last executing test programs: 9.636166169s ago: executing program 0 (id=663): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_emit_ethernet(0x0, 0x0, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r3, 0xc1004110, 0x0) 8.597323284s ago: executing program 0 (id=656): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x4c, r4, 0x1, 0x0, 0x0, {0x3d}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd, 0x82}, {0x5, 0x87}}]}, 0x4c}}, 0x8) 8.460492126s ago: executing program 1 (id=657): prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f00009ba000/0x1000)=nil) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)={0x1c, r4, 0x331, 0x0, 0x25dfdbfb, {0xb}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000) 7.329865912s ago: executing program 0 (id=659): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0}, 0x18) fsopen(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c) r2 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0585609, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x317, 0x1, 0x34, 0x9}, 0x9c) 6.404756006s ago: executing program 1 (id=661): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, 0x0, &(0x7f0000000100)}, 0x20) r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068", 0x9, 0xfffffffffffffffe) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010000504000000000000000000", @ANYBLOB="ebffffffffffffff28"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 4.354463186s ago: executing program 0 (id=666): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000a40), 0x6, 0x77c, &(0x7f00000002c0)="$eJzs3E9rVOcaAPDnHDMmxtw7uXDh3nZRBAUFcZKYja5MN90UQRC6tSGZhJCTTMhMrJMKatcF0U0L3bRdl34GsR+gW6GF7gultemidDPlTCYTnM7EMYmOf34/OJ7nPf+e93EOb+aEvCeAN9aJ/J8kYiwirkREsbU9jYijzWgk4vb2cVuPb87lSxKNxtVfk/y02GoU29dKWuvj0Twl/h8RDwsRZz/5Z95qfXN5NsvK6632RG1lbaJa3zy3NBKL5cXy6tT0xckL09MXJqefWsP/+qz11AcXj937/r377zcajbvvDJ1LYqZZd7Rq2/Pk230m6bD9f1KImY7tq/u73EsrGXQHAADoS/49/0hEDDW/pRbz+MGg+wQAAAAcrsZwo6tHoxHd9wAAAACvnqS/5/wT4RcCAAAA8Ira+TuAnbm9T50He8h+eTcixrvlH2pNuR2JQkSMbiXNOQo7ku3T4EBu34mIBzOd99/X+R22zynfbZMd7SfnSB894NU5DA/y8WemPf6MRHv8SdvjT3QZf4Z23p1wQL3Hv938R3qMf1f6zHEr3ir0zH8n4u2hbvlb9//ISDNXt/wf9pn/7v1P7/Xa1/gq4nTXnz/JE7l23w+xMtvxfoiZhaUsiRjumf/hX2ce7VX/aK/8zS70rn+tz/o/3vp9uddYkuc/c3Lvz79b/iPf7n6kaUTca63zY+935Di58sN3e9U/H9Ho+fnvUf+Xfdb/0zfDN/o8FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJrSiBiLJC214zQtlSKOR8R/YzTNKtXa2YXKxup8vi9iPArpwlJWnoyI4nY7ydtTzXi3fb6jPR0R//nx2HbSpaxcmqtk84MuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLbjETEWSVqKiDQi/iimaakUMdTHucMvoH8AAADAIRkfdAcAAACA587zPwAAALz+9vv8nxxyPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDX2pXLl/OlsfX45lzenr9e31iuXD83X64ul1Y25kpzlfW10mKlspiVS3OVladdL6tU1qYuxsaNiVq5Wpuo1jevrVQ2VmvXllZmF8vXyoUXUhUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPaqy5JGkpItJmnKalUsS/ImI8CsnCUlaejIh/R8SjYmE4b08NutMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcump9c3k2y8rrAoGgZ3DpkC94KyJehrp6B4MemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGIRqfXN5NsvK69VB9wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDBSn9OIiJfThdPjXXuPZr8WWyuI+KjL65+dmN2pLX9t/b22uf59lpt/fyL7z0AAAC8IS49y8E7z+nN9dTz6xQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD6qdY3l2ezrLx+sOBS1DcbSY9jBl0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwP38HAAD//2XXvc4=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x601, 0x0, 0x1, 0x1a0}, &(0x7f00000003c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0xc, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x4, 0x29c780}) io_uring_enter(r3, 0x3516, 0xaddf, 0x2, 0x0, 0x0) 4.352850726s ago: executing program 2 (id=667): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x5, 0xe, 0x0, &(0x7f00000003c0)="000000000000000000000001e370", 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50) 3.559345618s ago: executing program 3 (id=668): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x149802, 0x0) r4 = dup(r3) read$FUSE(r4, &(0x7f0000019300)={0x2020}, 0x2020) sendfile(r3, r4, 0x0, 0x80006) 3.439816199s ago: executing program 1 (id=669): r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38}) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) r4 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x8, 0x1, 0x7}) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r1, 0xc00464b4, &(0x7f0000000400)={r3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8}) 3.37304431s ago: executing program 3 (id=670): r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10) r2 = accept(r0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x12, 0x4, 0x4, 0xa4, 0x0, 0xffffffffffffffff, 0x7fffffff}, 0x50) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000300), &(0x7f00000002c0)=@tcp6=r2}, 0x47) recvmmsg(r2, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x12020, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) getsockname$packet(r2, 0x0, &(0x7f0000000700)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='sys_exit\x00', r4}, 0x18) getpeername$netlink(r2, 0x0, 0x0) sendmsg$IPSET_CMD_DESTROY(r2, 0x0, 0x40810) 3.101002744s ago: executing program 1 (id=671): munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f40000/0x5000)=nil, 0x5000) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) 3.054879285s ago: executing program 2 (id=672): socket$inet_mptcp(0x2, 0x1, 0x106) socket$nl_route(0x10, 0x3, 0x0) fsopen(&(0x7f0000000080)='devtmpfs\x00', 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) r0 = syz_io_uring_setup(0x42e6, &(0x7f00000002c0)={0x0, 0x5eda, 0x10100, 0x2}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x60, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x61, 0x1, {0x1}}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x7330, 0x0, 0x0, 0x0, 0x0) 2.487226883s ago: executing program 1 (id=673): prlimit64(0x0, 0xe, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) r0 = gettid() timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket$kcm(0x29, 0x5, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r2, 0x0, 0xf3e, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) 2.486181663s ago: executing program 3 (id=674): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) socketpair(0x29, 0x2, 0xfff, &(0x7f0000000140)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0) close(0x3) socketpair$unix(0x1, 0x5, 0x0, 0x0) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0xd18c9b60, &(0x7f0000000080)=[{&(0x7f0000000100)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) 2.476578944s ago: executing program 0 (id=675): openat$sw_sync_info(0xffffff9c, 0x0, 0x400080, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000000000000000080c00078008000640200000000500010006000000050005000a00000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}}, 0x20040000) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, 0x0, 0xc000) openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084) 2.350068335s ago: executing program 2 (id=676): sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x41, 0x0, 0x11}, 0x0) r0 = socket$kcm(0x2, 0x5, 0x84) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x10000002}]}, 0x94) r1 = socket$kcm(0x2, 0x5, 0x84) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) close(r1) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) socket$kcm(0xa, 0x5, 0x0) setsockopt$sock_attach_bpf(r1, 0x84, 0x64, &(0x7f0000000000)=r4, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r6) recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x49}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94) setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r7, 0x10) 2.207960617s ago: executing program 2 (id=677): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) unshare(0x22020600) r3 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000000)='cpu.stat\x00', 0x300, 0x0) read$FUSE(r5, &(0x7f0000000480)={0x2020}, 0x2020) 1.479368078s ago: executing program 3 (id=678): mkdirat(0xffffffffffffff9c, 0x0, 0x40) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f000001b700)=""/102392, 0x18ff8) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c980495f6479e4509069f95d2017ffe0b2649712000e00050014050a0005000500a0"], 0x17) signalfd(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) unshare(0x66000080) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a40)=ANY=[@ANYRESOCT, @ANYBLOB, @ANYRES8], 0x48) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, 0x0, 0x0) 1.212063532s ago: executing program 2 (id=679): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r3, &(0x7f0000000100), 0x0, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x4}}], {0x14}}, 0x88}}, 0x0) 1.168025782s ago: executing program 0 (id=680): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x54) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) splice(r1, 0x0, r2, 0x0, 0x10000000000016, 0x0) r3 = open(&(0x7f0000000300)='./bus\x00', 0x14103e, 0x18a) r4 = open(&(0x7f0000000240)='./file0\x00', 0x14b9c2, 0x4) ftruncate(r4, 0x3000000) sendfile(r3, r4, 0x0, 0x80000001) 192.982917ms ago: executing program 3 (id=681): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) r3 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000008c0)) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94) 149.881007ms ago: executing program 1 (id=682): r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f0000001ec0)={0x1, &(0x7f0000001e80)=[{0x0, 0x1000}]}) socket(0x1d, 0x2, 0x7) r2 = syz_io_uring_setup(0x1e1a, &(0x7f0000000440)={0x0, 0x430, 0x10100, 0x0, 0x83}, &(0x7f0000002000)=0x0, &(0x7f0000000040)=0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x80, 0xc9, "7e118e8456ee1d14"}}}, 0xe) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x23}) io_uring_enter(r2, 0x100048ed, 0x0, 0x2, 0x0, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10) listen(r0, 0xda90) r5 = openat$sequencer(0xffffff9c, &(0x7f0000000480), 0x0, 0x0) socket(0x1, 0x5, 0x8) ioctl$SNDCTL_SEQ_NRMIDIS(r5, 0xc0046d00, &(0x7f0000001500)) accept4(r0, 0x0, 0x0, 0x0) 51.891979ms ago: executing program 2 (id=683): r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10) r2 = accept(r0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x12, 0x4, 0x4, 0xa4, 0x0, 0xffffffffffffffff, 0x7fffffff}, 0x50) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000300), &(0x7f00000002c0)=@tcp6=r2}, 0x47) recvmmsg(r2, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x12020, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) getsockname$packet(r2, 0x0, &(0x7f0000000700)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='sys_exit\x00', r4}, 0x18) getpeername$netlink(r2, 0x0, 0x0) sendmsg$IPSET_CMD_DESTROY(r2, 0x0, 0x40810) 0s ago: executing program 3 (id=684): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) unshare(0x6a040000) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, 0x0) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r3, 0x0, 0x40000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x4, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000019580)=@newqdisc={0x40, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_MEMORY_LIMIT={0x8, 0x9, 0x7}]}}]}, 0x40}}, 0x800) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf6", 0x13, 0x11, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.6' (ED25519) to the list of known hosts. [ 77.124686][ T5775] cgroup: Unknown subsys name 'net' [ 77.259429][ T5775] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 78.970407][ T5775] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 80.670242][ T5792] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 80.679203][ T5792] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 80.690433][ T5792] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 80.699250][ T5792] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 80.701344][ T5795] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 80.708240][ T5792] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 80.723237][ T5792] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 80.731169][ T5795] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 80.731938][ T5792] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 80.741119][ T5795] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 80.753309][ T5798] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 80.761513][ T5798] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 80.767013][ T5799] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 80.771161][ T5795] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 80.776791][ T5799] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 80.784753][ T5795] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 80.791028][ T5799] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 80.800118][ T5795] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 80.805088][ T5799] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 80.811018][ T5795] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 80.818011][ T5799] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 80.826338][ T5795] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 80.839016][ T5799] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 80.848198][ T5799] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.308142][ T5787] chnl_net:caif_netlink_parms(): no params data found [ 81.450996][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 81.569780][ T5785] chnl_net:caif_netlink_parms(): no params data found [ 81.581259][ T5788] chnl_net:caif_netlink_parms(): no params data found [ 81.598154][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.606005][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.613554][ T5787] bridge_slave_0: entered allmulticast mode [ 81.620760][ T5787] bridge_slave_0: entered promiscuous mode [ 81.653716][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.661643][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.668845][ T5787] bridge_slave_1: entered allmulticast mode [ 81.676551][ T5787] bridge_slave_1: entered promiscuous mode [ 81.764992][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.772427][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.779624][ T5784] bridge_slave_0: entered allmulticast mode [ 81.787961][ T5784] bridge_slave_0: entered promiscuous mode [ 81.835875][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.846985][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.854339][ T5784] bridge_slave_1: entered allmulticast mode [ 81.862707][ T5784] bridge_slave_1: entered promiscuous mode [ 81.872883][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.885696][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.976979][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.984655][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.995297][ T5785] bridge_slave_0: entered allmulticast mode [ 82.002507][ T5785] bridge_slave_0: entered promiscuous mode [ 82.024770][ T5787] team0: Port device team_slave_0 added [ 82.031335][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.038495][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.046004][ T5788] bridge_slave_0: entered allmulticast mode [ 82.053201][ T5788] bridge_slave_0: entered promiscuous mode [ 82.063122][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.070278][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.077594][ T5788] bridge_slave_1: entered allmulticast mode [ 82.084846][ T5788] bridge_slave_1: entered promiscuous mode [ 82.094639][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.101918][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.109079][ T5785] bridge_slave_1: entered allmulticast mode [ 82.116447][ T5785] bridge_slave_1: entered promiscuous mode [ 82.138703][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.149860][ T5787] team0: Port device team_slave_1 added [ 82.197926][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.250159][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.277579][ T5784] team0: Port device team_slave_0 added [ 82.290512][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.298785][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.325543][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.339836][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.353823][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.364500][ T5784] team0: Port device team_slave_1 added [ 82.384136][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.391545][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.417647][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.432375][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.522929][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.530166][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.556418][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.571599][ T5785] team0: Port device team_slave_0 added [ 82.578270][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.585326][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.611992][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.655057][ T5785] team0: Port device team_slave_1 added [ 82.683966][ T5787] hsr_slave_0: entered promiscuous mode [ 82.691190][ T5787] hsr_slave_1: entered promiscuous mode [ 82.702628][ T5788] team0: Port device team_slave_0 added [ 82.748881][ T5788] team0: Port device team_slave_1 added [ 82.768217][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.776093][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.803045][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.816096][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.823179][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.850026][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.861794][ T50] Bluetooth: hci2: command tx timeout [ 82.883370][ T5784] hsr_slave_0: entered promiscuous mode [ 82.889833][ T5784] hsr_slave_1: entered promiscuous mode [ 82.896377][ T5784] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 82.905517][ T5784] Cannot create hsr debugfs directory [ 82.941049][ T50] Bluetooth: hci0: command tx timeout [ 82.944440][ T5102] Bluetooth: hci1: command tx timeout [ 82.952559][ T5799] Bluetooth: hci3: command tx timeout [ 82.960580][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.968111][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.994915][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.008981][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.016094][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.042374][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.137176][ T5785] hsr_slave_0: entered promiscuous mode [ 83.143739][ T5785] hsr_slave_1: entered promiscuous mode [ 83.149992][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.158113][ T5785] Cannot create hsr debugfs directory [ 83.213261][ T5788] hsr_slave_0: entered promiscuous mode [ 83.219817][ T5788] hsr_slave_1: entered promiscuous mode [ 83.227293][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.234940][ T5788] Cannot create hsr debugfs directory [ 83.578201][ T5787] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 83.589329][ T5787] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 83.599779][ T5787] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 83.628153][ T5787] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 83.724519][ T5784] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 83.738266][ T5784] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 83.769029][ T5784] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 83.789053][ T5784] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 83.846462][ T5785] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 83.856992][ T5785] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 83.888921][ T5785] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 83.904248][ T5785] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 83.958507][ T5788] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 83.978845][ T5788] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 83.989882][ T5788] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 84.019953][ T5788] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 84.140618][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.225618][ T5787] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.249393][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.263653][ T3477] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.271082][ T3477] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.304095][ T3477] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.311319][ T3477] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.329763][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.345359][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.376122][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.415430][ T991] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.422643][ T991] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.445107][ T5785] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.468532][ T991] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.475796][ T991] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.498489][ T5787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 84.523216][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.530381][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.549731][ T5788] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.572668][ T3428] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.579831][ T3428] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.590601][ T3428] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.597878][ T3428] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.640226][ T3428] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.647534][ T3428] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.943801][ T5799] Bluetooth: hci2: command tx timeout [ 84.999979][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.021197][ T5799] Bluetooth: hci3: command tx timeout [ 85.028456][ T5102] Bluetooth: hci1: command tx timeout [ 85.028469][ T50] Bluetooth: hci0: command tx timeout [ 85.178443][ T5787] veth0_vlan: entered promiscuous mode [ 85.246510][ T5787] veth1_vlan: entered promiscuous mode [ 85.278820][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.340263][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.378052][ T5787] veth0_macvtap: entered promiscuous mode [ 85.390201][ T5787] veth1_macvtap: entered promiscuous mode [ 85.410556][ T5784] veth0_vlan: entered promiscuous mode [ 85.445525][ T5784] veth1_vlan: entered promiscuous mode [ 85.493665][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.505432][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.529959][ T5784] veth0_macvtap: entered promiscuous mode [ 85.540961][ T5784] veth1_macvtap: entered promiscuous mode [ 85.559338][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.608282][ T5787] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.618273][ T5787] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.627156][ T5787] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.636126][ T5787] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.676444][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.687360][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.699532][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.717450][ T5785] veth0_vlan: entered promiscuous mode [ 85.735268][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.746803][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.764750][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.807600][ T5784] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.816604][ T5784] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.826421][ T5784] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.835197][ T5784] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.864428][ T5785] veth1_vlan: entered promiscuous mode [ 85.960039][ T5788] veth0_vlan: entered promiscuous mode [ 86.017148][ T5785] veth0_macvtap: entered promiscuous mode [ 86.032154][ T1131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.041127][ T1131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.077716][ T5785] veth1_macvtap: entered promiscuous mode [ 86.081413][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.092689][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.117347][ T5788] veth1_vlan: entered promiscuous mode [ 86.169111][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.180159][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.191575][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.203274][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.216459][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.229628][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.242886][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.253437][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.264283][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.275964][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.292197][ T5785] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.301222][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.301245][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.319855][ T5785] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.329120][ T5785] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.337890][ T5785] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.383377][ T1131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.405426][ T1131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.475855][ T5788] veth0_macvtap: entered promiscuous mode [ 86.559381][ T5788] veth1_macvtap: entered promiscuous mode [ 86.663043][ T991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.696407][ T991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.824928][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.841186][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.851594][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 87.031694][ T50] Bluetooth: hci2: command tx timeout [ 87.062026][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 87.102514][ T50] Bluetooth: hci0: command tx timeout [ 87.151004][ T5102] Bluetooth: hci1: command tx timeout [ 87.177681][ T5799] Bluetooth: hci3: command tx timeout [ 87.416479][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 87.729409][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 88.031879][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.113068][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.129267][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.150685][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.434374][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 88.958290][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 89.040472][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.058793][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.216352][ T50] Bluetooth: hci2: command tx timeout [ 89.270839][ T50] Bluetooth: hci3: command tx timeout [ 89.430824][ T50] Bluetooth: hci0: command tx timeout [ 89.431801][ T5102] Bluetooth: hci1: command tx timeout [ 89.487778][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.520816][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.566696][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.595347][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.621606][ T5788] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.641476][ T5788] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.650248][ T5788] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.686837][ T5788] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.961049][ T5873] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 90.009768][ T5898] netlink: 'syz.1.2': attribute type 1 has an invalid length. [ 90.192070][ T5873] usb 4-1: Using ep0 maxpacket: 16 [ 90.201510][ T1131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.214305][ T1131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.248872][ T5873] usb 4-1: config 0 has an invalid descriptor of length 100, skipping remainder of the config [ 90.285614][ T5873] usb 4-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00 [ 90.320706][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.367799][ T5873] usb 4-1: config 0 descriptor?? [ 90.422888][ T5873] gspca_main: spca501-2.14.0 probing 0000:0000 [ 90.520869][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.550682][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 90.571800][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.829496][ T5903] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7'. [ 90.839174][ T5873] gspca_spca501: reg write: error -71 [ 90.850664][ T5873] spca501 4-1:0.0: Reg write failed for 0x02,0xa048,0x00 [ 90.883415][ T5873] spca501: probe of 4-1:0.0 failed with error -22 [ 90.990737][ T5873] usb 4-1: USB disconnect, device number 2 [ 91.991381][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.230998][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.240294][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 92.439817][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 92.448722][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 92.494073][ T55] cfg80211: failed to load regulatory.db [ 92.520711][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 92.609373][ T5917] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5 [ 92.731882][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.010300][ T5937] batman_adv: batadv0: Adding interface: dummy0 [ 94.041932][ T5937] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.087954][ T5940] syz.3.16[5940]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 94.116686][ T5940] loop3: detected capacity change from 0 to 1024 [ 94.130891][ T5937] batman_adv: batadv0: Interface activated: dummy0 [ 94.160041][ T5940] ======================================================= [ 94.160041][ T5940] WARNING: The mand mount option has been deprecated and [ 94.160041][ T5940] and is ignored by this kernel. Remove the mand [ 94.160041][ T5940] option from the mount to silence this warning. [ 94.160041][ T5940] ======================================================= [ 94.227330][ T5938] batadv0: mtu less than device minimum [ 94.252272][ T5938] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.265210][ T5938] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.277901][ T5938] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.290525][ T5938] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.303193][ T5938] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.315351][ T5938] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.327123][ T5938] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.339123][ T5938] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.351298][ T5938] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.653213][ T5940] hfsplus: xattr search failed [ 94.798097][ T5784] hfsplus: node 4:3 still has 1 user(s)! [ 94.997499][ T5950] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 95.233746][ T5956] vlan2: entered promiscuous mode [ 95.239146][ T5956] vlan2: entered allmulticast mode [ 95.246648][ T5956] hsr_slave_1: entered allmulticast mode [ 96.532057][ T5959] kvm: emulating exchange as write [ 97.740635][ C0] sched: RT throttling activated [ 98.991824][ T5970] loop0: detected capacity change from 0 to 512 [ 99.157628][ T5970] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e000c018, mo2=0002] [ 99.200417][ T5970] System zones: 0-2, 18-18, 34-35 [ 99.224855][ T5970] EXT4-fs error (device loop0): ext4_quota_enable:7129: inode #4: comm syz.0.24: iget: bad i_size value: 5910974510929920 [ 99.260135][ T5970] EXT4-fs error (device loop0): ext4_quota_enable:7132: comm syz.0.24: Bad quota inode: 4, type: 1 [ 99.298726][ T5970] EXT4-fs warning (device loop0): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 99.358548][ T5970] EXT4-fs (loop0): mount failed [ 99.577676][ T5980] Zero length message leads to an empty skb [ 101.140064][ T5992] loop0: detected capacity change from 0 to 128 [ 101.193766][ T5992] EXT4-fs: Ignoring removed nobh option [ 101.244484][ T5992] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 101.283435][ T5992] ext4 filesystem being mounted at /8/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 101.320748][ T5990] netlink: 4 bytes leftover after parsing attributes in process `syz.3.28'. [ 101.383759][ T5999] Falling back ldisc for ttyS3. [ 101.628580][ T5787] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 102.342000][ T6010] netlink: 12 bytes leftover after parsing attributes in process `syz.1.34'. [ 103.402983][ T6018] loop0: detected capacity change from 0 to 4096 [ 103.716774][ T6025] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.969346][ T6034] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 105.011597][ T6034] netlink: 16 bytes leftover after parsing attributes in process `syz.1.42'. [ 105.118039][ T6034] bond0: entered promiscuous mode [ 105.240742][ T6034] bond_slave_0: entered promiscuous mode [ 105.994244][ T6034] bond_slave_1: entered promiscuous mode [ 106.001881][ T6034] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 106.010251][ T6034] batman_adv: batadv0: Adding interface: macvlan2 [ 106.016804][ T6034] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.059672][ T6034] batman_adv: batadv0: Interface activated: macvlan2 [ 106.112159][ T6040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.43'. [ 106.126702][ T6040] netlink: 12 bytes leftover after parsing attributes in process `syz.0.43'. [ 107.105979][ T6054] loop2: detected capacity change from 0 to 128 [ 108.137407][ T6059] netlink: 'syz.2.49': attribute type 21 has an invalid length. [ 108.156364][ T6059] netlink: 132 bytes leftover after parsing attributes in process `syz.2.49'. [ 108.267137][ T6059] syz.2.49 uses obsolete (PF_INET,SOCK_PACKET) [ 110.553975][ T6084] loop1: detected capacity change from 0 to 128 [ 113.949239][ T6099] netlink: 'syz.1.60': attribute type 11 has an invalid length. [ 124.709331][ T6171] mmap: syz.3.80 (6171) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 128.538681][ T6194] loop0: detected capacity change from 0 to 128 [ 129.544481][ T6192] loop2: detected capacity change from 0 to 4096 [ 132.398661][ T6211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.91'. [ 132.435459][ T6211] netlink: 12 bytes leftover after parsing attributes in process `syz.2.91'. [ 132.564670][ T6215] vlan2: entered promiscuous mode [ 132.569954][ T6215] vlan2: entered allmulticast mode [ 132.630869][ T6215] hsr_slave_1: entered allmulticast mode [ 132.918278][ T6227] netlink: 168 bytes leftover after parsing attributes in process `syz.1.98'. [ 133.185805][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.192746][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.280878][ T5834] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 133.501061][ T5834] usb 2-1: Using ep0 maxpacket: 32 [ 133.548146][ T5834] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 133.568512][ T5834] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 133.578608][ T5834] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.595537][ T6231] loop2: detected capacity change from 0 to 1024 [ 133.602325][ T5834] usb 2-1: config 0 descriptor?? [ 133.629185][ T5834] hub 2-1:0.0: bad descriptor, ignoring hub [ 133.652388][ T5834] hub: probe of 2-1:0.0 failed with error -5 [ 133.667177][ T5834] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 133.674127][ T28] audit: type=1804 audit(1752571754.560:2): pid=6230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.99" name="/newroot/29/file1" dev="fuse" ino=1 res=1 errno=0 [ 133.698458][ T28] audit: type=1800 audit(1752571754.580:3): pid=6230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.99" name="/" dev="fuse" ino=1 res=0 errno=0 [ 133.726607][ T28] audit: type=1804 audit(1752571754.590:4): pid=6230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.99" name="/newroot/29/file1" dev="fuse" ino=1 res=1 errno=0 [ 133.755856][ T28] audit: type=1804 audit(1752571754.590:5): pid=6230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.99" name="/newroot/29/file1" dev="fuse" ino=1 res=1 errno=0 [ 133.776548][ T28] audit: type=1800 audit(1752571754.590:6): pid=6230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.99" name="/" dev="fuse" ino=1 res=0 errno=0 [ 133.791937][ T6231] hfsplus: xattr search failed [ 133.919385][ T5788] hfsplus: node 4:3 still has 1 user(s)! [ 133.984120][ T5873] usb 2-1: USB disconnect, device number 2 [ 134.085567][ T6238] random: crng reseeded on system resumption [ 137.047086][ T6251] netlink: 4 bytes leftover after parsing attributes in process `syz.3.106'. [ 137.064815][ T6251] netlink: 12 bytes leftover after parsing attributes in process `syz.3.106'. [ 137.706391][ T6260] No such timeout policy "syz1" [ 139.605076][ T28] audit: type=1804 audit(1752571760.490:7): pid=6264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.110" name="/newroot/26/file1" dev="fuse" ino=1 res=1 errno=0 [ 140.301149][ T5873] IPVS: starting estimator thread 0... [ 140.335420][ T28] audit: type=1800 audit(1752571760.490:8): pid=6264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.110" name="/" dev="fuse" ino=1 res=0 errno=0 [ 140.411117][ T6271] IPVS: using max 16 ests per chain, 38400 per kthread [ 140.433276][ T6262] loop0: detected capacity change from 0 to 4096 [ 140.550801][ T28] audit: type=1804 audit(1752571760.490:9): pid=6264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.110" name="/newroot/26/file1" dev="fuse" ino=1 res=1 errno=0 [ 140.602971][ T28] audit: type=1804 audit(1752571760.490:10): pid=6264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.110" name="/newroot/26/file1" dev="fuse" ino=1 res=1 errno=0 [ 140.706927][ T6262] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.719956][ T28] audit: type=1800 audit(1752571760.490:11): pid=6264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.110" name="/" dev="fuse" ino=1 res=0 errno=0 [ 141.256184][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.782184][ T6305] netlink: 'syz.3.121': attribute type 3 has an invalid length. [ 145.891760][ T6307] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 145.899386][ T6307] IPv6: NLM_F_CREATE should be set when creating new route [ 145.921570][ T6309] batman_adv: batadv0: Adding interface: dummy0 [ 145.927884][ T6309] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.031237][ T6309] batman_adv: batadv0: Interface activated: dummy0 [ 146.091502][ T6309] net_ratelimit: 10 callbacks suppressed [ 146.091519][ T6309] batadv0: mtu less than device minimum [ 146.123456][ T6309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 146.135418][ T6309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 146.147135][ T6309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 146.159012][ T6309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 146.170833][ T6309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 146.182571][ T6309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 146.194388][ T6309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 146.206098][ T6309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 146.217981][ T6309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 148.490977][ T6327] loop0: detected capacity change from 0 to 1024 [ 148.585482][ T6329] netlink: 576 bytes leftover after parsing attributes in process `syz.1.131'. [ 148.792316][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 148.801826][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 148.810799][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 148.819742][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 148.841675][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 148.850794][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 149.152820][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 149.175261][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 149.238855][ T6337] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 150.107798][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 150.138528][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 150.179027][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 150.200318][ T6339] loop1: detected capacity change from 0 to 128 [ 150.237315][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 150.262762][ T6339] FAT-fs (loop1): Directory bread(block 414) failed [ 150.287176][ T6339] FAT-fs (loop1): Directory bread(block 415) failed [ 150.300732][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 150.318651][ T6339] FAT-fs (loop1): Directory bread(block 416) failed [ 150.335759][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 150.343637][ T6339] FAT-fs (loop1): Directory bread(block 417) failed [ 150.350310][ T6339] FAT-fs (loop1): Directory bread(block 418) failed [ 150.381156][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 150.398755][ T6339] FAT-fs (loop1): Directory bread(block 419) failed [ 150.415535][ T6339] FAT-fs (loop1): Directory bread(block 420) failed [ 150.439114][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 150.446710][ T6339] FAT-fs (loop1): Directory bread(block 421) failed [ 150.497497][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 150.686686][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 150.794860][ T6343] FAT-fs (loop1): Directory bread(block 414) failed [ 150.802347][ T6343] FAT-fs (loop1): Directory bread(block 415) failed [ 150.824451][ T6343] syz.1.134: attempt to access beyond end of device [ 150.824451][ T6343] loop1: rw=3, sector=478, nr_sectors = 2 limit=128 [ 150.838166][ T6343] syz.1.134: attempt to access beyond end of device [ 150.838166][ T6343] loop1: rw=2051, sector=480, nr_sectors = 6 limit=128 [ 151.238859][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.300847][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.359780][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.433395][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.479397][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.500968][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.540572][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.580866][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.592240][ T6345] vlan4: entered promiscuous mode [ 151.602741][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.681485][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.755780][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.781522][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.824827][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.915301][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.930362][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 151.960493][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 152.163416][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 152.172508][ T6327] hfsplus: request for non-existent node 16777216 in B*Tree [ 152.181081][ T28] audit: type=1800 audit(1752571773.060:12): pid=6327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.128" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 153.242519][ T6354] loop2: detected capacity change from 0 to 512 [ 153.274569][ T6354] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 153.424550][ T6359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0 [ 153.452507][ T6359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.560844][ T6359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0 [ 154.135820][ T6359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 163.674048][ T6434] loop1: detected capacity change from 0 to 512 [ 163.827758][ T6434] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.859724][ T6434] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 163.891144][ T6434] capability: warning: `syz.1.162' uses deprecated v2 capabilities in a way that may be insecure [ 163.918828][ T6434] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.162: iget: bad i_size value: 2533274857506816 [ 164.220814][ T6440] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 145: padding at end of block bitmap is not set [ 164.926990][ T6448] warning: `syz.2.165' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 165.235797][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.759337][ T28] audit: type=1326 audit(1752571786.640:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 165.870855][ T28] audit: type=1326 audit(1752571786.680:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 165.980840][ T28] audit: type=1326 audit(1752571786.680:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 166.050332][ T6465] loop1: detected capacity change from 0 to 512 [ 166.057160][ T28] audit: type=1326 audit(1752571786.680:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 166.122004][ T28] audit: type=1326 audit(1752571786.680:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 166.171931][ T6465] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 166.185952][ T28] audit: type=1326 audit(1752571786.680:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 166.296948][ T6465] EXT4-fs (loop1): orphan cleanup on readonly fs [ 166.307857][ T6465] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #3: comm syz.1.171: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 166.365784][ T28] audit: type=1326 audit(1752571786.680:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 166.506701][ T6465] EXT4-fs error (device loop1): ext4_quota_enable:7132: comm syz.1.171: Bad quota inode: 3, type: 0 [ 166.533547][ T6465] EXT4-fs warning (device loop1): ext4_enable_quotas:7173: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 166.560995][ T6465] EXT4-fs (loop1): Cannot turn on quotas: error -117 [ 166.567935][ T28] audit: type=1326 audit(1752571786.680:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 166.607212][ T6465] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 166.650106][ T28] audit: type=1326 audit(1752571786.680:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 166.720708][ T28] audit: type=1326 audit(1752571786.700:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 167.916207][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.378689][ T6479] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8) [ 168.385479][ T6479] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 168.396849][ T6480] xt_hashlimit: max too large, truncated to 1048576 [ 168.429958][ T6479] vhci_hcd vhci_hcd.0: Device attached [ 168.703910][ T8] usb 35-1: new high-speed USB device number 2 using vhci_hcd [ 168.779340][ T6481] vhci_hcd: connection reset by peer [ 168.821442][ T3453] vhci_hcd: stop threads [ 168.841739][ T3453] vhci_hcd: release socket [ 168.867574][ T3453] vhci_hcd: disconnect device [ 170.137060][ T6500] tipc: Started in network mode [ 170.164459][ T6500] tipc: Node identity 6, cluster identity 4711 [ 170.185031][ T6500] tipc: Node number set to 6 [ 173.333135][ T6550] netlink: 'syz.3.183': attribute type 10 has an invalid length. [ 173.344636][ T6550] netlink: 40 bytes leftover after parsing attributes in process `syz.3.183'. [ 173.607926][ T6550] team0: Port device geneve0 added [ 173.902043][ T8] vhci_hcd: vhci_device speed not set [ 174.328976][ T6579] loop2: detected capacity change from 0 to 1024 [ 175.072540][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 175.082396][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 175.102621][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 175.110461][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 175.330511][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 175.339333][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 175.349708][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.123129][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.140251][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.149651][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.239412][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.268899][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.311594][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.320884][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.328424][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.356080][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.394936][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.420877][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.447147][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.456352][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.475129][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.496379][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.514182][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.530808][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.550762][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.571505][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.599487][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.651582][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.658948][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.705195][ T6579] hfsplus: request for non-existent node 16777216 in B*Tree [ 176.758539][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 176.758557][ T28] audit: type=1800 audit(1752571797.640:25): pid=6579 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.188" name="file1" dev="loop2" ino=20 res=0 errno=0 [ 177.006212][ T6590] xt_CT: You must specify a L4 protocol and not use inversions on it [ 177.019607][ T6602] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.029070][ T6602] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.402127][ T6621] netlink: 4 bytes leftover after parsing attributes in process `syz.2.200'. [ 180.545240][ T6619] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 181.382181][ T6629] netlink: 28 bytes leftover after parsing attributes in process `syz.3.202'. [ 181.391370][ T6629] netlink: 28 bytes leftover after parsing attributes in process `syz.3.202'. [ 186.255081][ T6677] loop1: detected capacity change from 0 to 256 [ 186.376638][ T6677] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 187.459821][ T6686] random: crng reseeded on system resumption [ 189.214255][ T6693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:17) already exists on: macvlan2 [ 189.263940][ T6693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 190.367565][ T6693] vlan4: entered promiscuous mode [ 190.410975][ T6693] bond0: entered promiscuous mode [ 190.514152][ T6693] bond_slave_0: entered promiscuous mode [ 190.596503][ T6693] bond_slave_1: entered promiscuous mode [ 194.636966][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.644015][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.069610][ T5102] Bluetooth: hci0: unexpected Set CIG Parameters response data [ 201.132207][ T6787] loop3: detected capacity change from 0 to 256 [ 201.186376][ T6787] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 201.211769][ T6787] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 201.452770][ T6790] loop2: detected capacity change from 0 to 512 [ 201.548380][ T6787] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 201.868689][ T6790] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 201.971790][ T6790] ext4 filesystem being mounted at /62/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 202.066420][ T6790] EXT4-fs error (device loop2): ext4_lookup:1858: inode #12: comm syz.2.245: iget: bad i_size value: 2533274857506816 [ 202.785783][ T6794] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 145: padding at end of block bitmap is not set [ 205.374630][ T5790] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 205.383573][ T5790] Bluetooth: hci0: Injecting HCI hardware error event [ 206.141820][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.972218][ T5102] Bluetooth: hci0: hardware error 0x00 [ 207.021196][ T50] Bluetooth: hci2: command 0x0406 tx timeout [ 207.028058][ T5799] Bluetooth: hci1: command 0x0406 tx timeout [ 209.151250][ T5102] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 210.084796][ T6852] netlink: 28 bytes leftover after parsing attributes in process `syz.2.257'. [ 210.093974][ T6852] netlink: 28 bytes leftover after parsing attributes in process `syz.2.257'. [ 210.625093][ T6849] random: crng reseeded on system resumption [ 210.691487][ T6848] loop1: detected capacity change from 0 to 256 [ 214.385448][ T6861] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.393021][ T6861] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.409752][ T6867] loop2: detected capacity change from 0 to 128 [ 216.647640][ T6541] kworker/u4:12: attempt to access beyond end of device [ 216.647640][ T6541] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 218.901358][ T5799] Bluetooth: hci3: command 0x0406 tx timeout [ 220.414495][ T6911] loop1: detected capacity change from 0 to 1764 [ 221.508858][ T6920] netlink: 4 bytes leftover after parsing attributes in process `syz.2.278'. [ 221.534660][ T6920] netlink: 12 bytes leftover after parsing attributes in process `syz.2.278'. [ 223.153922][ T6936] net_ratelimit: 10 callbacks suppressed [ 223.153942][ T6936] TCP: out of memory -- consider tuning tcp_mem [ 223.284322][ T6934] loop2: detected capacity change from 0 to 4096 [ 224.162997][ T6946] xt_connbytes: Forcing CT accounting to be enabled [ 224.169837][ T6946] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 225.129353][ T27] IPVS: starting estimator thread 0... [ 225.251230][ T6952] IPVS: using max 15 ests per chain, 36000 per kthread [ 225.505330][ T6939] syz.0.283: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 225.527291][ T6939] CPU: 1 PID: 6939 Comm: syz.0.283 Not tainted 6.6.98-syzkaller #0 [ 225.535261][ T6939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 225.545376][ T6939] Call Trace: [ 225.548700][ T6939] [ 225.551681][ T6939] dump_stack_lvl+0x16c/0x230 [ 225.556444][ T6939] ? show_regs_print_info+0x20/0x20 [ 225.561697][ T6939] ? load_image+0x3b0/0x3b0 [ 225.566269][ T6939] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 225.572746][ T6939] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 225.579308][ T6939] warn_alloc+0x210/0x300 [ 225.583700][ T6939] ? zone_watermark_ok_safe+0x230/0x230 [ 225.589297][ T6939] ? _raw_spin_unlock+0x28/0x40 [ 225.594207][ T6939] __vmalloc_node_range+0x662/0x1320 [ 225.599560][ T6939] ? __asan_memset+0x22/0x40 [ 225.604250][ T6939] ? free_vm_area+0x50/0x50 [ 225.608816][ T6939] ? kvmalloc_node+0x70/0x180 [ 225.613551][ T6939] ? rcu_is_watching+0x15/0xb0 [ 225.618376][ T6939] ? kvmalloc_node+0x70/0x180 [ 225.623125][ T6939] ? trace_kmalloc+0x1f/0xa0 [ 225.627778][ T6939] kvmalloc_node+0x13f/0x180 [ 225.632437][ T6939] ? xp_alloc_tx_descs+0x68/0xc0 [ 225.637439][ T6939] xp_alloc_tx_descs+0x68/0xc0 [ 225.642265][ T6939] xsk_bind+0xa11/0xc70 [ 225.646486][ T6939] __sys_bind+0x31a/0x410 [ 225.650882][ T6939] ? __ia32_sys_socketpair+0xb0/0xb0 [ 225.656243][ T6939] __x64_sys_bind+0x7a/0x90 [ 225.660797][ T6939] do_syscall_64+0x55/0xb0 [ 225.665271][ T6939] ? clear_bhb_loop+0x40/0x90 [ 225.670013][ T6939] ? clear_bhb_loop+0x40/0x90 [ 225.674926][ T6939] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 225.681138][ T6939] RIP: 0033:0x7f9caf18e929 [ 225.685606][ T6939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.705261][ T6939] RSP: 002b:00007f9cb00b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 225.713754][ T6939] RAX: ffffffffffffffda RBX: 00007f9caf3b6080 RCX: 00007f9caf18e929 [ 225.721782][ T6939] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000003 [ 225.729870][ T6939] RBP: 00007f9caf210b39 R08: 0000000000000000 R09: 0000000000000000 [ 225.734121][ T6956] loop2: detected capacity change from 0 to 2048 [ 225.737866][ T6939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.752245][ T6939] R13: 0000000000000000 R14: 00007f9caf3b6080 R15: 00007fff65dc1cf8 [ 225.760284][ T6939] [ 225.778078][ T6939] Mem-Info: [ 225.781802][ T6939] active_anon:6453 inactive_anon:0 isolated_anon:0 [ 225.781802][ T6939] active_file:12275 inactive_file:39890 isolated_file:0 [ 225.781802][ T6939] unevictable:768 dirty:209 writeback:0 [ 225.781802][ T6939] slab_reclaimable:10209 slab_unreclaimable:101774 [ 225.781802][ T6939] mapped:24432 shmem:1598 pagetables:597 [ 225.781802][ T6939] sec_pagetables:0 bounce:0 [ 225.781802][ T6939] kernel_misc_reclaimable:0 [ 225.781802][ T6939] free:1333564 free_pcp:13487 free_cma:0 [ 225.829996][ T6939] Node 0 active_anon:25812kB inactive_anon:0kB active_file:49100kB inactive_file:159352kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97728kB dirty:832kB writeback:0kB shmem:4856kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11936kB pagetables:2388kB sec_pagetables:0kB all_unreclaimable? no [ 225.871043][ T6956] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 225.883923][ T6956] UDF-fs: Scanning with blocksize 512 failed [ 226.407102][ T6939] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 226.443268][ T6939] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 226.488348][ T6956] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 226.527207][ T6939] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 226.533911][ T6939] Node 0 DMA32 free:1426672kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:30120kB inactive_anon:0kB active_file:49100kB inactive_file:158016kB unevictable:1536kB writepending:860kB present:3129332kB managed:2589592kB mlocked:0kB bounce:0kB free_pcp:25532kB local_pcp:9656kB free_cma:0kB [ 226.565460][ T6939] lowmem_reserve[]: 0 0 1 1 1 [ 226.571007][ T6939] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1308kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 226.735367][ T6939] lowmem_reserve[]: 0 0 0 0 0 [ 226.772299][ T6939] Node 1 Normal free:3891488kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:24896kB local_pcp:15072kB free_cma:0kB [ 226.805676][ T6939] lowmem_reserve[]: 0 0 0 0 0 [ 226.811013][ T6939] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 226.827469][ T6956] netlink: 32 bytes leftover after parsing attributes in process `syz.2.288'. [ 226.830348][ T6939] Node 0 DMA32: 1*4kB (M) 0*8kB 2*16kB (UM) 203*32kB (UME) 251*64kB (UME) 52*128kB (M) 20*256kB (UM) 9*512kB (UM) 10*1024kB (ME) 10*2048kB (ME) 331*4096kB (M) = 1425476kB [ 226.839783][ T6956] process 'syz.2.288' launched './file1' with NULL argv: empty string added [ 226.949338][ T6939] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 227.178243][ T6939] Node 1 Normal: 260*4kB (UME) 58*8kB (UME) 44*16kB (UME) 90*32kB (UME) 17*64kB (UME) 4*128kB (UME) 3*256kB (UME) 0*512kB 1*1024kB (E) 2*2048kB (UE) 947*4096kB (M) = 3891488kB [ 227.460837][ T6939] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 227.488760][ T6939] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 227.498334][ T6939] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 227.508679][ T6939] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 227.518167][ T6939] 56642 total pagecache pages [ 227.523139][ T6939] 0 pages in swap cache [ 227.527346][ T6939] Free swap = 124460kB [ 227.531790][ T6939] Total swap = 124996kB [ 227.535987][ T6939] 2097051 pages RAM [ 227.539832][ T6939] 0 pages HighMem/MovableOnly [ 227.544607][ T6939] 416139 pages reserved [ 227.548885][ T6939] 0 pages cma reserved [ 228.031046][ T6976] TCP: out of memory -- consider tuning tcp_mem [ 228.178417][ T28] audit: type=1326 audit(1752571850.061:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 228.200646][ C0] vkms_vblank_simulate: vblank timer overrun [ 228.234566][ T28] audit: type=1326 audit(1752571850.061:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 228.280729][ T28] audit: type=1326 audit(1752571850.071:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 228.352575][ T28] audit: type=1326 audit(1752571850.071:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 228.415193][ T28] audit: type=1326 audit(1752571850.071:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 228.449484][ T6985] netlink: 84 bytes leftover after parsing attributes in process `syz.0.298'. [ 228.499262][ T28] audit: type=1326 audit(1752571850.071:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 228.555818][ T28] audit: type=1326 audit(1752571850.071:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 228.600752][ T28] audit: type=1326 audit(1752571850.071:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 228.667611][ T28] audit: type=1326 audit(1752571850.211:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 228.755203][ T28] audit: type=1326 audit(1752571850.211:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 228.783117][ T6992] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 228.851709][ T6992] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 230.064597][ C0] hrtimer: interrupt took 61826 ns [ 233.093125][ T7063] loop2: detected capacity change from 0 to 1764 [ 235.695650][ T7080] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.312'. [ 235.878624][ T7078] loop1: detected capacity change from 0 to 128 [ 235.900912][ T7080] netlink: 24 bytes leftover after parsing attributes in process `syz.3.312'. [ 236.743332][ T11] kworker/u4:0: attempt to access beyond end of device [ 236.743332][ T11] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 237.060126][ T7090] loop0: detected capacity change from 0 to 256 [ 237.853520][ T7090] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 240.283216][ T7090] syz.0.315: attempt to access beyond end of device [ 240.283216][ T7090] loop0: rw=524288, sector=280, nr_sectors = 128 limit=256 [ 240.312713][ T7104] loop1: detected capacity change from 0 to 1024 [ 240.319977][ T7104] EXT4-fs: Ignoring removed orlov option [ 240.326384][ T7104] EXT4-fs: Invalid want_extra_isize 0 [ 240.379161][ T5797] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 240.561375][ T7090] syz.0.315: attempt to access beyond end of device [ 240.561375][ T7090] loop0: rw=524288, sector=408, nr_sectors = 256 limit=256 [ 240.575704][ T7090] syz.0.315: attempt to access beyond end of device [ 240.575704][ T7090] loop0: rw=0, sector=280, nr_sectors = 8 limit=256 [ 240.589138][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 240.589151][ T28] audit: type=1800 audit(1752571862.471:41): pid=7090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.315" name="file1" dev="loop0" ino=1048597 res=0 errno=0 [ 241.595536][ T7108] batadv0: mtu less than device minimum [ 241.603947][ T7108] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0) [ 241.611687][ T7090] syz.0.315 (7090) used greatest stack depth: 20080 bytes left [ 241.617255][ T7108] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0) [ 241.634751][ T7108] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0) [ 241.647038][ T7108] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0) [ 241.658682][ T7108] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0) [ 241.670306][ T7108] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0) [ 241.682074][ T7108] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0) [ 241.694005][ T7108] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0) [ 241.705715][ T7108] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0) [ 241.971863][ T7112] netlink: 40 bytes leftover after parsing attributes in process `syz.1.320'. [ 242.989180][ T7128] loop0: detected capacity change from 0 to 128 [ 244.037691][ T42] kworker/u4:2: attempt to access beyond end of device [ 244.037691][ T42] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 244.259443][ T7126] netlink: 830 bytes leftover after parsing attributes in process `syz.1.331'. [ 244.483385][ T7136] loop0: detected capacity change from 0 to 512 [ 244.548586][ T7136] EXT4-fs warning (device loop0): ext4_multi_mount_protect:329: MMP interval 2680 higher than expected, please wait. [ 244.548586][ T7136] [ 244.591942][ T7136] EXT4-fs warning (device loop0): ext4_multi_mount_protect:332: MMP startup interrupted, failing mount [ 244.591942][ T7136] [ 245.316740][ T7143] Bluetooth: MGMT ver 1.22 [ 245.345998][ T28] audit: type=1326 audit(1752571867.231:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 245.371107][ T28] audit: type=1326 audit(1752571867.231:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 245.401029][ T28] audit: type=1326 audit(1752571867.251:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 245.424478][ T28] audit: type=1326 audit(1752571867.251:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 245.489105][ T28] audit: type=1326 audit(1752571867.251:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 245.531691][ T28] audit: type=1326 audit(1752571867.341:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 245.580200][ T28] audit: type=1326 audit(1752571867.341:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 245.610026][ T28] audit: type=1326 audit(1752571867.341:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 245.850761][ T28] audit: type=1326 audit(1752571867.341:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 246.956980][ T28] audit: type=1326 audit(1752571867.341:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 247.175618][ T7157] loop2: detected capacity change from 0 to 128 [ 247.212711][ T28] audit: type=1326 audit(1752571868.981:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e418e929 code=0x7ffc0000 [ 247.314651][ T28] audit: type=1326 audit(1752571868.981:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e418e929 code=0x7ffc0000 [ 247.337544][ T28] audit: type=1326 audit(1752571869.051:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7f40e418e929 code=0x7ffc0000 [ 247.364480][ T28] audit: type=1326 audit(1752571869.061:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e418e929 code=0x7ffc0000 [ 247.391208][ T7162] netlink: 84 bytes leftover after parsing attributes in process `syz.1.333'. [ 247.433225][ T7157] netlink: 'syz.2.332': attribute type 16 has an invalid length. [ 247.484168][ T7157] netlink: 'syz.2.332': attribute type 17 has an invalid length. [ 247.491032][ T28] audit: type=1326 audit(1752571869.061:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f40e418e929 code=0x7ffc0000 [ 247.519946][ T28] audit: type=1326 audit(1752571869.061:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f40e418e963 code=0x7ffc0000 [ 247.547965][ T28] audit: type=1326 audit(1752571869.061:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.2.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f40e418d3df code=0x7ffc0000 [ 247.609112][ T7157] net_ratelimit: 10 callbacks suppressed [ 247.609124][ T7157] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 249.004936][ T7187] loop1: detected capacity change from 0 to 512 [ 249.013585][ T7187] EXT4-fs: Ignoring removed nomblk_io_submit option [ 249.020279][ T7187] ext4: Unknown parameter 'smackfsdef' [ 249.587961][ T7194] syz.2.343 (7194): attempted to duplicate a private mapping with mremap. This is not supported. [ 250.392956][ T7212] netlink: 12 bytes leftover after parsing attributes in process `syz.3.348'. [ 250.436753][ T7212] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:17) already exists on: macvlan2 [ 250.458865][ T7212] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.478013][ T7212] vlan2: entered promiscuous mode [ 250.484167][ T7212] bond0: entered promiscuous mode [ 250.489433][ T7212] bond_slave_0: entered promiscuous mode [ 250.502565][ T7212] bond_slave_1: entered promiscuous mode [ 256.065325][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.320835][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.478260][ T7235] bridge0: entered allmulticast mode [ 256.506777][ T7235] bridge_slave_1: left allmulticast mode [ 256.513087][ T7235] bridge_slave_1: left promiscuous mode [ 256.520935][ T7235] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.541880][ T7235] bridge_slave_0: left allmulticast mode [ 256.547740][ T7235] bridge_slave_0: left promiscuous mode [ 256.555300][ T7234] loop1: detected capacity change from 0 to 2048 [ 256.559637][ T7235] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.626325][ T7234] loop1: p1 < > p3 [ 256.645880][ T7234] loop1: p3 size 134217728 extends beyond EOD, truncated [ 258.181332][ T7247] batman_adv: batadv0: Interface deactivated: dummy0 [ 258.189004][ T7247] batman_adv: batadv0: Removing interface: dummy0 [ 258.200435][ T7247] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 258.212758][ T7247] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 258.238782][ T7247] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 258.248875][ T7247] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 259.534650][ T7254] loop1: detected capacity change from 0 to 1764 [ 260.641651][ T7267] netlink: 830 bytes leftover after parsing attributes in process `syz.3.364'. [ 264.375151][ T7311] loop0: detected capacity change from 0 to 128 [ 268.453202][ T7311] tty tty20: ldisc open failed (-12), clearing slot 19 [ 268.857361][ T7323] xt_CT: You must specify a L4 protocol and not use inversions on it [ 270.146571][ T7333] loop0: detected capacity change from 0 to 2048 [ 270.165315][ T7333] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=3932051, location=3932051 [ 270.326894][ T7333] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 270.673237][ T28] kauditd_printk_skb: 39 callbacks suppressed [ 270.673255][ T28] audit: type=1800 audit(1752571892.541:98): pid=7333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.382" name="file1" dev="loop0" ino=1346 res=0 errno=0 [ 270.830202][ T28] audit: type=1326 audit(1752571892.711:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 270.868478][ T28] audit: type=1326 audit(1752571892.711:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 270.961202][ T28] audit: type=1326 audit(1752571892.741:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 270.994379][ T28] audit: type=1326 audit(1752571892.741:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 271.027598][ T28] audit: type=1326 audit(1752571892.741:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 271.050744][ T28] audit: type=1326 audit(1752571892.741:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 271.073540][ T28] audit: type=1326 audit(1752571892.741:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 271.097371][ T28] audit: type=1326 audit(1752571892.741:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 271.196407][ T28] audit: type=1326 audit(1752571892.751:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 274.409175][ T5827] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 274.776277][ T5827] usb 3-1: Using ep0 maxpacket: 32 [ 274.796966][ T5827] usb 3-1: unable to get BOS descriptor or descriptor too short [ 274.807606][ T5827] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 274.824781][ T5827] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 274.861080][ T5827] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 274.873311][ T5827] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 274.890833][ T5827] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.909446][ T5827] usb 3-1: Product: syz [ 274.918541][ T5827] usb 3-1: Manufacturer: syz [ 274.928696][ T5827] usb 3-1: SerialNumber: syz [ 274.991532][ T7366] loop1: detected capacity change from 0 to 2048 [ 275.081028][ T7366] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 275.354211][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.561062][ T7372] sit0: entered promiscuous mode [ 275.635630][ T7372] netlink: 21 bytes leftover after parsing attributes in process `syz.3.394'. [ 276.848687][ T5827] usb 3-1: 0:2 : does not exist [ 276.877986][ T5827] usb 3-1: USB disconnect, device number 2 [ 277.210443][ T5797] udevd[5797]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 278.251049][ T7398] xt_CT: You must specify a L4 protocol and not use inversions on it [ 278.562746][ T7401] xt_recent: hitcount (692) is larger than allowed maximum (255) [ 280.061718][ T7419] netlink: 4 bytes leftover after parsing attributes in process `syz.1.407'. [ 280.816706][ T7426] loop2: detected capacity change from 0 to 2048 [ 280.823973][ T7431] SET target dimension over the limit! [ 280.912335][ T7426] loop2: p1 < > p3 [ 280.933571][ T7426] loop2: p3 size 134217728 extends beyond EOD, truncated [ 282.084727][ T7443] loop1: detected capacity change from 0 to 1764 [ 282.521796][ T7446] xt_CT: You must specify a L4 protocol and not use inversions on it [ 282.663004][ T5797] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 282.990291][ T7450] team_slave_0: entered promiscuous mode [ 282.996725][ T7450] team_slave_1: entered promiscuous mode [ 283.056315][ T7450] vlan2: entered promiscuous mode [ 283.077295][ T7450] team0: entered promiscuous mode [ 286.930971][ T7465] SET target dimension over the limit! [ 287.096250][ T7467] loop1: detected capacity change from 0 to 512 [ 287.170881][ T7467] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 287.178903][ T7467] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c01c, mo2=0002] [ 287.188800][ T7467] System zones: 1-12 [ 287.193682][ T7467] EXT4-fs (loop1): Can't support bigalloc feature without extents feature [ 287.193682][ T7467] [ 287.205445][ T7467] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features [ 287.217120][ T7467] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 287.884723][ T7481] loop0: detected capacity change from 0 to 2048 [ 287.974236][ T7481] loop0: p1 < > p3 [ 287.991340][ T7481] loop0: p3 size 134217728 extends beyond EOD, truncated [ 288.923973][ T7488] xt_CT: You must specify a L4 protocol and not use inversions on it [ 289.403068][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.580681][ T7496] loop1: detected capacity change from 0 to 2048 [ 290.617673][ T7496] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 290.660027][ T7503] netlink: 4 bytes leftover after parsing attributes in process `syz.2.432'. [ 291.119983][ T7501] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 291.319226][ T7503] hsr_slave_1 (unregistering): left promiscuous mode [ 291.570844][ T7495] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 16 with error 28 [ 291.583727][ T7495] EXT4-fs (loop1): This should not happen!! Data will be lost [ 291.583727][ T7495] [ 291.593626][ T7495] EXT4-fs (loop1): Total free blocks count 0 [ 291.599668][ T7495] EXT4-fs (loop1): Free/Dirty block details [ 291.605908][ T7495] EXT4-fs (loop1): free_blocks=2415919104 [ 291.612445][ T7495] EXT4-fs (loop1): dirty_blocks=16 [ 291.617815][ T7495] EXT4-fs (loop1): Block reservation details [ 291.624135][ T7495] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 291.812981][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.116901][ T7511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.435'. [ 293.042929][ T7519] loop2: detected capacity change from 0 to 1024 [ 295.608574][ T7533] macsec1: entered promiscuous mode [ 295.615863][ T7533] macvlan1: entered promiscuous mode [ 295.650361][ T7533] macvlan1: left promiscuous mode [ 296.818081][ T7545] netlink: 4 bytes leftover after parsing attributes in process `syz.3.443'. [ 296.837816][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 296.837830][ T28] audit: type=1326 audit(1752571918.721:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 296.896419][ T7549] loop1: detected capacity change from 0 to 1024 [ 296.905032][ T28] audit: type=1326 audit(1752571918.751:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 296.939963][ T7549] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 296.948964][ T7549] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 296.962243][ T7549] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 296.972333][ T28] audit: type=1326 audit(1752571918.761:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 297.002713][ T28] audit: type=1326 audit(1752571918.761:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 297.025707][ T28] audit: type=1326 audit(1752571918.761:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 297.049937][ T28] audit: type=1326 audit(1752571918.761:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff98858e929 code=0x7ffc0000 [ 297.097330][ T28] audit: type=1326 audit(1752571918.761:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff98858e963 code=0x7ffc0000 [ 297.098538][ T7549] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.442: lblock 2 mapped to illegal pblock 2 (length 1) [ 297.156169][ T7545] hsr_slave_1 (unregistering): left promiscuous mode [ 297.170753][ T28] audit: type=1326 audit(1752571918.771:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff98858d3df code=0x7ffc0000 [ 297.234330][ T7549] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 297.254192][ T28] audit: type=1326 audit(1752571918.771:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7ff98858e9b7 code=0x7ffc0000 [ 297.291618][ T7549] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.442: lblock 0 mapped to illegal pblock 48 (length 1) [ 297.330087][ T7549] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.442: Failed to acquire dquot type 0 [ 297.345499][ T7549] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 297.365816][ T7549] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.442: mark_inode_dirty error [ 297.389178][ T7549] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 297.401524][ T7549] EXT4-fs (loop1): 1 orphan inode deleted [ 297.408819][ T7549] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 298.115816][ T6541] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:12: lblock 1 mapped to illegal pblock 1 (length 1) [ 298.181321][ T6541] EXT4-fs error (device loop1): ext4_release_dquot:6974: comm kworker/u4:12: Failed to release dquot type 0 [ 298.219855][ T7549] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.251276][ T7549] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm syz.1.442: Invalid inode table block 1 in block_group 0 [ 298.275025][ T7549] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 298.305220][ T7549] EXT4-fs error (device loop1): ext4_quota_off:7222: inode #3: comm syz.1.442: mark_inode_dirty error [ 299.676899][ T7576] macsec1: entered promiscuous mode [ 299.684204][ T7576] macvlan1: entered promiscuous mode [ 299.799861][ T7580] xt_CONNSECMARK: invalid mode: 0 [ 300.046616][ T7576] macvlan1: left promiscuous mode [ 300.248629][ T7580] loop1: detected capacity change from 0 to 1024 [ 300.455249][ T7583] loop0: detected capacity change from 0 to 16 [ 300.493872][ T7583] erofs: (device loop0): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 66300) [ 300.813049][ T7590] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 300.820332][ T7590] IPv6: NLM_F_CREATE should be set when creating new route [ 300.827769][ T7590] IPv6: NLM_F_CREATE should be set when creating new route [ 300.877103][ T7590] lo: entered allmulticast mode [ 301.040906][ T7590] tunl0: entered allmulticast mode [ 302.652085][ T7590] gre0: entered allmulticast mode [ 303.729952][ T7590] gretap0: entered allmulticast mode [ 303.840348][ T7590] erspan0: entered allmulticast mode [ 303.962014][ T7590] ip_vti0: entered allmulticast mode [ 304.027545][ T7612] loop2: detected capacity change from 0 to 2048 [ 304.037045][ T7590] ip6_vti0: entered allmulticast mode [ 304.068528][ T7590] sit0: left promiscuous mode [ 304.092110][ T7590] sit0: entered allmulticast mode [ 304.117930][ T7590] ip6tnl0: entered allmulticast mode [ 304.161518][ T7590] ip6gre0: entered allmulticast mode [ 304.231886][ T7590] syz_tun: entered allmulticast mode [ 304.387071][ T7590] ip6gretap0: entered allmulticast mode [ 304.411872][ T7590] bridge0: entered allmulticast mode [ 304.606164][ T28] kauditd_printk_skb: 24 callbacks suppressed [ 304.612994][ T28] audit: type=1800 audit(1752571926.441:144): pid=7614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.460" name="file1" dev="loop2" ino=1048600 res=0 errno=0 [ 304.646294][ T7590] vcan0: entered allmulticast mode [ 304.759377][ T7590] bond0: entered allmulticast mode [ 304.895828][ T7590] bond_slave_0: entered allmulticast mode [ 304.910997][ T7590] bond_slave_1: entered allmulticast mode [ 304.949288][ T7590] team0: entered allmulticast mode [ 304.964065][ T7590] team_slave_0: entered allmulticast mode [ 304.980488][ T7590] team_slave_1: entered allmulticast mode [ 304.986528][ T7590] geneve0: entered allmulticast mode [ 305.033915][ T7590] dummy0: entered allmulticast mode [ 305.056288][ T7590] nlmon0: entered allmulticast mode [ 305.082799][ T7590] caif0: entered allmulticast mode [ 305.224366][ T7590] vxcan0: entered allmulticast mode [ 305.248139][ T7590] vxcan1: entered allmulticast mode [ 305.277167][ T7590] veth0: entered allmulticast mode [ 305.320095][ T7590] veth1: entered allmulticast mode [ 305.438686][ T7590] wg0: entered allmulticast mode [ 305.817819][ T7590] wg1: entered allmulticast mode [ 306.507205][ T7590] wg2: entered allmulticast mode [ 306.539181][ T7590] veth0_to_bridge: entered allmulticast mode [ 306.638627][ T7590] veth1_to_bridge: entered allmulticast mode [ 307.254905][ T7590] veth0_to_bond: entered allmulticast mode [ 307.372802][ T7590] veth1_to_bond: entered allmulticast mode [ 307.454242][ T7590] veth0_to_team: entered allmulticast mode [ 307.640926][ T7590] veth1_to_team: entered allmulticast mode [ 307.703626][ T7590] veth0_to_batadv: entered allmulticast mode [ 307.738125][ T7590] batadv_slave_0: entered allmulticast mode [ 307.789383][ T7590] veth1_to_batadv: entered allmulticast mode [ 307.885494][ T7590] batadv_slave_1: entered allmulticast mode [ 307.922002][ T7590] xfrm0: entered allmulticast mode [ 307.943778][ T7590] veth0_to_hsr: entered allmulticast mode [ 308.070300][ T7590] hsr_slave_0: entered allmulticast mode [ 308.163268][ T7590] hsr0: entered allmulticast mode [ 308.677172][ T7590] veth1_virt_wifi: entered allmulticast mode [ 308.881645][ T7590] veth0_virt_wifi: entered allmulticast mode [ 308.893157][ T7590] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 308.967453][ T7590] veth1_vlan: entered allmulticast mode [ 309.050062][ T7590] veth0_vlan: entered allmulticast mode [ 309.131745][ T7641] loop1: detected capacity change from 0 to 512 [ 309.145755][ T7590] vlan0: entered allmulticast mode [ 309.157103][ T7641] EXT4-fs (loop1): ea_inode feature is not supported for Hurd [ 309.173973][ T7590] vlan1: entered allmulticast mode [ 309.201369][ T7590] macvlan0: entered allmulticast mode [ 309.295262][ T7590] macvlan1: entered allmulticast mode [ 309.325520][ T7590] ipvlan0: entered allmulticast mode [ 309.396473][ T7590] veth1_macvtap: entered allmulticast mode [ 309.481310][ T7590] veth0_macvtap: entered allmulticast mode [ 309.568576][ T7590] macvtap0: entered allmulticast mode [ 310.092108][ T7590] macsec0: entered allmulticast mode [ 310.180377][ T7590] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.193519][ T7590] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.203073][ T7590] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.215956][ T7590] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.225697][ T7590] geneve1: entered allmulticast mode [ 310.251896][ T7590] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 310.263112][ T7590] netdevsim netdevsim3 netdevsim1: entered allmulticast mode [ 310.325574][ T7590] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 310.355727][ T7590] netdevsim netdevsim3 netdevsim3: entered allmulticast mode [ 310.385645][ T7590] mac80211_hwsim hwsim3 wlan0: entered allmulticast mode [ 310.412247][ T7590] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 310.434202][ T7590] bridge1: entered allmulticast mode [ 310.448640][ T7590] syztnl0: entered allmulticast mode [ 310.470716][ T7652] netlink: 96 bytes leftover after parsing attributes in process `syz.1.467'. [ 310.490903][ T7652] netlink: 120 bytes leftover after parsing attributes in process `syz.1.467'. [ 310.526119][ T7652] vlan2: entered allmulticast mode [ 310.540658][ T7652] bridge0: entered allmulticast mode [ 312.132340][ T7678] capability: warning: `syz.3.475' uses 32-bit capabilities (legacy support in use) [ 313.098948][ T7679] loop0: detected capacity change from 0 to 1024 [ 313.246365][ T7671] loop1: detected capacity change from 0 to 32768 [ 313.290500][ T7671] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.476 (7671) [ 313.469796][ T7671] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 313.521264][ T7671] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 313.570938][ T7671] BTRFS info (device loop1): force clearing of disk cache [ 313.603305][ T7671] BTRFS info (device loop1): enabling auto defrag [ 313.646988][ T7671] BTRFS info (device loop1): force zlib compression, level 3 [ 313.673063][ T7671] BTRFS info (device loop1): max_inline at 0 [ 313.683153][ T7671] BTRFS info (device loop1): enabling disk space caching [ 313.740725][ T7671] BTRFS info (device loop1): disk space caching is enabled [ 314.611297][ T7671] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 314.614381][ T7671] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 314.672067][ T7671] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 314.682154][ T7671] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 314.692478][ T7671] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 314.735548][ T7671] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 314.785452][ T7671] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 314.852923][ T7671] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 315.048709][ T7671] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 315.915348][ T7671] BTRFS error (device loop1): open_ctree failed: -12 [ 316.976510][ T28] audit: type=1326 audit(1752571938.861:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.1.483" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff98858e929 code=0x0 [ 317.524108][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.532003][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.881491][ T7759] futex_wake_op: syz.1.493 tries to shift op by 32; fix this program [ 323.863359][ T7775] 9pnet_fd: Insufficient options for proto=fd [ 326.515314][ T7797] loop1: detected capacity change from 0 to 128 [ 329.379577][ T7810] loop0: detected capacity change from 0 to 512 [ 329.411080][ T7810] EXT4-fs: Ignoring removed nobh option [ 329.464129][ T7810] EXT4-fs (loop0): external journal device major/minor numbers have changed [ 329.639871][ T7810] EXT4-fs (loop0): failed to open journal device unknown-block(4,0) -6 [ 329.700877][ T7814] xt_TCPMSS: Only works on TCP SYN packets [ 331.248803][ T7826] delete_channel: no stack [ 333.167838][ T7837] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 335.000860][ T7852] futex_wake_op: syz.3.517 tries to shift op by 32; fix this program [ 338.100485][ T7869] loop0: detected capacity change from 0 to 512 [ 338.140659][ T7869] EXT4-fs (loop0): ea_inode feature is not supported for Hurd [ 338.172003][ T7871] netlink: 'syz.1.523': attribute type 27 has an invalid length. [ 338.282748][ T5797] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 340.130327][ T7883] netlink: 20 bytes leftover after parsing attributes in process `syz.1.525'. [ 340.870303][ T7888] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 342.055252][ T7902] dummy0: entered promiscuous mode [ 343.279063][ T7902] dummy0: left promiscuous mode [ 345.762469][ T7943] netlink: 184 bytes leftover after parsing attributes in process `syz.3.542'. [ 347.503788][ T7950] loop1: detected capacity change from 0 to 512 [ 347.539662][ T7950] EXT4-fs: Ignoring removed nobh option [ 347.692353][ T7950] EXT4-fs (loop1): external journal device major/minor numbers have changed [ 348.021097][ T7950] EXT4-fs (loop1): failed to open journal device unknown-block(4,0) -6 [ 348.394475][ T7961] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 349.823266][ T7964] loop0: detected capacity change from 0 to 40427 [ 349.849074][ T7964] F2FS-fs (loop0): invalid crc value [ 349.863302][ T7964] F2FS-fs (loop0): Found nat_bits in checkpoint [ 349.907848][ T7964] F2FS-fs (loop0): Start checkpoint disabled! [ 349.927234][ T7964] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 350.953336][ T7967] delete_channel: no stack [ 354.496748][ T11] kworker/u4:0: attempt to access beyond end of device [ 354.496748][ T11] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427 [ 354.527548][ T11] kworker/u4:0: attempt to access beyond end of device [ 354.527548][ T11] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 354.568852][ T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 354.575989][ T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 354.588875][ T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 354.597397][ T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 354.766371][ T27] usb 3-1: new low-speed USB device number 3 using dummy_hcd [ 354.983035][ T27] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 355.036253][ T27] usb 3-1: config 0 has an invalid interface number: 21 but max is 0 [ 355.152706][ T27] usb 3-1: config 0 has no interface number 0 [ 355.562240][ T27] usb 3-1: config 0 interface 21 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 355.575273][ T27] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 355.585646][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 355.597493][ T27] usb 3-1: config 0 descriptor?? [ 355.849765][ T27] usb 3-1: USB disconnect, device number 3 [ 356.164144][ T8005] loop1: detected capacity change from 0 to 2048 [ 356.770176][ T8005] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 357.704855][ T8018] tipc: Started in network mode [ 357.711259][ T8018] tipc: Node identity 5a770e1eb4e7, cluster identity 4711 [ 357.725918][ T8018] tipc: Enabled bearer , priority 0 [ 357.747463][ T8018] syzkaller0: entered promiscuous mode [ 357.754667][ T8018] syzkaller0: entered allmulticast mode [ 358.342912][ T8018] tipc: Resetting bearer [ 358.360583][ T8014] tipc: Resetting bearer [ 359.310012][ T55] tipc: Node number set to 4002418206 [ 359.341850][ T8009] delete_channel: no stack [ 359.375567][ T8014] tipc: Disabling bearer [ 359.514804][ T8032] netlink: 'syz.1.567': attribute type 39 has an invalid length. [ 360.397719][ T8037] loop0: detected capacity change from 0 to 512 [ 360.415867][ T8037] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 360.455716][ T8037] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 360.537484][ T8037] EXT4-fs (loop0): 1 truncate cleaned up [ 360.559335][ T8037] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 360.646515][ T8039] netlink: 80 bytes leftover after parsing attributes in process `syz.3.569'. [ 360.655673][ T8039] sit0: left allmulticast mode [ 361.883889][ T5173] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 361.907028][ T8053] loop1: detected capacity change from 0 to 1024 [ 361.967656][ T8053] EXT4-fs: Ignoring removed nomblk_io_submit option [ 361.999570][ T5173] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 362.019270][ T8053] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 362.058045][ T8053] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 362.110102][ T8053] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 362.880259][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.627740][ T8078] netlink: 20 bytes leftover after parsing attributes in process `syz.1.578'. [ 364.678937][ T8078] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.686617][ T8078] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.043992][ T8080] netlink: 'syz.2.579': attribute type 10 has an invalid length. [ 365.075320][ T8080] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.083641][ T8080] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.295736][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.075437][ T8080] bridge0: port 2(bridge_slave_1) entered blocking state [ 367.083780][ T8080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 367.091416][ T8080] bridge0: port 1(bridge_slave_0) entered blocking state [ 367.098633][ T8080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 367.110062][ T8080] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 367.990225][ T8099] tipc: Enabling of bearer rejected, failed to enable media [ 372.538221][ T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 373.447315][ T8130] loop2: detected capacity change from 0 to 512 [ 373.460492][ T8130] EXT4-fs: Ignoring removed nobh option [ 373.486004][ T8130] EXT4-fs (loop2): external journal device major/minor numbers have changed [ 374.215388][ T8130] EXT4-fs (loop2): failed to open journal device unknown-block(4,0) -6 [ 375.680256][ T8166] loop1: detected capacity change from 0 to 2048 [ 375.688423][ T8166] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=3932051, location=3932051 [ 375.734737][ T8166] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 376.732476][ T28] audit: type=1800 audit(1752571998.621:146): pid=8159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.595" name="file1" dev="loop1" ino=1346 res=0 errno=0 [ 377.185286][ T8164] loop2: detected capacity change from 0 to 40427 [ 377.209513][ T8164] F2FS-fs (loop2): invalid crc value [ 377.244301][ T8164] F2FS-fs (loop2): Found nat_bits in checkpoint [ 377.306897][ T8164] F2FS-fs (loop2): Start checkpoint disabled! [ 377.329810][ T8164] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 379.070272][ T8184] ptrace attach of "./syz-executor exec"[5784] was attempted by " [ 380.449940][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 380.572738][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.681068][ T6546] kworker/u4:14: attempt to access beyond end of device [ 381.681068][ T6546] loop2: rw=1, sector=45096, nr_sectors = 8 limit=40427 [ 381.701782][ T11] kworker/u4:0: attempt to access beyond end of device [ 381.701782][ T11] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 382.642866][ T11] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 382.649936][ T11] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 382.694305][ T11] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 382.735018][ T11] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 385.145427][ T28] audit: type=1326 audit(1752572007.031:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.0.613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9caf12ab19 code=0x7ffc0000 [ 385.517204][ T28] audit: type=1326 audit(1752572007.031:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.0.613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 385.539965][ T28] audit: type=1326 audit(1752572007.031:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.0.613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9caf12ab19 code=0x7ffc0000 [ 385.566030][ T28] audit: type=1326 audit(1752572007.031:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.0.613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9caf12ab19 code=0x7ffc0000 [ 385.589046][ T28] audit: type=1326 audit(1752572007.031:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.0.613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 385.650621][ T28] audit: type=1326 audit(1752572007.051:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.0.613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 385.760596][ T28] audit: type=1326 audit(1752572007.051:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.0.613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 385.911182][ T28] audit: type=1326 audit(1752572007.051:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.0.613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9caf18e929 code=0x7ffc0000 [ 385.960635][ T28] audit: type=1326 audit(1752572007.051:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.0.613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9caf12ab19 code=0x7ffc0000 [ 386.062029][ T28] audit: type=1326 audit(1752572007.051:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.0.613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9caf12ab19 code=0x7ffc0000 [ 386.097956][ T8225] loop2: detected capacity change from 0 to 2048 [ 386.190856][ T8225] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 386.221460][ T8225] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 387.018310][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.164675][ T8240] loop2: detected capacity change from 0 to 512 [ 388.225276][ T8240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 388.251209][ T8240] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 389.328779][ T8240] 9pnet_fd: Insufficient options for proto=fd [ 389.447990][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.192283][ T8272] netlink: 292 bytes leftover after parsing attributes in process `syz.1.627'. [ 392.483775][ T8276] tipc: Started in network mode [ 392.688554][ T8276] tipc: Node identity 9ee365efa945, cluster identity 4711 [ 392.706532][ T8276] tipc: Enabled bearer , priority 0 [ 392.745055][ T8282] syzkaller0: entered promiscuous mode [ 393.686318][ T8282] syzkaller0: entered allmulticast mode [ 393.733566][ T8284] loop1: detected capacity change from 0 to 2048 [ 393.780275][ T8284] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 393.802730][ T8276] tipc: Resetting bearer [ 393.849045][ T8275] tipc: Resetting bearer [ 393.941669][ T8275] tipc: Disabling bearer [ 393.992572][ T55] tipc: Node number set to 933651951 [ 397.898703][ T8310] netlink: 104 bytes leftover after parsing attributes in process `syz.1.638'. [ 399.400098][ T8320] loop1: detected capacity change from 0 to 2048 [ 399.529258][ T8320] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 400.283144][ T8320] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 401.612607][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.825723][ T8354] loop0: detected capacity change from 0 to 2048 [ 403.888571][ T8358] netlink: 'syz.2.649': attribute type 1 has an invalid length. [ 403.901140][ T8354] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 406.212692][ T8358] 8021q: adding VLAN 0 to HW filter on device bond1 [ 406.569478][ T8367] bond1: (slave veth3): Enslaving as an active interface with a down link [ 406.658360][ T8369] vlan2: entered allmulticast mode [ 406.664336][ T8369] veth1: entered allmulticast mode [ 406.671542][ T8369] veth1: entered promiscuous mode [ 406.677134][ T8369] veth1: left promiscuous mode [ 406.695173][ T8369] bond1: (slave vlan2): making interface the new active one [ 406.704123][ T8369] veth1: entered promiscuous mode [ 406.711379][ T8369] vlan2: entered promiscuous mode [ 406.717680][ T8369] bond1: (slave vlan2): Enslaving as an active interface with an up link [ 413.738261][ T8420] loop0: detected capacity change from 0 to 2048 [ 413.828597][ T8420] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 413.873378][ T8420] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 414.809332][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 414.844320][ T8442] netlink: 'syz.3.674': attribute type 9 has an invalid length. [ 414.852085][ T8442] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.674'. [ 414.984000][ T8443] netlink: 'syz.3.674': attribute type 9 has an invalid length. [ 415.030648][ T8443] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.674'. [ 417.400336][ T8477] general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] PREEMPT SMP KASAN [ 417.412218][ T8477] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f] [ 417.420658][ T8477] CPU: 0 PID: 8477 Comm: syz.3.684 Not tainted 6.6.98-syzkaller #0 [ 417.428652][ T8477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 417.438749][ T8477] RIP: 0010:__list_del_entry_valid_or_report+0x23/0x130 [ 417.445743][ T8477] Code: 00 00 00 00 00 66 90 f3 0f 1e fa 41 57 41 56 41 54 53 48 89 fb 49 bc 00 00 00 00 00 fc ff df 48 83 c7 08 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 05 e8 d1 c8 b7 fd 4c 8b 7b 08 48 89 d8 48 c1 e8 [ 417.465386][ T8477] RSP: 0018:ffffc90004f36d48 EFLAGS: 00010202 [ 417.471471][ T8477] RAX: 000000000000000b RBX: 0000000000000050 RCX: 0000000000080000 [ 417.479450][ T8477] RDX: ffffc9000d20c000 RSI: 000000000000081d RDI: 0000000000000058 [ 417.487429][ T8477] RBP: dffffc0000000000 R08: ffff88801b66bc00 R09: 0000000000000002 [ 417.495411][ T8477] R10: 00000000ffffffff R11: 0000000000000002 R12: dffffc0000000000 [ 417.503395][ T8477] R13: dffffc0000000000 R14: 0000000000000050 R15: ffff88802d988000 [ 417.511381][ T8477] FS: 00007f0f407c56c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 417.520350][ T8477] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 417.526943][ T8477] CR2: 00007f40e500ad58 CR3: 000000003187a000 CR4: 00000000003506f0 [ 417.534928][ T8477] Call Trace: [ 417.538219][ T8477] [ 417.541167][ T8477] drr_qlen_notify+0x2c/0xf0 [ 417.545780][ T8477] qdisc_tree_reduce_backlog+0x28b/0x470 [ 417.551435][ T8477] ? qdisc_tree_reduce_backlog+0x3c/0x470 [ 417.557175][ T8477] fq_codel_change+0xa2d/0xde0 [ 417.561968][ T8477] ? fq_codel_destroy+0x90/0x90 [ 417.566835][ T8477] ? ____sys_sendmsg+0x5bf/0x950 [ 417.571799][ T8477] fq_codel_init+0x361/0x970 [ 417.576408][ T8477] ? lockdep_rtnl_is_held+0x26/0x30 [ 417.581627][ T8477] ? qdisc_peek_dequeued+0x200/0x200 [ 417.586930][ T8477] qdisc_create+0x8eb/0x1050 [ 417.591542][ T8477] ? qdisc_notify+0x370/0x370 [ 417.596239][ T8477] ? lockdep_rtnl_is_held+0x26/0x30 [ 417.601458][ T8477] ? qdisc_lookup+0x179/0x6d0 [ 417.606148][ T8477] tc_modify_qdisc+0xb13/0x1be0 [ 417.611020][ T8477] ? qdisc_offload_query_caps+0x150/0x150 [ 417.616757][ T8477] ? __mutex_lock+0x4e8/0xcc0 [ 417.621467][ T8477] ? qdisc_offload_query_caps+0x150/0x150 [ 417.627203][ T8477] rtnetlink_rcv_msg+0x7c7/0xf10 [ 417.632154][ T8477] ? rtnetlink_rcv_msg+0x1eb/0xf10 [ 417.637382][ T8477] ? rtnetlink_bind+0x80/0x80 [ 417.642065][ T8477] ? mark_lock+0x94/0x320 [ 417.646414][ T8477] ? __lock_acquire+0x1260/0x7c80 [ 417.651453][ T8477] ? __kernel_text_address+0xd/0x30 [ 417.656670][ T8477] ? mark_lock+0x94/0x320 [ 417.661011][ T8477] ? mark_lock+0x94/0x320 [ 417.665355][ T8477] ? __lock_acquire+0x1260/0x7c80 [ 417.670398][ T8477] ? kmalloc_reserve+0x95/0x260 [ 417.675295][ T8477] ? verify_lock_unused+0x140/0x140 [ 417.680526][ T8477] netlink_rcv_skb+0x216/0x480 [ 417.685372][ T8477] ? rtnetlink_bind+0x80/0x80 [ 417.690092][ T8477] ? netlink_ack+0x1110/0x1110 [ 417.694893][ T8477] ? __lock_acquire+0x7c80/0x7c80 [ 417.700048][ T8477] ? net_generic+0x1e/0x240 [ 417.704574][ T8477] ? netlink_deliver_tap+0x2e/0x1b0 [ 417.709799][ T8477] netlink_unicast+0x750/0x8c0 [ 417.714586][ T8477] netlink_sendmsg+0x8c1/0xbe0 [ 417.719375][ T8477] ? netlink_getsockopt+0x580/0x580 [ 417.724596][ T8477] ? aa_sock_msg_perm+0x94/0x150 [ 417.729549][ T8477] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 417.734856][ T8477] ? security_socket_sendmsg+0x80/0xa0 [ 417.740333][ T8477] ? netlink_getsockopt+0x580/0x580 [ 417.745552][ T8477] ____sys_sendmsg+0x5bf/0x950 [ 417.750337][ T8477] ? __asan_memset+0x22/0x40 [ 417.754950][ T8477] ? __sys_sendmsg_sock+0x30/0x30 [ 417.759980][ T8477] ? __import_iovec+0x5f2/0x860 [ 417.764846][ T8477] ? import_iovec+0x73/0xa0 [ 417.769359][ T8477] ___sys_sendmsg+0x220/0x290 [ 417.774048][ T8477] ? __sys_sendmsg+0x270/0x270 [ 417.778860][ T8477] __se_sys_sendmsg+0x1a5/0x270 [ 417.783724][ T8477] ? __x64_sys_sendmsg+0x80/0x80 [ 417.788676][ T8477] ? lockdep_hardirqs_on+0x98/0x150 [ 417.793886][ T8477] do_syscall_64+0x55/0xb0 [ 417.798321][ T8477] ? clear_bhb_loop+0x40/0x90 [ 417.803014][ T8477] ? clear_bhb_loop+0x40/0x90 [ 417.807707][ T8477] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 417.813612][ T8477] RIP: 0033:0x7f0f3f98e929 [ 417.818036][ T8477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.837653][ T8477] RSP: 002b:00007f0f407c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 417.846084][ T8477] RAX: ffffffffffffffda RBX: 00007f0f3fbb6080 RCX: 00007f0f3f98e929 [ 417.854169][ T8477] RDX: 0000000000000800 RSI: 0000200000000100 RDI: 0000000000000004 [ 417.862152][ T8477] RBP: 00007f0f3fa10b39 R08: 0000000000000000 R09: 0000000000000000 [ 417.870131][ T8477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.878117][ T8477] R13: 0000000000000000 R14: 00007f0f3fbb6080 R15: 00007ffdc19f9588 [ 417.886198][ T8477] [ 417.889238][ T8477] Modules linked in: [ 417.893350][ T8477] ---[ end trace 0000000000000000 ]--- [ 417.898842][ T8477] RIP: 0010:__list_del_entry_valid_or_report+0x23/0x130 [ 417.905867][ T8477] Code: 00 00 00 00 00 66 90 f3 0f 1e fa 41 57 41 56 41 54 53 48 89 fb 49 bc 00 00 00 00 00 fc ff df 48 83 c7 08 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 05 e8 d1 c8 b7 fd 4c 8b 7b 08 48 89 d8 48 c1 e8 [ 417.925539][ T8477] RSP: 0018:ffffc90004f36d48 EFLAGS: 00010202 [ 417.931678][ T8477] RAX: 000000000000000b RBX: 0000000000000050 RCX: 0000000000080000 [ 417.939682][ T8477] RDX: ffffc9000d20c000 RSI: 000000000000081d RDI: 0000000000000058 [ 417.947712][ T8477] RBP: dffffc0000000000 R08: ffff88801b66bc00 R09: 0000000000000002 [ 417.955744][ T8477] R10: 00000000ffffffff R11: 0000000000000002 R12: dffffc0000000000 [ 417.963769][ T8477] R13: dffffc0000000000 R14: 0000000000000050 R15: ffff88802d988000 [ 417.971799][ T8477] FS: 00007f0f407c56c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 417.980784][ T8477] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 417.987405][ T8477] CR2: 00007f40e500ad58 CR3: 000000003187a000 CR4: 00000000003506f0 [ 417.995454][ T8477] Kernel panic - not syncing: Fatal exception in interrupt [ 418.002942][ T8477] Kernel Offset: disabled [ 418.007275][ T8477] Rebooting in 86400 seconds..