parameter 'hash' [ 286.178452][ T6340] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 286.393038][ T6340] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 286.495346][ T6340] usb 3-1: config 0 has no interfaces? [ 286.609327][ T6340] usb 3-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50 [ 286.719630][ T6340] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 286.940624][ T6340] usb 3-1: Product: syz [ 286.946065][ T6340] usb 3-1: Manufacturer: syz [ 286.988160][ T6340] usb 3-1: SerialNumber: syz [ 287.200364][ T6340] usb 3-1: config 0 descriptor?? [ 289.752884][ T6340] usb 3-1: USB disconnect, device number 3 [ 290.937619][ T8096] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 290.946206][ T8096] openvswitch: netlink: Actions may not be safe on all matching packets [ 292.136921][ T8104] bridge3: entered allmulticast mode [ 292.278936][ T8113] binder: 8112:8113 unknown command 0 [ 292.286055][ T8113] binder: 8112:8113 ioctl c0306201 200000000080 returned -22 [ 292.505840][ T8115] kAFS: unable to lookup cell '' [ 295.463572][ T8145] overlayfs: failed to clone upperpath [ 296.597970][ T8155] lo speed is unknown, defaulting to 1000 [ 303.115510][ T8204] lo speed is unknown, defaulting to 1000 [ 303.228134][ T5920] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 303.565879][ T5920] usb 1-1: config 0 has an invalid interface number: 183 but max is 0 [ 303.575677][ T5920] usb 1-1: config 0 has no interface number 0 [ 303.584834][ T5920] usb 1-1: config 0 interface 183 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 303.595816][ T5920] usb 1-1: New USB device found, idVendor=067b, idProduct=331a, bcdDevice=9d.94 [ 303.605585][ T5920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 303.931641][ T5920] usb 1-1: config 0 descriptor?? [ 304.142227][ T8202] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 304.416547][ T5920] pl2303 1-1:0.183: required endpoints missing [ 305.276325][ T8202] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 305.290914][ T8202] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 305.548107][ T8225] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.558276][ T8225] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.849483][ T8236] loop2: detected capacity change from 0 to 1024 [ 306.598125][ T8236] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 306.638688][ T8236] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 306.654655][ T8236] EXT4-fs (loop2): orphan cleanup on readonly fs [ 306.668998][ T6337] usb 1-1: USB disconnect, device number 4 [ 306.885676][ T8236] EXT4-fs error (device loop2): ext4_free_blocks:6676: comm syz.2.660: Freeing blocks not in datazone - block = 0, count = 4096 [ 308.519882][ T8236] EXT4-fs (loop2): 1 orphan inode deleted [ 308.529303][ T8236] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 309.374650][ T8254] netlink: 12 bytes leftover after parsing attributes in process `syz.3.664'. [ 309.384168][ T8254] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 309.852432][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.372053][ T8280] lo speed is unknown, defaulting to 1000 [ 317.838948][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.845519][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.200640][ T28] audit: type=1326 audit(1764051676.856:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8343 comm="syz.1.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 319.248099][ T6340] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 319.266057][ T28] audit: type=1326 audit(1764051676.856:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8343 comm="syz.1.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 319.328367][ T28] audit: type=1326 audit(1764051676.856:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8343 comm="syz.1.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 319.440630][ T28] audit: type=1326 audit(1764051676.856:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8343 comm="syz.1.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 319.487230][ T28] audit: type=1326 audit(1764051676.856:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8343 comm="syz.1.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 319.576913][ T28] audit: type=1326 audit(1764051676.856:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8343 comm="syz.1.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 319.599966][ T6340] usb 3-1: Using ep0 maxpacket: 16 [ 319.605335][ T28] audit: type=1326 audit(1764051676.856:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8343 comm="syz.1.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 319.628127][ T28] audit: type=1326 audit(1764051676.866:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8343 comm="syz.1.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 319.651749][ T28] audit: type=1326 audit(1764051676.866:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8343 comm="syz.1.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 319.674356][ T28] audit: type=1326 audit(1764051676.866:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8343 comm="syz.1.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff52778f749 code=0x7ffc0000 [ 319.699544][ T6340] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 320.417962][ T6340] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 320.428418][ T6340] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.440003][ T6340] usb 3-1: Product: syz [ 320.444406][ T6340] usb 3-1: Manufacturer: syz [ 320.449896][ T6340] usb 3-1: SerialNumber: syz [ 320.457446][ T6340] usb 3-1: config 0 descriptor?? [ 320.472647][ T6340] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 320.482578][ T6340] em28xx 3-1:0.0: DVB interface 0 found: bulk [ 321.423029][ T8346] bond_slave_0: left promiscuous mode [ 321.433796][ T8346] bond_slave_1: left promiscuous mode [ 321.441045][ T8346] team_slave_0: left promiscuous mode [ 321.447022][ T8346] team_slave_1: left promiscuous mode [ 321.499179][ T8346] infiniband syz0: set down [ 321.503414][ T6340] em28xx 3-1:0.0: chip ID is em2765 [ 321.513522][ T8346] tipc: Resetting bearer [ 321.616943][ T8363] netlink: 4 bytes leftover after parsing attributes in process `syz.1.702'. [ 321.629129][ T8363] netlink: 4 bytes leftover after parsing attributes in process `syz.1.702'. [ 322.871548][ T6340] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 322.893964][ T6340] em28xx 3-1:0.0: board has no eeprom [ 323.132752][ T6340] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 323.150851][ T6340] em28xx 3-1:0.0: dvb set to bulk mode. [ 323.168896][ T1922] em28xx 3-1:0.0: Binding DVB extension [ 323.257946][ T6340] usb 3-1: USB disconnect, device number 4 [ 323.292365][ T6340] em28xx 3-1:0.0: Disconnecting em28xx [ 323.615693][ T1922] em28xx 3-1:0.0: Registering input extension [ 323.698396][ T6340] em28xx 3-1:0.0: Closing input extension [ 324.086828][ T6340] em28xx 3-1:0.0: Freeing device [ 324.270689][ T8346] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 324.362984][ T8346] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 325.907175][ T8346] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.917825][ T8346] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.931817][ T8346] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.941725][ T8346] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.399828][ T8416] netlink: 12 bytes leftover after parsing attributes in process `syz.1.711'. [ 326.536641][ T8416] bond1: (slave bridge2): Enslaving as an active interface with an up link [ 326.601618][ T8416] bond1: entered promiscuous mode [ 326.606937][ T8416] bridge2: entered promiscuous mode [ 326.614486][ T8416] bond1: entered allmulticast mode [ 326.630788][ T8416] bridge2: entered allmulticast mode [ 327.474792][ T8430] syzkaller0: entered promiscuous mode [ 327.480730][ T8430] syzkaller0: entered allmulticast mode [ 331.287544][ T8468] netlink: 'syz.0.725': attribute type 1 has an invalid length. [ 331.347210][ T8468] 8021q: adding VLAN 0 to HW filter on device bond3 [ 331.429669][ T8468] bond3: entered allmulticast mode [ 331.515269][ T8471] bond3: (slave ip6gretap1): making interface the new active one [ 331.551214][ T8471] ip6gretap1: entered allmulticast mode [ 331.570859][ T8471] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link [ 333.415516][ T8490] netlink: 96 bytes leftover after parsing attributes in process `syz.1.731'. [ 341.003164][ T8540] cgroup: Setting release_agent not allowed [ 341.974752][ T8555] lo speed is unknown, defaulting to 1000 [ 342.020110][ T8563] netlink: 'syz.0.750': attribute type 1 has an invalid length. [ 342.054103][ T8563] mmap: syz.0.750 (8563) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 342.347123][ T8567] lo speed is unknown, defaulting to 1000 [ 345.935274][ T8590] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 346.006637][ T8590] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 348.053508][ T8592] bridge0: port 2(bridge_slave_1) entered disabled state [ 348.061363][ T8592] bridge0: port 1(bridge_slave_0) entered disabled state [ 348.079439][ T8592] tipc: Resetting bearer [ 352.681455][ T8592] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 352.932111][ T8592] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.948885][ T8592] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.978851][ T8592] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.987295][ T8592] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 353.191435][ T8622] syzkaller0: entered promiscuous mode [ 353.197630][ T8622] syzkaller0: entered allmulticast mode [ 353.230749][ T8617] lo speed is unknown, defaulting to 1000 [ 354.452378][ T8647] xt_TCPMSS: Only works on TCP SYN packets [ 356.176500][ T8659] siw: device registration error -23 [ 357.507388][ T8675] bridge2: entered allmulticast mode [ 357.758807][ T8682] netlink: 'syz.2.782': attribute type 11 has an invalid length. [ 358.492475][ T8696] xt_TCPMSS: Only works on TCP SYN packets [ 360.796213][ T8712] netlink: 16 bytes leftover after parsing attributes in process `syz.3.788'. [ 363.285328][ T8741] loop0: detected capacity change from 0 to 2048 [ 363.493213][ T8741] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.759547][ T8741] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.793: bg 0: block 234: padding at end of block bitmap is not set [ 363.780574][ T8756] lo speed is unknown, defaulting to 1000 [ 363.787059][ T8741] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 336 with error 28 [ 363.879088][ T8741] EXT4-fs (loop0): This should not happen!! Data will be lost [ 363.879088][ T8741] [ 364.017263][ T8741] EXT4-fs (loop0): Total free blocks count 0 [ 364.112999][ T8741] EXT4-fs (loop0): Free/Dirty block details [ 364.208815][ T8741] EXT4-fs (loop0): free_blocks=0 [ 364.281704][ T8741] EXT4-fs (loop0): dirty_blocks=352 [ 364.334215][ T8741] EXT4-fs (loop0): Block reservation details [ 364.396183][ T8741] EXT4-fs (loop0): i_reserved_data_blocks=22 [ 364.871282][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.977158][ T8778] loop0: detected capacity change from 0 to 512 [ 366.017100][ T8778] EXT4-fs (loop0): orphan cleanup on readonly fs [ 366.044397][ T8778] __quota_error: 17 callbacks suppressed [ 366.044416][ T8778] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated! [ 366.095276][ T8778] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota [ 366.107269][ T8778] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.808: Failed to acquire dquot type 0 [ 366.165321][ T8778] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated! [ 366.219029][ T8778] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota [ 366.259095][ T8778] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.808: Failed to acquire dquot type 0 [ 366.293779][ T8778] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.808: bg 0: block 64: padding at end of block bitmap is not set [ 366.314263][ T8778] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 366.324946][ T8778] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated! [ 366.340973][ T8778] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota [ 366.369177][ T8778] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.808: Failed to acquire dquot type 0 [ 366.391530][ T8778] EXT4-fs (loop0): 1 orphan inode deleted [ 366.520096][ T8778] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 366.537699][ T8790] vlan0: entered promiscuous mode [ 366.543440][ T8790] bond0: entered promiscuous mode [ 366.558284][ T8790] vlan0: entered allmulticast mode [ 368.503773][ T8801] netlink: 4 bytes leftover after parsing attributes in process `syz.2.815'. [ 368.530004][ T8801] netlink: 12 bytes leftover after parsing attributes in process `syz.2.815'. [ 368.561547][ T5862] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 368.662883][ T8806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 368.676899][ T8806] team0: Port device bond0 added [ 368.697234][ T8806] team0: Failed to send port change of device bond0 via netlink (err -105) [ 368.778136][ T5862] usb 1-1: Using ep0 maxpacket: 16 [ 368.796835][ T5862] usb 1-1: config 0 has an invalid interface number: 64 but max is 0 [ 368.838418][ T5862] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 368.878170][ T5862] usb 1-1: config 0 has no interface number 0 [ 368.884376][ T5862] usb 1-1: New USB device found, idVendor=0bd3, idProduct=05f4, bcdDevice= 0.5b [ 368.953916][ T5862] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.005668][ T5862] usb 1-1: config 0 descriptor?? [ 369.073791][ T5862] usb 1-1: can't set config #0, error -71 [ 369.100239][ T5862] usb 1-1: USB disconnect, device number 5 [ 369.107733][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.226013][ T8811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 369.757860][ T8832] netlink: 28 bytes leftover after parsing attributes in process `syz.1.825'. [ 369.898990][ T8834] vlan3: entered promiscuous mode [ 369.904546][ T8834] vlan3: entered allmulticast mode [ 369.928307][ T8834] bond0: entered allmulticast mode [ 369.933507][ T8834] bond_slave_0: entered allmulticast mode [ 369.963492][ T8834] bond_slave_1: entered allmulticast mode [ 371.203833][ T8853] ecryptfs_parse_options: eCryptfs: unrecognized option [³(] [ 371.212081][ T8853] ecryptfs_parse_options: eCryptfs: unrecognized option [{\)] [ 371.219983][ T8853] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 371.235578][ T8853] Error parsing options; rc = [-22] [ 371.962868][ T8854] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 371.988400][ T8854] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 372.009052][ T8854] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 373.928175][ T5103] Bluetooth: hci0: command 0x0406 tx timeout [ 374.008182][ T5103] Bluetooth: hci2: command 0x0406 tx timeout [ 374.088242][ T5103] Bluetooth: hci1: command 0x0406 tx timeout [ 378.716247][ T8878] debugfs: Directory 'netdev:nicvf0' with parent 'phy3' already present! [ 378.732269][ T8878] debugfs: Directory 'netdev:nicvf0' with parent 'phy3' already present! [ 378.973105][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.979760][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 388.459030][ T8941] xt_TCPMSS: Only works on TCP SYN packets [ 388.859301][ T8945] netlink: 'syz.1.856': attribute type 2 has an invalid length. [ 392.823902][ T8991] netlink: 'syz.3.871': attribute type 2 has an invalid length. [ 394.050453][ T8988] loop0: detected capacity change from 0 to 40427 [ 394.155131][ T8988] F2FS-fs (loop0): invalid crc value [ 394.204089][ T8988] F2FS-fs (loop0): Found nat_bits in checkpoint [ 394.483784][ T8988] F2FS-fs (loop0): Start checkpoint disabled! [ 395.270602][ T8988] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 396.106847][ T7953] kworker/u4:12: attempt to access beyond end of device [ 396.106847][ T7953] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 396.126107][ T7953] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 396.568257][ T5103] Bluetooth: hci0: command tx timeout [ 397.117154][ T9024] 8021q: adding VLAN 0 to HW filter on device bond0 [ 397.157259][ T9024] team0: Port device bond0 added [ 400.392952][ T9060] lo speed is unknown, defaulting to 1000 [ 407.757930][ T5861] IPVS: starting estimator thread 0... [ 407.848138][ T9122] IPVS: using max 26 ests per chain, 62400 per kthread [ 414.518580][ T9161] netlink: zone id is out of range [ 414.524074][ T9161] netlink: zone id is out of range [ 414.531260][ T9161] netlink: zone id is out of range [ 414.546797][ T9161] netlink: zone id is out of range [ 414.553571][ T9161] netlink: zone id is out of range [ 414.565534][ T9161] netlink: zone id is out of range [ 414.583827][ T9161] netlink: zone id is out of range [ 414.599990][ T9161] netlink: zone id is out of range [ 414.618954][ T9161] netlink: zone id is out of range [ 414.635891][ T9161] netlink: zone id is out of range [ 417.212893][ T9193] tipc: Started in network mode [ 417.223767][ T9193] tipc: Node identity 4, cluster identity 4711 [ 418.218446][ T9193] tipc: Node number set to 4 [ 418.469096][ T9203] netlink: 'syz.1.933': attribute type 1 has an invalid length. [ 418.961532][ T9206] netlink: 4 bytes leftover after parsing attributes in process `syz.3.934'. [ 419.099255][ T9210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.934'. [ 419.192826][ T9209] 9pnet: p9_errstr2errno: server reported unknown error aaaaaaaaa [ 419.481792][ T9216] 8021q: adding VLAN 0 to HW filter on device team0 [ 419.508543][ T9216] tipc: Resetting bearer [ 419.546657][ T9216] net_ratelimit: 23 callbacks suppressed [ 419.546669][ T9216] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 419.583489][ T9219] netlink: 4 bytes leftover after parsing attributes in process `syz.3.938'. [ 423.114974][ T9260] netlink: 4 bytes leftover after parsing attributes in process `syz.0.952'. [ 423.173692][ T9260] netlink: 20 bytes leftover after parsing attributes in process `syz.0.952'. [ 423.267240][ T9267] netlink: 24 bytes leftover after parsing attributes in process `syz.0.957'. [ 423.322584][ T9267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.957'. [ 424.859613][ T9285] netlink: 'syz.2.963': attribute type 9 has an invalid length. [ 425.839873][ T9290] overlayfs: failed to resolve './file0': -2 [ 426.711134][ T9291] Cannot find add_set index 65532 as target [ 429.123835][ T9312] netlink: 28 bytes leftover after parsing attributes in process `syz.0.978'. [ 431.852296][ T9327] loop0: detected capacity change from 0 to 4096 [ 431.916762][ T9327] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 432.136745][ T9327] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 432.709721][ T9342] netlink: 8 bytes leftover after parsing attributes in process `syz.3.975'. [ 434.391511][ T9351] overlayfs: upper fs does not support tmpfile. [ 434.404403][ T9351] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 434.412517][ T9351] overlayfs: failed to get uuid (/file0, err=0); falling back to uuid=null. [ 434.423773][ T9351] ntfs3: loop0: ino=1b, "file0" failed to parse mft record [ 434.431579][ T9351] ntfs3: loop0: ino=1b, "file0" attr_set_size [ 434.438721][ T9351] overlayfs: failed to verify origin (/, ino=5, err=-2) [ 434.446941][ T9351] overlayfs: failed to verify upper root origin [ 434.520120][ T9355] syz.2.981[9355] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 434.520388][ T9355] syz.2.981[9355] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 434.596312][ T5791] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22. [ 434.633354][ T28] audit: type=1326 audit(1764051792.286:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 434.662484][ T28] audit: type=1326 audit(1764051792.286:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 434.688617][ T28] audit: type=1326 audit(1764051792.286:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 434.711561][ T28] audit: type=1326 audit(1764051792.286:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 434.736295][ T28] audit: type=1326 audit(1764051792.286:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 434.766159][ T9352] 8021q: adding VLAN 0 to HW filter on device team0 [ 434.779526][ T28] audit: type=1326 audit(1764051792.286:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 434.808736][ T28] audit: type=1326 audit(1764051792.286:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 434.833366][ T9352] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 434.838291][ T28] audit: type=1326 audit(1764051792.286:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 434.871809][ T28] audit: type=1326 audit(1764051792.286:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 434.894468][ T28] audit: type=1326 audit(1764051792.286:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f8b0938f749 code=0x7ffc0000 [ 434.929739][ T9353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.979'. [ 434.943406][ T5777] lo speed is unknown, defaulting to 1000 [ 435.143179][ T9365] netlink: 'syz.0.986': attribute type 5 has an invalid length. [ 435.749907][ T9376] netlink: 28 bytes leftover after parsing attributes in process `syz.2.990'. [ 436.034466][ T9382] netlink: 12 bytes leftover after parsing attributes in process `syz.3.992'. [ 436.664418][ T9388] netlink: 63 bytes leftover after parsing attributes in process `syz.3.992'. [ 436.774372][ T9390] loop2: detected capacity change from 0 to 4096 [ 436.803479][ T9390] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 436.899849][ T9390] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 437.944903][ T9404] overlayfs: upper fs does not support tmpfile. [ 437.953784][ T9404] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 437.962385][ T9404] overlayfs: failed to get uuid (/file0, err=0); falling back to uuid=null. [ 437.971679][ T9404] ntfs3: loop2: ino=1b, "file0" failed to parse mft record [ 437.979144][ T9404] ntfs3: loop2: ino=1b, "file0" attr_set_size [ 437.985387][ T9404] overlayfs: failed to verify origin (/, ino=5, err=-2) [ 437.992431][ T9404] overlayfs: failed to verify upper root origin [ 438.031315][ T9402] loop0: detected capacity change from 0 to 16 [ 438.172740][ T9402] erofs: (device loop0): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 438.204075][ T5785] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22. [ 438.776356][ T9420] netlink: 'syz.2.998': attribute type 12 has an invalid length. [ 440.430649][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.437033][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 442.545961][ T9468] netlink: 'syz.3.1012': attribute type 12 has an invalid length. [ 445.742035][ T9479] xt_CT: You must specify a L4 protocol and not use inversions on it [ 447.213406][ T9486] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1017'. [ 448.252868][ T9495] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1019'. [ 451.364351][ T9509] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1023'. [ 451.433361][ T9509] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1023'. [ 453.251374][ T9526] wireguard: wg1: Could not create IPv4 socket [ 456.712762][ T9550] Falling back ldisc for ttyS3. [ 458.828795][ T9568] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1039'. [ 459.689814][ T5816] libceph: connect (1)[c::]:6789 error -101 [ 459.710447][ T5816] libceph: mon0 (1)[c::]:6789 connect error [ 459.813261][ T9575] ceph: No mds server is up or the cluster is laggy [ 460.028383][ T5816] libceph: connect (1)[c::]:6789 error -101 [ 460.036967][ T5816] libceph: mon0 (1)[c::]:6789 connect error [ 462.444200][ T9597] tipc: Enabling of bearer rejected, failed to enable media [ 462.738646][ T9597] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1047'. [ 463.010480][ T9597] tipc: Enabling of bearer rejected, failed to enable media [ 463.618976][ T9609] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1050'. [ 463.975532][ T9609] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 463.984578][ T9609] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 463.992943][ T9609] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 464.001385][ T9609] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 464.101060][ T9609] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1050'. [ 469.549054][ T9653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1061'. [ 469.574660][ T9653] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1061'. [ 470.125177][ T9657] loop0: detected capacity change from 0 to 1024 [ 470.161204][ T9657] hfsplus: unable to parse mount options [ 471.037576][ T28] kauditd_printk_skb: 342 callbacks suppressed [ 471.037603][ T28] audit: type=1326 audit(1764051828.416:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9645 comm="syz.2.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0938f749 code=0x7fc00000 [ 471.822985][ T9137] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 474.298092][ T9680] atomic_op ffff88805ca55998 conn xmit_atomic 0000000000000000 [ 475.446168][ T5861] libceph: connect (1)[c::]:6789 error -101 [ 475.452433][ T5861] libceph: mon0 (1)[c::]:6789 connect error [ 475.532549][ T9694] ceph: No mds server is up or the cluster is laggy [ 475.770146][ T8] libceph: connect (1)[c::]:6789 error -101 [ 475.854608][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 476.762065][ T9716] loop0: detected capacity change from 0 to 4096 [ 477.076247][ T9716] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 477.530521][ T9716] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal [ 477.569051][ T9722] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1080'. [ 478.641421][ T9728] tipc: Enabling of bearer rejected, already enabled [ 478.858414][ T9728] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1082'. [ 479.101904][ T9728] tipc: Enabling of bearer rejected, failed to enable media [ 479.865736][ T5103] Bluetooth: hci1: unexpected event for opcode 0x080d [ 480.324495][ T9756] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1088'. [ 484.001116][ T5103] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 484.072050][ T5103] Bluetooth: hci1: Injecting HCI hardware error event [ 484.082051][ T5787] Bluetooth: hci1: hardware error 0x00 [ 484.452724][ T9785] tipc: Enabling of bearer rejected, already enabled [ 484.511131][ T9785] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1097'. [ 484.699368][ T9788] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1101'. [ 486.243153][ T5787] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 487.746495][ T9815] netlink: 'syz.0.1107': attribute type 21 has an invalid length. [ 487.804791][ T9815] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1107'. [ 487.892031][ T9815] syz.0.1107 uses obsolete (PF_INET,SOCK_PACKET) [ 488.287097][ T9827] xt_connbytes: Forcing CT accounting to be enabled [ 488.294544][ T9827] set match dimension is over the limit! [ 501.928682][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.935084][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 596.777922][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 596.785064][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P9834/1:b..l [ 596.793707][ C0] rcu: (detected by 0, t=10502 jiffies, g=37193, q=87 ncpus=2) [ 596.801407][ C0] task:syz.0.1113 state:R running task stack:24040 pid:9834 ppid:5791 flags:0x00004000 [ 596.814029][ C0] Call Trace: [ 596.817364][ C0] [ 596.820366][ C0] __schedule+0x14d2/0x44d0 [ 596.824944][ C0] ? __bfs+0x5b0/0x5c0 [ 596.829065][ C0] ? __lock_acquire+0x1260/0x7c80 [ 596.834148][ C0] ? asan.module_dtor+0x20/0x20 [ 596.839074][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 596.845125][ C0] ? preempt_schedule_irq+0xaa/0x140 [ 596.850476][ C0] preempt_schedule_irq+0xb5/0x140 [ 596.855735][ C0] ? preempt_schedule_notrace+0x110/0x110 [ 596.861508][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 596.867541][ C0] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 596.873413][ C0] irqentry_exit+0x67/0x70 [ 596.877872][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 596.883893][ C0] RIP: 0010:lock_acquire+0x1f2/0x410 [ 596.889240][ C0] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00 [ 596.908908][ C0] RSP: 0018:ffffc90003457da0 EFLAGS: 00000206 [ 596.915032][ C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: c35d46970444ac00 [ 596.923046][ C0] RDX: 0000000000000000 RSI: ffffffff8aaace60 RDI: ffffffff8afc6f40 [ 596.931058][ C0] RBP: ffffc90003457ec0 R08: dffffc0000000000 R09: 1ffffffff21b52a0 [ 596.939247][ C0] R10: dffffc0000000000 R11: fffffbfff21b52a1 R12: 1ffff9200068afc0 [ 596.947278][ C0] R13: ffffffff8cd2fee0 R14: 0000000000000246 R15: dffffc0000000000 [ 596.955334][ C0] ? get_sigframe_size+0x20/0x20 [ 596.960348][ C0] ? read_lock_is_recursive+0x20/0x20 [ 596.965857][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 596.971900][ C0] ? lock_chain_count+0x20/0x20 [ 596.976817][ C0] __task_pid_nr_ns+0x48/0x470 [ 596.981719][ C0] ? __task_pid_nr_ns+0x28/0x470 [ 596.986789][ C0] ? __task_pid_nr_ns+0x28/0x470 [ 596.991783][ C0] __ia32_sys_getpid+0x1d/0x20 [ 596.996591][ C0] do_syscall_64+0x55/0xb0 [ 597.001071][ C0] ? clear_bhb_loop+0x40/0x90 [ 597.005808][ C0] ? clear_bhb_loop+0x40/0x90 [ 597.010546][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 597.016484][ C0] RIP: 0033:0x7fe529b865e7 [ 597.021026][ C0] RSP: 002b:00007ffc62c10108 EFLAGS: 00000202 ORIG_RAX: 0000000000000027 [ 597.029568][ C0] RAX: ffffffffffffffda RBX: 00007ffc62c10270 RCX: 00007fe529b865e7 [ 597.037579][ C0] RDX: 00007ffc62c10140 RSI: 00007ffc62c10270 RDI: 0000000000000021 [ 597.045777][ C0] RBP: 0000000000000001 R08: 00007fe529200c50 R09: 00007fe529dd2000 [ 597.053872][ C0] R10: 00007fe5291fd008 R11: 0000000000000202 R12: 00007fe529200b28 [ 597.062054][ C0] R13: 0000000000000014 R14: 00007ffc62c10888 R15: 00007fe5291fd008 [ 597.070099][ C0] [ 597.073166][ C0] rcu: rcu_preempt kthread starved for 10374 jiffies! g37193 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 597.084395][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 597.094405][ C0] rcu: RCU grace-period kthread stack dump: [ 597.100504][ C0] task:rcu_preempt state:R running task stack:27088 pid:17 ppid:2 flags:0x00004000 [ 597.111435][ C0] Call Trace: [ 597.114750][ C0] [ 597.117723][ C0] __schedule+0x14d2/0x44d0 [ 597.122326][ C0] ? asan.module_dtor+0x20/0x20 [ 597.127234][ C0] ? enqueue_timer+0x225/0x530 [ 597.132058][ C0] ? __mod_timer+0x984/0xdb0 [ 597.136714][ C0] schedule+0xbd/0x170 [ 597.140854][ C0] schedule_timeout+0x160/0x280 [ 597.145756][ C0] ? console_conditional_schedule+0x40/0x40 [ 597.151786][ C0] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 597.157736][ C0] ? update_process_times+0x1b0/0x1b0 [ 597.163197][ C0] ? prepare_to_swait_event+0x339/0x360 [ 597.168808][ C0] rcu_gp_fqs_loop+0x302/0x1560 [ 597.173719][ C0] ? rcu_gp_init+0x110e/0x1510 [ 597.178639][ C0] ? dyntick_save_progress_counter+0x2b0/0x2b0 [ 597.185034][ C0] ? rcu_gp_init+0x1510/0x1510 [ 597.189852][ C0] ? rcu_gp_cleanup+0xb4c/0xca0 [ 597.194851][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 597.200108][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 597.205363][ C0] rcu_gp_kthread+0x99/0x380 [ 597.210112][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 597.215362][ C0] ? __kthread_parkme+0x7a/0x1c0 [ 597.220375][ C0] ? __kthread_parkme+0x162/0x1c0 [ 597.225469][ C0] kthread+0x2fa/0x390 [ 597.229584][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 597.234851][ C0] ? kthread_blkcg+0xd0/0xd0 [ 597.239486][ C0] ret_from_fork+0x48/0x80 [ 597.243949][ C0] ? kthread_blkcg+0xd0/0xd0 [ 597.248585][ C0] ret_from_fork_asm+0x11/0x20 [ 597.253424][ C0] [ 597.256474][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 597.262829][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 [ 597.269890][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 597.280172][ C0] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 597.286041][ C0] Code: cc cc cc cc cc cc cc f3 0f 1e fa 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 66 90 0f 00 2d c3 f4 38 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 66 0f 1f 00 55 41 57 41 56 [ 597.305782][ C0] RSP: 0018:ffffffff8ca07d80 EFLAGS: 000002c2 [ 597.312031][ C0] RAX: fe329addb8e54d00 RBX: ffffffff8161981b RCX: fe329addb8e54d00 [ 597.320042][ C0] RDX: 0000000000000001 RSI: ffffffff8aaabce0 RDI: ffffffff8afc6f40 [ 597.328067][ C0] RBP: ffffffff8ca07eb8 R08: ffff8880b8e36b2b R09: 1ffff110171c6d65 [ 597.336138][ C0] R10: dffffc0000000000 R11: ffffed10171c6d66 R12: ffffffff8e4a8e28 [ 597.344152][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1952688 [ 597.352263][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 597.361339][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 597.367979][ C0] CR2: 00007f3aebff5838 CR3: 000000001bb99000 CR4: 00000000003506f0 [ 597.375990][ C0] Call Trace: [ 597.379339][ C0] [ 597.382310][ C0] default_idle+0x13/0x20 [ 597.386691][ C0] default_idle_call+0x6c/0xa0 [ 597.391497][ C0] do_idle+0x1eb/0x510 [ 597.395615][ C0] ? idle_inject_timer_fn+0x60/0x60 [ 597.400871][ C0] ? do_idle+0x5/0x510 [ 597.405004][ C0] cpu_startup_entry+0x43/0x60 [ 597.409816][ C0] rest_init+0x2e2/0x300 [ 597.414108][ C0] ? time_init+0x40/0x40 [ 597.418414][ C0] arch_call_rest_init+0xe/0x10 [ 597.423419][ C0] start_kernel+0x459/0x4e0 [ 597.428158][ C0] x86_64_start_reservations+0x2a/0x30 [ 597.433760][ C0] x86_64_start_kernel+0x60/0x60 [ 597.438746][ C0] secondary_startup_64_no_verify+0x179/0x17b [ 597.445131][ C0]